tech log on gentoo, linux, and random stuff

Archive for the ‘/etc’ Category

restoring startx behavior after upgrading to xorg-server 1.16

leave a comment »

Arch Linux has been imposing an increasing maintenance toll as of late. Many of the changes now feel more like creating solutions so people have problems to work out.

Anyway, after upgrading to xorg-server 1.16, startx stops working, with error messages “cannot open virtual console” and “systemd-logind: failed to get session“. To restore old startx behavior, create a file “/etc/X11/Xwrapper.config” with content

allowed_users = anybody
needs_root_rights = yes

See the man page of “Xwrapper.config” for more information

Written by zsh

July 29, 2014 at 12:27 pm

Posted in /etc

Tagged with

stripping url output from bibtex

leave a comment »

The bibliographical information as supplied by journals usually includes a URL field, and bibtex styles like \bibliographystyle{apsrev} will export the URL field in the resulting .bbl file, very nagging to some of us. One way to get rid of these URL links is to use a customized .bst file, e.g.,

  1. locate apsrev to find where the apsrev.bst file is.
  2. cd to the directory, and invoke grep -v 'format.url output' apsrev.bst > your/manuscript/directory/apsrev-no-url.bst to create a no-url version of the bst file in your manuscript directory (or any other directory in the search path of bibtex).
  3. now, in your manuscript, replace \bibliographystyle{apsrev} with \bibliographystyle{apsrev-no-url}

Written by zsh

January 4, 2012 at 4:19 pm

Posted in /etc

Tagged with , , ,

pdf to gif conversion and optimization

leave a comment »

There have been several occasions that I need to generate some gif animations from a bunch of pdf plots (generated by gnuplot’s tikz terminal), so the following procedure merits documenting. Note that convert is part of ImageMagick, and gifsicle is a gif optimization tool.

  1. Converting pdfs to png:
    for f in *pdf; do convert -verbose -density 150x150 $f `basename $f .pdf`.png; done
  2. combining png to gif (and optimize):
    convert -verbose +dither -layers Optimize -colors 32 -delay 5 -loop 0 -dispose previous *png output.gif
    • if there are too many *png files, it’s probably better to divide and conquerer: assuming png files are frame_000 upto frame_139, then first:
      for i in `seq -f "%02g" 0 13`; do convert -verbose +dither -layer Optimize -delay 5 -loop 0 -dispose previous frame_${f}?.png frame_${f}.gif; done
      convert -verbose frame_??.gif all.gif
    • notice that I’ve dropped the -color 32, b/c in my case it actually increases the resulting file size.
  3. further optimization (YMMV) using gifsicle:
    gifsicle -O3 output.gif -o output_optimized.gif



p.s., a related operation is to combine say every 10th of the pdfs for closeup inspection:

pdfjam frame_??0.pdf --papersize '{12in,9in}' --outfile frames.pdf

pdfjam is a frontend to the latex package "pdfpages". The --papersize I used is the same as the one I had used in gnuplot when generating these plots (set term tikz size 12in,9in ...).

Written by zsh

September 14, 2011 at 12:06 am

armadillo, lapack, and intel’s MKL

with 2 comments

I normally use ruby/gsl for everyday numerics because it’s fast to code and extend, and semantically clear, plus you can do cool things like previewing energy spectrum from within irb by interfacing with the gnuplot module—normally you’d write to a tmp file, switch to gnuplot console, and plot it there.

The problem with rb/gsl is speed. The other day, my boss walked in and compiled his fortran code on my machine. It beat my ruby code hands-down—one would think gsl, being a C library, should be on par with lapack, but apparently it’s not, and it’s not (entirely) ruby’s fault since I rewrote the same stuff in C, using gsl, and it’s still about 4 times slower than my boss’s fortran code using lapack. (I guess partly it’s b/c gsl is using its own blas implementation).

So I want something faster but still with natural semantics—e.g., matrix multiplication should be A*B, not dgremm(...A...B...)—so C++ seems a reasonable place to look at. So far I find armadillo suits my needs quite well. It is a c++ linear algebra library interfacing with lapack/blas.

