Frank Leonhardt's Blog

FreeBSD ports build fails because of gfortran

I’ve been having some fun. I wanted to install the latest ported versions of Apache and PHP for test purposes, so set the thing compiling. There are a couple of gotchas!

First off, the current ports tree will throw errors on the Makefile due to invalid ‘t’ options and other fun things. That’s because make has been updated. In order to prevent you from using old “insecure” versions of FreeBSD, it’s considered “a good thing” to cause the build to break. I’m not kidding – it’s there in the bug reports.

You can get around this by extracting the new version of make for the 8.4 iso image (oldest updated version) – just copy it over the old one.

Some of the ports also require unzip, which you can build and install from its port in archivers.

Now we get to the fun part – because the current system uses CLANG but some of the ports disagree, when you go to build things like php5_extensions (I think the gd library in particular) it depends gcc, the GNU ‘C’ compiler, and other GNU tools – so it tries to build them. The preferred version appears to be 4.7, so off it goes. Until it goes crunch. On inspection it was attempting to build Fortran at the time. Fortran? It wasn’t obvious why it broke, but I doubted I or anyone else wanted stodgy old Fortran anyway, so why was it being built?

If you look in the config options you can choose whether or not you want Java. (No thanks). But in the Makefile it lists
LANGUAGES:= c,c++,objc,fortran
I’m guessing that’s Objective C in there – no thanks to that too. Unfortunately removing them from this assignment doesn’t solve the problem, but it helps. The next problem will come when, thanks to the new binary package system, it tries to make a tarball of the fortran stuff it never compiled. I haven’t found how this mechanism works, but if you create a couple of empty directories and a an empty file for the man page it’ll proceed oblivious. I haven’t noticed and adverse effects yet.

A final Pooh trap if you’re trying to build Apache 2.4, mod_php5 and php5-extensions is the Zen Thread-Safe options (ZTS). If you’re not consistent with these then Apache/mod_php will fail to load the extensions and print a warning in httpd-error.log. If you build www/mod_php5 you’ll see a warning like:

/!\ WARNING /!\ !!! If you have a threaded Apache, you must build lang/php5 with ZTS support to enable thread-safety in extensions !!!

Naturally, this was scary enough to make me stop the build “make config” to select the option. Unfortunately it’s also an option on lang/php5 and if you didn’t set it there then it’ll go crunch. Many, many thanks to Matthew Seaman from FreeBSD.org, who figured out what I’d done wrong.

27-August-1427-August-14

No-IP, no sales

No IP is my Dynamic DNS provider of choice. They provide a fuss free service if you need to assign a DNS entry to a dynamic address, and it’s also free of charge. What’s not to like?

If that’s not reason enough to support them, they had a bit of bullying from Microsoft lately, but are now back on-line. If I needed an external DNS provider, I reckon they deserve my business. So how curious that they don’t have a sales department? At least none that I’ve been able to contact. Out of desperation I emailed the webmaster (the most likely contact in their published list) and got an (automated) reply suggesting I raise a support ticket.

Needless to say, when I tried to raise a ticket it asked me a load of questions about the product I had. “Not applicable”.

If it turns to be too much hassle trying to buy a service from them, I’ll just have to peer with someone. Does anyone with BIND running in a DS that I’m not in want to do a swap on DNS replication? Why? 512K day, that’s why!

23-August-1427-August-14

Tesco really doesn’t like journalists

I just had a most interesting experience at Tesco in Watford. I went to take a picture with a mobile phone and was suddenly surrounded by burly security guards. Apparently it’s company policy that no one is to take pictures in Tesco, or even Tesco car parks. How odd!

Okay, it’s private property and they can make up whatever rules they like. If you need a shot of their pick and mix, you’ll need a long lens so you can stand on the road outside. But it begs the question, are they stark raving mad?

Luckily a manager turned up pronto (presumably someone pressed the panic alarm), and I persuaded her to send the security people away while she explained – in fact the outcome was very satisfactory from my perspective, and should I ever need to speak to a manager within 30 seconds again, I now have a sure-fire method.

