This morning for the first time since Tuesday I woke up without my eyes feeling like they were full of grit. Even when they did over the past few days the myriad bottles of eyedrops helped. I felt physically tired all last week, though, so I’m hoping that will improve as well.
As my man friday so insightfully points out, today is Wednesday, the day by which I promised to debrief my loyal readers should I have survived unscathed my date with destiny.
I have.
The operation itself was mostly painless. They stick a suction cup in your eye to hold it in place while the laser cuts open your cornea. The surgeon kept telling me to relax and look at the microscope while this was going on but my eye, quite involuntarily, wanted to blink and spasm when this happened. So he’s saying "relax, don’t blink" and I’m thinking "I’m not doing it deliberately" a few times over. No doubt they are used to the routine by now.
I could feel the laser cutting through but with the anaesthetic it wasn’t painful. More irritating, like being poked with a blunt stick. After that I felt nothing for the actual correction procedure. And saw very little. At first I thought that cutting open the cornea had perhaps blocked light from entering the eye at all as I literally couldn’t see anything but blackness. This was just the drops forcing my lids closed. When the nurse yanked them open for the second part of the procedure I could see well enough.
My vision was blurry afterwards but even walking (slowly) home the world around me just felt like it might be clearer if I hadn’t had a concoction of eyedrops floating around. As instructed I went straight to bed with my goggles on but I couldn’t sleep. An hour or so later I started to experience a fairly painful sensation in my eyes, as though I had been drinking all night and started rubbing my eyes with sandpaper. I’d been told to expect this and eventually it passed. My eyes were still very sensitive to light, though, and I wore my shades for the rest of the evening with all the lights off and Rebecca banished to the bedroom to study.
The biggest problem was boredom. I couldn’t watch TV. Of course I couldn’t read or go on the Wii. I tried going out for a walk but even with the shades on and keeping to the streets with the fewest lights it was still too bright so I decided to come home.
Finally I did sleep and I woke yesterday morning feeling very tired. My eyes felt very dry and it was a relief to apply some drops to them. Even then there were sensitive to light. I wore the shades most of the day, shedding them at last in the evening when this time I was able to venture outside.
It was a similar story today. A dry and unpleasant sensation in the morning which was relieved with the application of the drops. I walked to work with the shades safely tucked in my pocket and I was able to work although when six o’clock came round I was glad to be able to look away from the screen and head home. My pupils are still dilated but nowhere near as sensitive to light as over the past two days. The recovery is proceeding nicely, thank you very much.
I’m booked in for LASIK surgery tomorrow to correct my vision. This prompted Andy, the office joker, to crack wise throughout the week, calling me a variety of playground names such as Speccy and Four Eyes. This was on the basis that he only had six days left to do so. Of course neither he nor anyone else had felt the need to make such comments up until now but the old saying goes that you don’t know what you’ve got till it’s gone.
Needless to say it’s all in good humour and in fact Andy wears glasses himself. For now. He too is planning on having the treatment in the near future.
Assuming everything goes well I will be able to report on the procedure next week. If you don’t hear from me by Wednesday you are free to assume that it went horribly wrong, that I am now quite blind and this will have been my final journal entry.
I bought a QNAP TS-209 Pro NAS in the hope of reducing the load on my fileserver a little bit. The TS-209 comes with a bunch of features (though I won’t use many of these) including, notably, NFS and CIFS support. Sadly, the latter was the one thing which didn’t work perfectly first time, as everything else on this very nice little unit did. I was given the option of participating in a Windows Workgroup or joining an Active Directory domain but there was no option to do an RPC join. This is a problem as my domain controller is the aforementioned fileserver.
Not to worry, though. One of my reasons for buying this particular unit was that it is an embedded Linux system with SSH access. Let’s have a look inside.
[~] # find /etc -name smb.conf
/etc/smb.conf
/etc/default_config/smb.conf
So if I edit the smb.conf and configure the domain I should be able to join it.
[~] # net join
-sh: net: command not found
Ah. Where’s Samba?