On gentoo, this is what one needs:

  1. If you have intel cpu, emerge sci-libs/mkl. This is a blas/lapack drop-in replacement from Intel. You need to go to intel’s website and register (free) for a non-commercial usage license. AMD has a similar library. Otherwise, just setup your blas/lapack of choice.
  2. use eselect blas/cblas/lapack list/set to choose mkl as the blas/lapack implementation to use.
  3. now emerge sci-libs/armadillo. It is important to install it after 1) and 2) b/c it will decide what library it’s linking against during compilation time

Now, #include <armadillo> in your cpp code, and use
g++ -O3 -larmadillo your_code.cpp -o your_exe
to compile. You don’t have to use -lblas -llapack as these are already taken care of by -larmadillo (which was done in 3 above, that’s why emerge order is important).

On a Mac OS X (my office workstation), the appropriate way to compile is instead:
g++ -O3 -framework Accelerate your_code.cpp -o your_exe
as per armadillo’s readme file.

I transcribed my ruby/gsl code into c++/armadillo, and on the Mac, it actually is 2 times faster than my boss’s fortran code—since both are using the same underlying blas/lapack implementation, I suppose there’s some unnecessary computation in the fortran code. At any rate, it seems safe to say the c++ overhead is not significant so I’ll happily settle for armadillo for the moment.

Written by zsh

March 31, 2011 at 11:41 pm

Posted in /etc, gentoo

Tagged with , , , ,

latex-beamer presentation on dual display (laptop + projector)

with 3 comments

The latex-beamer class supports a \note{} macro where one can add notes/slide descriptions that can be hidden from the audience.Combined with the \setbeameroption{show notes on secondscreen} option (and the pgfpages package), each page in the resulting pdf file has the presentation slide and the notes slide placed side by side. Then one can set up a dual-display environment—laptop + projector being the scenario I’m interested in—so that the presentation slide will show up on the projector while the notes slide is on the laptop. The restrictions here are

  1. the two displays better have the same resolution

    There is a way around this, described here, where essentially one sets up the projector to just reproduce part of the laptop screen, but I find the resulting image on the projector a bit too fuzzy.

  2. The pdf viewer must be able to span the two displays in its presentation mode. Surprisingly my day-to-day choice of lightweight viewer, evince, doesn’t support this—instead it just spans a single display in its full screen mode. (I’m using xrandr for dual-display setup. more on that later). Luckily acroread behaves in the desired manner (with some caveat. see below)

Here’s the script I use to add a projector to the right of my laptop screen (i.e., right edge of laptop screen identified with left edge of the projector screen):

xrandr --output LVDS1 --mode 1024x768 --primary
# force use 1024x768 mode of the projector
xrandr --output VGA1 --mode 1024x768 --right-of LVDS1 || (xrandr --addmode VGA1 1024x768 && xrandr --output VGA1 --mode 1024x768 --right-of LVDS1)

Three things to note:

  1. The reason why I put the projector on the right is because the window manager I use (awesome) automatically push all windows onto the left-most screen when a second screen is added, and you don’t want all your stuff to go up onto the projector–I’m sure there is a way to overcome this in awesome but I’m just too lazy.
  2. The --primary is also necessary, this tells xrandr to set the laptop screen (LVDS1) as the primary one. Why? Because when going into full screen mode, acroread aligns the top-left corner of your document to the top-left of the primary screen. If your projector ended up becoming the primary screen, your notes will be displayed on the projector instead of your slides (which is pushed outside the visible range).
  3. With the above layout, your beamer document should have notes frames placed on the left hand side, \setbeameroption{show notes on secondscreen=left}

For completeness, here is the script to shut off the projector output:

xrandr --output VGA1 --off
xrandr --output LVDS1 --auto

Written by zsh

March 18, 2011 at 12:51 am

TeX capacity exceeded

leave a comment »

After the discovery of gnuplot’s tikz term, I have been using it for most of the plots I send to my advisor. A very nagging problem though is that when the number of data points is big, pdflatex would complain about “TeX capacity exceeded, sorry [main memory size = xxxx]” and refuse to compile. Today it has just come to a point I can’t stand this any more, so I did some googling and found a solution. Now TeX is a very messy system with fmt, sty, cnf files all over the place, so be sure to backup anything you touch in case something goes wrong.

Here’s a web page from JadeTeX that pointed me in the right direction, http://jadetex.sourceforge.net/#index-div-d18e113. The following solution is based on this.