As a long-time hack, I know what I’m about when it comes to taking pictures. Normally, when you’re taking photographs with a camera on a mobile phone, it’s pretty clear you’re not doing so for commercial reasons and it’s unusual for anyone to complain. Okay, if I had my big press camera with me, I’d certainly have asked permission to photograph/film. Or I’d have used a hidden camera. But it wasn’t like that – in fact I was shooting the contents of my shopping trolley as a record – obviously domestic use only, and I even mentioned to a member of staff nearby that I was getting a shot of that if he had no objections.

So can they do this? Well it’s not illegal. They can make up any rules they like about who can and who can’t enter their premises and if they want to ban people taking photographs, they can. They could get a court order and bar you from every Tesco store in the country. What they can’t do (if this happens to you) is make you delete any photographs you have already taken, and neither can they touch you or your camera – that’s common assault.

But why should it come to this? Surely Tesco doesn’t hate journalists? Actually, I doubt they even realised. But on asking around, they have form in this respect. Had of Patrick Collinson’s experiences I’d have been prepared, but he was writing in The Guardian when he was nabbed for noting down prices.

So is this a one store going bonkers (I’ve not had any bother at my local Tesco, although don’t often shop there these days)? I set out to find a security guard who’d talk, and it didn’t take long (but he’s not from Watford, in case anyone from Tesco is reading this!)

Apparently, the only photographs allowed are general ones of the exterior of the shop. If you’re audacious enough to snap something specific, like and advert, or one of their products, they’re instructions are to “ask you why, and ask you to stop”. Obviously the “why” is out of politeness. And if you’re inside the shop, forget it! You need special permission from the duty manager, sign-in and have to wear a visitor’s badge. Want to shoot some grocery or other and send it to your other half for approval? Not in Tesco, you don’t.

It gets worse! Should you try this and then refuse to stop, Tesco security is instructed to detain you, call the cops and try to have you charged under Blair’s masterpiece, the Prevention of Terrorism Act [2005]. [I think he may be confusing this with Regulation of Investigatory Power Act 2000]. Boggle! I asked if he thought someone was pulling his leg, but apparently Tesco reckons that people taking pictures may be doing so in order to choose locations for placing bombs. They had some bother in 2007 with bomb hoaxes, and therefore this policy is for “our” protection. Somehow, without photographs, it must be very difficult to leave a bomb behind. Doesn’t that make you feel safer?

Or perhaps they’re still smarting after that youtube video of the horseburger skit.

I’ve written to Tesco for a clarification of this, but they have so far declined to comment. I certainly can’t find anything to suggest this is a genuine policy in writing, and I don’t recall every seeing any “no photograph” signs up. But the my source was adamant. Perhaps it’s a myth. I hope so. One incident like this, or Patrick Collinson’s won’t damage their business much in itself, but every little helps.

31-July-1431-July-14

Windstream spammers

Poor old Windstream, or should that be Spamstream? Okay, perhaps not a laughing matter for them as stuff is coming from their outgoing mail cluster thick and fast, but we’ve just sent off a dozen samples and are awaiting a response. Pretty unremarkable, really, except they have an on-line help/chat facility and we just had to have a go…

Wendy: Hello, I am Wendy our Virtual Agent. I am here to help you with your support questions on High-Speed Internet, Digital TV and Home Phone.

You: We’re getting a lot of spam from a couple of your SMTP servers. Is there any reason why we shouldn’t blacklist all your IP addresses?

Wendy: I would be happy to help you set up your e-mail. Choose what you would like help with from the options below:
– Server and port settings for Windstream e-mail
– Detailed instructions to set up e-mail

Ho hum! Let’s help their abuse department is better than their on-line support service. And sorry guys, but you are spewing…

30-July-1431-July-14

Scammers ask for money for Ukrainian Government

We have intercepted a large number of spam e-mails sent from various compromised systems, pretending to be from the Ukrainian government and asking for donations to fight off those nasty Russian backed separatists. Having checked, there is a pretty good chance that the scammers are actually based in Russia. It’s unclear whether this is in fact the work of president Putin, but perhaps he is trying to collect extra cash before the sanctions come into effect.

We have yet to see any serious attempt at exploiting the situation in Gaza, which is something of a surprise. Most likely they’re not making it through the basic spam filters.

17-July-1420-July-14

Malaysian flight MH17 “shot down” over Ukraine?