[~] # ps waux | grep smbd
1020 admin 2920 S /usr/local/samba/sbin/smbd -D
Let’s try this then.
[~] # /usr/local/samba/bin/net join
Joined domain CAMBRIDGE.
Great! But there’s one problem. Without knowledge of my LDAP accounts the QNAP won’t be able to assign consistent UIDs to Samba connections and there’s no nss_ldap installed. Let’s poke some more.
Although the guts of the TS-209 comprise an embedded distribution, the device ships with a basic install of Debian Etch on /share/MD0_DATA/etch. If we chroot into it we should be able to install the LDAP libraries.
[~] # chroot /share/MD0_DATA/etch
[~] # apt-get update
...
[~] # apt-get install libnss-ldap
Unfortunately the C libraries used by the Etch install and the embedded OS outside the chroot don’t match so I couldn’t just use the new libnss_ldap.so.2. So how about I disable Samba from the QNAP web interface and apt-get Samba inside the chroot?
There’s one more hurdle. The QNAP puts shares you create under /share/MD0_DATA which is outside the chroot. A bind mount fixes this.
[~] # mkdir -p /share/MD0_DATA/export/home
[~] # mount -o bind /share/MD0_DATA/home /share/MD0_DATA/export/home
Samba inside the chroot can be configured to share out /export/home.
This is all very well except Samba won’t start on reboot because the Etch init scripts won’t be run. Some investigation revealed that the QNAP runs two sets of startup scripts stored inside the chroot.
Scripts in /share/MD0_DATA/etch/ext/extchroot-bin are run outside the chroot.
Scripts in /share/MD0_DATA/etch/ext/bin are then run inside the chroot.
So the solution is very simple.
/share/MD0_DATA/etch/ext/extchroot-bin/S00-export.sh:
#!/bin/sh
DATA=/share/MD0_DATA
EXPORT=$DATA/etch/export
for share in home files smb; do
mkdir -p $EXPORT/$share
mount -o bind $DATA/$share $EXPORT/$share
done
/share/MD0_DATA/etch/ext/bin/020-services.sh:
#!/bin/sh
/etc/init.d/samba start
I had the Leopard automounter more or less working happily but there was one setback. A combination of Finder’s and Office’s braindead behaviour was triggering many many automount lookups which showed in the LDAP logs:
filter="(&(|(objectClass=automount))(|(automountKey=.DS_Store)))"
filter="(&(|(objectClass=automount))(|(automountKey=.hidden)))"
filter="(&(|(objectClass=automount))(|(automountKey=\2A)))"
filter="(&(|(objectClass=automount))(|(automountKey=\2A)))"
This was because the Mac wanted to see what was under /home, on which home directories were automounted. It would be annoying if all it did was fill my LDAP logs with this spam. When the automounter causes Rebecca’s machine to kernel panic once every few days, it gets extremely tiresome.
My response to this was to change the automount rules so that /home was managed by auto_static instead of auto_home.
dn: automountKey=/home,automountMapName=auto_static,ou=mounts,dc=iain,dc=cx
objectClass: top
objectClass: automount
automountKey: /home
automountInformation: -fstype=nfs,tcp,rw,intr files:/home
On the Linux clients this worked. The Macs, however, were having none of it. With this setup /home was completely inaccessible. All attempts to look at the directory, even ls -ld failed with Permission Denied. The solution is to comment out the /home line in /etc/auto_master.
As a poster in the above thread puts it, sigh.
As 2007 enters the final straight it’s time to
look back on the year in which I had three employers, two homes and only one flight.
You may recall my terrible trinity of problems.
My Windows roaming profile won’t sync when I log out.
Windows tells me my password has expired (which it hasn’t) when I log in.
I can’t mount a Windows share from a UNIX machine when the Windows server is part of a domain. I can mount a non-domain Windows share, I can mount a Samba share and I can connect to a domain share with smbclient but not with mount.cifs, smbmount or mount_smbfs.
Problem 1 was fixed a while ago. Problem 2 is still a thorn in my side but problem 3 has now gone away.