  1. make changes to texmf.cnf. You may want to use `locate texmf.cnf’ to find where it is. Then in it, change `main_memory’ from 3000000 to say 8000000
  2. now regenerate latex.fmt for plain latex, or pdflatex.fmt for pdflatex. E.g., to recompile pdflatex.fmt:
    1. find where “pdflatex.ini” is
    2. cd to that path, then invoke “pdflatex -ini -progname=pdflatex pdflatex.ini”
      Notice that this is different from what’s in the JadeTeX webpage. You need to invoke “pdflatex” instead of “tex”
    3. now find where the original “pdflatex.fmt” is, back it up, and copy the generated “pdflatex.fmt” to there
  3. to regenerate “latex.fmt”, use “latex -ini -progname=latex latex.ini


In gentoo, the proper way of fixing this once and for all is:

  1. Change the value of the corresponding field in file /etc/texmf/texmf.d/20sizes.cnf. This should persist through all future texliveupgrades.
  2. run texmf-update to regenerate the system-wide texmf.cnf
  3. run fmtutil-sys --all to regenerate the .fmt files


alternatively one can compile with lualatex, which doesn’t seem to have a size limit

Written by zsh

February 23, 2011 at 2:37 pm

sys-auth/pam_ssh and net-misc/keychain

with one comment

I’ve been using gentoo’s net-misc/keychain for a while now for password-less ssh. I followed gentoo doc’s recommendation and added to my ~/.zlogin the following lines:

keychain id_rsa id_rsa_nopass --quiet source ~/.keychain/$HOST-sh

The only beef I’m having with this setup is that after each reboot, I have to type in both my password (for login) and the keyphrase of my ssh identity file (b/c keychain), which is kind of repetitive, if you know what I mean ;)

So there’s a little “aha!” moment when I found pam_ssh in today’s updates on gentoo-portage. In fact, it’s as simple as adding ssh into the USE flags of sys-auth/pambase and emerge -1 pambase. No more repetitive password entries!

Written by zsh

July 27, 2009 at 10:40 pm

Posted in /etc, gentoo

Tagged with , ,

lafilefixer, kexec

with one comment

have been troubled by the missing libogg.la for a while (sox never builds). google ‘libogg.la, gentoo’ points to a heated discussion in bugs.gentoo.org of whether or .la files should be included — apparently somebody intentionally removed it in the libogg build. No Comment! but I guess someone else stated my opinion quite clearly: a broken build a week is the best way to piss off end users. Anyway in that same thread there’s a fix: just `emerge lafilefixer` and do `lafilefixer –justfixit`

now onto a different topic. I’ve included kexec in the past several kernel builds, but never looked into it. It’s actually quite easy to use. just `emerge kexec-tools`, mod `/etc/conf.d/kexec`, and `rc-update add kexec boot`. Now the `reboot` command will just reload the kernel image specified in the conf file without rebooting the physical machine. (clearly, removing the kexec service shall return you to a normal `cold’ reboot)

Written by zsh

July 25, 2009 at 11:37 am

Posted in /etc, gentoo

openvpn over ad-hoc wireless connection

leave a comment »

I have a spare zd1211rw usb WLAN dongle that I’d like to use to turn my desktop into some kind of AP, so that I can freely move around with my laptop. Sadly, the zd1211rw driver doesn’t support master mode, nor wpa over ad-hoc. My first thought is to encrypt the ad-hoc connection somehow through an ssh tunnel, but after fiddling around with dante (for `transparent socks proxy’) + ssh -D (socks5 proxy via ssh) combination for a while, I didn’t find the setup to be as transparent as I though it could be–e.g., socksify firefox doesn’t work quite well. It seems finally it’s time to dip my foot into the VPN pond.