Updated 17th July at 2320

Since writing this, I’ve been watching the superior BBC journalism on Newsnight where they had the sense to interview someone from Jane’s. Apparently the separatists do have Buk missile launchers in the area, which is surprising. Did the Russian government really provide such a dangerous weapon? And apparently (I didn’t know this) a single launcher can operate in autonomous mode using on-truck forward-facing radar. Basically a goon with no overall tactical view – watching a blip on the radar can decide to shoot down the blip. There are rumours that the US tracked such a missile. This is scary, and derails the following conjecture. I’ve kept it for historical interest.

I’ve just been listening to the BBC reporting that “someone” in the Ukraine has shot down a Malaysian airliner flying overhead at 35,000′. Okay, it’s possible, and the fact it’s crashed is certainly a tragedy, but are any of these hacks aware that this is a long way up?

There are basically three kinds of Surface to Air Missiles. Before blaming the separatists, you have to realise that the hand-portable types (MANPADS) you’d associate with rebels aren’t really any good at shooting down much apart from attack helicopters or slow things close to the ground. Basically, don’t bother if it’s more than 10,000′ up. It’s possible that they have Igla Russian systems, but they couldn’t have used them.

There are portable systems that can hit targets that high – such as the Russian Buk. These are big beasts, built in to a truck. The separatists may have got tanks from somewhere, possibly with a nod and a wink from the Russian military – but are they going to really going to let a bunch of rebels have a Buk (SA-24)? It’s not something you’re going to miss like an old tank.

Could the Ukrainian government have done it? I don’t know whether the Ukrainian military has such a system; it probably does. But again, it’s not the kind of thing you’d fire off by mistake. Shooting at high-altitude jets isn’t going to be an accident, and why would they do it in purpose? Did they think it was a Russian military aircraft? I think not, but if they did, there are some complete idiots with dangerous weapons out there.

That leaves the Russian government – did they order it shot down? The same applies – why would they do that deliberately, and if it was an accident, it beggars belief.

The BBC is talking about missiles, but it could have been shot down “old school” with a fighter. Are the Ukrainians or Russians really going to shoot down a Malaysian airliner filling the windscreen of their MiG? That’d be crazy.

So I’m taking all this “shot down” news with a pinch of salt. Perhaps it suffered a failure and crashed; perhaps it was an on-board terrorist or bomb.

I think the BBC thinks the separatists (whom they don’t like) dunnit with a Stinger.

14-July-1422-July-14

Air Conditioning at PMC of Pinner

Last spring I took my car to PMC of in Pinner to have the air condition serviced. They drained and refilled it and then noticed that the compressor wasn’t going around because the clutch had worn out (believable). It didn’t really need re-gassing. They decided that they couldn’t fix it unless I paid £600 for a new compressor, but that I should pay £80 for the re-gassing anyway.

Is this what you expect from a garage that calls itself an “Air Conditioning Specialist”? Well, yes, probably. I objected and said that if I paid the bill for their incompetent part-service it would be on the the basis that I’d also tell everyone I know what I though of them. Anyone with half a brain would have checked the compressor was turning before trying to cure the lack of performance by re-gassing. PMC decided to insist on payment, giving me the green to slag them off and see who’d listen.

Rather than actually slagging them off straight away, I took the car to a couple of real specialists (including the Volvo main agent), just to check my facts first, and by the time I’d confirmed the bad service I’d got better things to do than actively moan about them. Until now.

These idiots had the brass neck to send me a text message (without my permission) with a special offer on aircon servicing. I don’t think so, somehow!

10-July-14

Does freezing a broken hard disk help with data recovery?

The idea that freezing an unreadable hard disk could bring it back to life has been around for a long time. Ordinarily I’d say “No way, don’t do it”. If you’ve lost your hard disk the last thing you want to do is mess with it in any way. Take it to an expert; a real expert that is – not some shop on the high street with a sign up saying “Data recovery and virus removal”.

However, this story doesn’t go away. And there is a grain of truth in it. I remember some mid-1990’s drives did benefit from the freezer treatment – it shrunk the platters slightly and realigned the bearings. Or that was the theory. Anyway, it sometimes worked. Back then. However, luser forums are full of stories where people have used this technique on modern drives and claimed success.

On my desk at the moment I have a 160Gb SATA Maxtor, vintage 2002. And it wouldn’t read. This is partly because parts of the platter are now unreadable, and partly because the NTFS filing system is mangled. I know this kind of stuff. After a couple of days I reckon I’ve got all the blocks off it that it’s going to yield, but repeatedly retrying the bad sectors. Some read eventually, other’s don’t.