I decided I’d have yet another look on Google for details of the problem. I got halfway through typing in my search query when I realised I couldn’t remember the error code mount.cifs gave when failing to mount a Windows machine. So I tried to mount from my Linux box.
And it worked.
Then I tried from my iMac. It worked again.
I have no idea why but it works. Maybe Microsoft patched something with a recent Windows fix. Maybe the Samba team patched something in Samba 3.0.28, to which I upgraded only yesterday. Maybe it was Solar flares.
Whatever the reason, I’m happy.
For now.
I finally got round to trying the iCal server again. Previously it was complaining that no virtual host could be found for iCal service. The solution is to create a Computer record in OpenDirectory whose name is the iCal server’s hostname followed by a dollar. For example ical$. It then all magically works despite there being nothing to do with iCal, virtual hosts or anything remotely resembling the error message in this new record.
And where have we seen hostnames followed by dollar signs before?
That’s right. Samba machine accounts.
And what attributes does Directory Utility.app allow us to map for Computer records?
Samba attributes.
Further research could prove interesting.
Oh and by the way the calendar still doesn’t work for reasons I’ll describe once I’ve fixed it.
Fedora 8, which I’d installed on my new Mac Mini, ships with Pulse Audio, a network sound system which uses ALSA at the business end and which runs as a drop-in replacement for ESounD.
Unfortunately in true Fedora tradition the initial implementation is somewhat broken. There are no manpages. There’s no init script to launch the sound server as a system-wide service. Non-root users (and if you do enable the system service manually it runs as a non-root user) can’t actually access the hardware because the /dev entries have root-only permissions. And some of the configuration tools aren’t installed by default, though the word on the street is that this has been fixed.
Eventually I managed to get it working.
Running the sound server as a system-wide daemon, which I wanted to do, requires that the user pulse be able to write to /dev/snd/*, /dev/dsp and /dev/mixer. I gave up on a Fedora-approved way and put lines in /etc/rc.d/rc.local to make these 660 and owned by root with group pulse.
The sound daemon won’t allow connections from the local host (and hence won’t be much use) unless you change these lines in /etc/pulse/default.pa. The bits to add are in italics.
### Load several protocols
load-module module-esound-protocol-unix auth-anonymous=1
load-module module-native-protocol-unix auth-anonymous=1
You can have one sound server for the whole network. This is splendid for me as I can have my virtual machines and audio-less servers using it if necessary. But by default network access is denied. Once again /etc/pulse/default.pa is the file to change.
### Network access (may be configured with paprefs, so leave this commented
### here if you plan to use paprefs)
load-module module-esound-protocol-tcp auth-ip-acl=192.168.1.0/24
load-module module-native-protocol-tcp auth-ip-acl=192.168.1.0/24
#load-module module-zeroconf-publish
The heavy lifting is done by ALSA. Fedora has nice hardware autodetection and everything Just Worked for me since my Mac Mini’s soundcard was recognised by the HAL module. One thing I did have to do was unmute everything using:
# alsaunmute
And then save the settings with:
# alsactl store
Most people probably wouldn’t have to do anything here.
With no init script (tsk tsk, Red Hat), I had to slap a line into /etc/rc.d/rc.local to start the server on a system-wide basis. It seems Red Hat want users to start the server on-demand. That isn’t what I want at all.
pulseaudio -D --system
The daemon complained that the user pulse didn’t have /var/run/pulse as its home directory, so I changed that. I also commented out the line trying to load module-x11-publish in default.pa as the server refused to start without an X11 display. YMMV.
On other Pulse Audio-aware systems you simply need to edit /etc/pulse/client.conf to reference the sound-playing machine.
default-server = macmini
My Fedora 7 virtual machines don’t have Pulse Audio as Fedora 7 has ESounD. To get things working I had to:
# rpm -e esound
# yum install alsa-plugins-pulseaudio
# yum install pulseaudio-esound-compat
# yum install puleaudio-utils
With the client configuration mentioned above I was then able to play sounds through the Mac Mini from a virtual machine.
Powered by WordPress