The setup is quite straightforward though a little bit tedius. Following is exported from my installation journal in org-mode

openvpn over ad-hoc wireless

1 setup openvpn on desktop running Arch linux (as vpn server)

1.1 pacman -Sy openvpn


  1. example conf in /etc/openvpn/examples
  2. easy-rsa scripts in /usr/share/openvpn/easy-rsa

now follow openvpn howto

1.2 generate certificates & keys

  1. cp -r {/usr/share,/etc}/openvpn/easy-rsa/
  2. edit vars file
  3. (cd /etc/openvpn; . ./vars; ./clean-all; ./build-ca)
  4. ./build-key-server server
    i also used a challenging password
  5. ./build-key alfred
    where `alfred’ is the name of my laptop. i also used a
    different challenging password
  6. ./build-dh (Diffie-Hellman parameters)
  7. Summary of key files:

    Filename Needed By Purpose Secret
    ca.crt server + all clients Root CA certificate NO
    ca.key key signing machine only Root CA key YES
    dh{n}.pem server only Diffie Hellman parameters NO
    server.crt server only Server Certificate NO
    server.key server only Server Key YES
    alfred.crt “alfred” only “alfred” Certificate NO
    alfred.key “alfred” only “alfred” Key YES
  8. now cp key/{ca.crt,alfred*} /mnt/usbstick, to be transfered
    to alfred

1.3 configuring server

  1. cd /etc/openvpn
  2. cp examples/server.conf ./
  3. linking appropriate certificate files generated previously:
    for f in dh1024.pem ca.crt server.crt server.key; do ln -s easy-rsa/keys/$f ./$f; done
  4. edit server.conf file.

    server.conf with most comments stripped. Note that a verbatim
    DNS server address is used

    # address to listen to
    port 1194
    ;proto tcp
    proto udp
    # we are using routing instead of bridging. see the online howto
    ;dev tap
    dev tun
    # certificates and keys
    ca ca.crt
    cert server.crt
    key server.key  # This file should be kept secret
    dh dh1024.pem
    # flag this as a server
    ifconfig-pool-persist ipp.txt
    # not using bridging
    ;push "route"
    ;push "route"
    push "redirect-gateway local def1"
    push "dhcp-option DNS"
    ;push "dhcp-option WINS"
    # allow duplicate certificates
    keepalive 10 120
    # use tls for extra security
    ;tls-auth ta.key 0 # This file is secret
    ;cipher BF-CBC        # Blowfish (default)
    ;cipher AES-128-CBC   # AES
    ;cipher DES-EDE3-CBC  # Triple-DES
    max-clients 2
    # run unprivileged
    user nobody
    group nobody
    status openvpn-status.log
    ;log         openvpn.log
    ;log-append  openvpn.log
    # verbosity
    verb 3
    ;mute 20

1.4 running server

manually, cd /etc/openvpn; openvpn --config server.conf.

A script to run the server and set up appropriate NAT routing:

$OPENVPN --daemon --config $OVDIR/server.conf --cd $OVDIR

2 setup openvpn on laptop running Gentoo (as vpn client)

2.1 emerge openvpn

Note: enable the `examples’ USE flag to get vendor-provided
skeleton conf files (in /usr/share/doc/openvpn-*/examples/)

2.2 configuring client

cp the skeleton client.conf to /etc/openvpn/home.conf (home
being the profile name), mod it.


# flag this as client

;dev tap
dev tun

;proto tcp
proto udp

# vpn server's ip address
remote 1194
;remote my-server-2 1194

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server.  Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.

# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody

# Try to preserve some state across restarts.

# Wireless networks often produce a lot
# of duplicate packets.  Set this flag
# to silence duplicate packet warnings.

# certificates/keys
ca homekeys/ca.crt
cert homekeys/alfred.crt
key homekeys/alfred.key 

# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server".  This is an
# important precaution to protect against
# a potential attack discussed here:
#  http://openvpn.net/howto.html#mitm
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server".  The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server

# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1

# no compression

# Set log file verbosity.
verb 3

# Silence repeating messages
;mute 20

2.3 running client

gentoo’s openvpn package has an init script. Just ln -s /etc/init.d/openvpn{,.home}, (home being your profile name) and
rc-service start openvpn.home

3 networking

In the server-side runvpn script, NAT routing has already been set
up. Note that ip-forwarding must be enabled (manually by echo "1" > /proc/sys/net/ip_forward or through sysctl: sysctl -w net/ipv4/ip_forward=1)

At the client side, after bringing up the vpn client, I still have
to route add default gw where is the p2p end
of tun0. It’s possible that this can be pushed by the server but I’m
tired of reading the openvpn manual, so this is done in a script
runvpn on my laptop (not to be confused with the script on the
server side bearing the same name). The script is setup to also ssh
to the server on its WLAN address and start up the vpn server.