Now it’s an observable fact with dodgy platters on winchesters that they’ll sometimes, briefly, come good. It’s worth powering down the drive, letting it cool and trying again later. It’s even worth trying it at different angles. Having a few fans around it to keep it cool is a good idea anyway. Using these techniques I’ve recovered about 80% of the bad sectors, with about 2500 left that aren’t doing it. A good candidate for the freezer perhaps? Well, as a last resort – I’ve tried the drive at room temperature, working temperature (about 35C) – where’s the harm in trying it sub-zero?

I mus emphasise here – this is a last resort – 99.999% of the data is off it and it’s stuck a that. There’s nothing to lose.

So, in to an airtight box and into the freezer with it.

Did it work? No! In fact the whole drive ended up unreadable. I’d put that down to the condensation. If you want to knacker a drive without leaving marks, condensation on the platters is a good way to go.

Leaving it to get back to room temperature did result in it coming back to life, although I only got two more sectors back.

So why do all these people keep insisting it worked for them? Coincidence, I reckon. If they’d left the drive alone for 12 hours it might have started working anyway. They often do, even for a brief period. This drive had proved that some sectors were heat-sensitive; more could be read while it was still cool and the recovery rate dropped off when it was warm. If it didn’t help with this drive, I seriously doubt it would work on other candidates.

6-July-14

Getting Caller-ID with BT Inspiration or Pathway PABX

For years I’ve thought that caller-ID was broken on BT Inspiration switchboards (which are almost identical to BT Pathway, so this applies to both). More precisely, I assumed that BT’s Caller-ID signal was either not working on my POTS lines, or was not of a standard compatible with the Inspiration. It wouldn’t be the first one – note the nonsense with the default “Guarded Clear” mode, which isn’t actually implemented on any BT lines I’ve ever come across.

CLI on ISDN worked fine, incidentally. It was just an irritation that it didn’t on the POTS lines.

Well, it turns out that it does work just fine, except it’s called CDR, and for some reason, it’s not enabled by default! Technically, they’re right not to call it CLI, which technically, is the standard used on ISDN. However, in the real world the term is applied to caller ID on analogue lines too. As a user of the telephone, why should you care about such technicalities? But you do, and you will have to enable it separately, as CDR, for any lines you want it to work on. IN the menus go to System Programming/Lines/PSTN Programming/CDS Detection and turn it on. After which it just works.

In other places the terms Caller-ID and CLI are used interchangeably (for example, the CLI History refers doesn’t care whether it was ISDN/CLI or POTS/CDS). Don’t let common sense put you off.

Do also make sure that Caller-ID is enabled on the line – from BT dial *234#. Sometimes this is a “paid for” service, and has to be enabled. If you ask them nicely, because you’re being plagued by nuisance calls, they’ll enable it for free. I think it’s free if you renew your contract for 12 months too, but I have caught them starting off at no charge and then billing you for it later. Watch out.

3-July-14

No-IP back on-line

I’ve just had a note from No-IP that says that Microsoft has returned all twenty-tree of second level domains it had seized by court order. It’ll obviously take a while for DNS to propagate. I’ve been testing this periodically, and it’s been a right mess with the Microsoft DNS failing to return anything in many cases.

I actually use No-IP for a couple of non-critical purposes, but I don’t use the hostname under their second-level domain directly. Given recent events, others may wish to follow the same idea. It comes down to customer routers on domestic ISP lines, and how you get to them easily if they’re on a dynamic IP address.

Basically, the trick is to map yourname.no-ip.net to yourname.yourdomain.com using a CNAME in the zone file. You can then program to the router to register yourname.no-ip.net, but you refer to it as yourname.yourdomain.com. How does this help? Well when the problem happens you only have to mess with your zone file to make the changes. If you can find out the changeable dynamic IP you can set it as an A record directly. If (as was the case here) you needed to choose a new second-level domain from No-IP’s remaining stock, all you need to is change the zone file and the affected equipment. Anything else accessing it does so through yourname.yourdomain.com, and therefore can remain as-is.

It’s still a pain, and something for which Microsoft should probably pay (or their side of the story had better be spectacularly better than it has been thus far). But it’s somewhat less of a pain than if you’d programmed everything in your universe with the no-ip version.