ssh home sudo bin/runvpn
sudo rc-service openvpn.home restart
sleep 10
TUN=`sudo /sbin/ifconfig tun0 | sed -n 's/.*P-t-P:\([^ ]\+\).*/\1/p'`
sudo route add default gw $TUN

4 real-world operation

  1. plug in the USB WLAN card on the desktop. With the following
    /etc/udev/rules.d/10-zd1211.rules and ~/bin/adhoc, the card
    is automatically set in ad-hoc mode and assigned

  2. on the laptop, run adhoc && sleep 5 && runvpn. the sleep 5 is
    to allow some time for the WLAN to be fully associated to an
    ad-hoc cell

    10-zd1211.rules (on server)

    ACTION=="add", ATTR{manufacturer}=="ZyDAS", ATTR{product}=="USB2.0 WLAN", SYSFS{idVendor}=="0ace", SYSFS{idProduct}=="1215", SYMLINK+="net/wireless-usb-zd1211", RUN+="/hoard/home/bin/zd-inserted"

    ~/bin/adhoc (on server)

    # ref: http://forums.gentoo.org/viewtopic-t-274790-highlight-adhoc+wireless.html
    /sbin/rmmod zd1211rw && /sbin/modprobe zd1211rw
    # need to set abs. path for script to work when called by e.g. udev
    IFCONFIG=/sbin/ifconfig && \
    IWCONFIG=/usr/sbin/iwconfig && \
    $IFCONFIG wlan0 down && \
    $IWCONFIG wlan0 mode ad-hoc && \
    $IWCONFIG wlan0 essid soc channel 1 && \
    $IFCONFIG wlan0 && \
    $IWCONFIG wlan0 txpower 14dbm

    ~/bin/adhoc (on client)

    IFCONFIG="sudo /sbin/ifconfig"
    IWCONFIG="sudo /sbin/iwconfig"
    $IFCONFIG wlan0 down && \
    $IWCONFIG wlan0 mode ad-hoc && \
    $IFCONFIG wlan0 && \
    $IWCONFIG wlan0 essid soc channel 1 txpower 10dbm

HTML generated by org-mode 6.27a in emacs 23

Written by zsh

June 28, 2009 at 3:40 am

Posted in /etc, /usr/local/bin

Tagged with , , ,

awesome 3.2 battery monitoring widget

leave a comment »

Lua code to monitor battery status through thinkpad’s smapi. It generates, e.g., [-] 02:15 (86%) if the battery is 86% full, discharging and has an estimated remaining time of 2 hours 15 mins, [+] 00:30 (50%) if it’s expected to be fully charged in 30 mins, etc. Also, use 100:green:50:yellow:20:red bg color setup. Use with e.g. a textbox widget.

function read_file (path, ...)
   -- read a text file and return its content
   -- ... can be, e.g., "*n" for a number or "*a" for all, etc.
   local f = io.open(path)
   local result = f:read(...)
   return result
function format_time(num)
   local h,m = math.floor(num/60),num%60
   return string.format("%02d:%02d", h,m)

function battery_status (bat)
   -- bat should be, e.g., BAT0
   local path = "/sys/devices/platform/smapi/"

   if read_file(path .. bat .. "/installed") == "0" then
      -- battery not installed
      return "[N/A]"

   local percent = tonumber(read_file(path .. bat .. "/remaining_percent"))
   local state = read_file(path .. bat .. "/state")
   local msg
   if state == "charging" then
      msg = "[+] " .. format_time(
	 read_file(path .. bat .. "/remaining_charging_time"))
   elseif state == "discharging" then
      msg = "[-] " .. format_time(
	 read_file(path .. bat .. "/remaining_running_time"))
   elseif state == "idle" then
      msg = "[ ]"
      msg = "*" .. state .. "* "

   local pre,post
   if percent > 50 then
      pre,post = '<span font="mono" bgcolor="green" color="black">', '</span>'
   elseif percent > 20 then
      pre,post = '<span font="mono" bgcolor="yellow" color="black">','</span>'
      pre,post = '<span font="mono" bgcolor="red" color="yellow">','</span>'
   return pre .. msg .. " (" .. percent .. "%)" .. post
-- print(battery_status("BAT0"))

Written by zsh

May 5, 2009 at 5:47 pm

Posted in /etc, /usr/local/bin

Tagged with , , ,