Tuesday, July 12, 2011

Colour network laser printing with the HP CP1025nw in Fedora 15

First, just a quick announcement. I will be expanding the focus of this blog to include personal reflections from my daily life and interactions with others. I think it would be healthier for my personal development to have a chance to organize thoughts and to have a conversation with others about it. Don't worry, I'll still keep linking to pictures of food.

Recently, I purchased two laser printers for my family to replace the costly (and ever-thirsty) inkjet printers we were using. The particular model I purchased was the HP CP1025nw, a colour laser printer with a 1000 page yield and network printing. 

Aside:
For those of my friends still using inkjet printers, I highly recommend switching to laser. Colour laser printers can be had for as little as $130 these days. While they are more expensive than inkjet printers at first, the laser will print about 10 times as many pages between refills, and the toner will not dry out over time. High quality refills can also be found for very little.

When I first installed the printer in Fedora 15, the printer configuration wizard could not find the driver for this specific printer. I searched and there were two solutions which I came across.
  • hp-setup from the hplip package from the updates repo
  • the foo2zjs package from source
The foo2zjs solution, while requiring a out-of-repo compile and install, turned out to give a better print quality than the hplip solution. Here are the results of each:


You can see that the hplip print uses so much toner that the images shine. The texture of the prints noticeably change, and the words seem to have shadows behind them. It's using too much toner for everyday printing and, frankly, it looks a bit ridiculous. Luckily, the foo2zjs solution is much more reasonable with regards to toner use. There was some funny business with the letters, but only on that one line for unknown reason. The problem hasn't show up in regular printing.

I'm going to write about the instructions for installing foo2zjs on Fedora 15 today. These instructions are modified from the foo2zjs project site.

First, you need to download the foo2zjs package. Although the package is available in the rpmfusion repos, the firmware for the CP1025nw is not included. It does not appear that the firmware can be installed after compile time.
$ wget -O foo2zjs.tar.gz http://foo2zjs.rkkda.com/foo2zjs.tar.gz
Next, unpack it.
$ tar xvf foo2zjs.tar.gz; cd foo2zjs
 Afterwards, compile and then install the printer-specific firmware.
$ make
$ ./getweb 1025    #get firmware for the CP1025nw

Now, install the driver and restart cups.
$ sudo make install; sudo make cups
Now, you can start the regular printer install wizard and the CP1025nw should appear in your printer list.

Enjoy!
 
 
 
 
 



Sunday, May 15, 2011

A page from my obscure hardware book: Infiniband on Ubuntu

A while back, I was tasked with setting a lab's new infiniband mesh on Ubuntu.

For those unfamiliar with infiniband, it is a high-end (read: expensive) networking interface which provides insane throughput with really low latency. Our particular implementation did 40gbps with microsecond latency in 2010. I'll give you a moment to pick your jaw up off the floor now. Finished? Ok, lets continue.

Infiniband has an open source friendly consortium backing its development so you would think it should be easy to set up right? Not so unfortunately. If you've stumbled on this page from a google search, chances are you already know what I'm talking about. The hardware drivers are provided as kernel modules sources, which must be compiled for each new version of the kernel.

Alarm bells should be going off in your head at this moment. The amount of work required to maintain the system just went up by an order of magnitude. There isn't a DKMS implementation of this available.

Since you're already reeling from the implications of the time lost maintaining this anyway, I've got more bad news for you Ubuntu users. The packages in question are only provided as RPMs. Ubuntu/Debian are not among the officially supported distributions. (Here's something to console you.)

Back in 2010 we were using the Ubuntu 10.04 Lynx LTS release, so our kernel version was 2.6.32. The corresponding OFED driver release to use is 1.5.1. After unpacking that, you need to unpack the individual srpms. There are about 15 srpms in this folder, which each contain their own tarball. Since you've already lost enough time to the future cost of maintaining this beast, we can get bash to unpack things for you.
cd OFED-1.5.1/SRPMS
for i in *.rpm; do rpm -i $i --force-debian; done
cd~/rpmbuild/SOURCES
for i in *.tar.gz; do tar -zxvf $i; done
for i in *.tar.bz2; do tar -jxvf $i; done
Thankfully, there are a few of the OFED components maintained in the Ubuntu 10.04 repos. Here are the packages you would install to get them.
apt-get install libipathverbs1 libcxgb3-1 librdmacm1 libibverbs1 libmthca1 libopenmpi-dev libopenmpi1.3 openmpi-bin openmpi-common openmpi-doc libmlx4-1 rdmacm-utils ibverbs-utils build-essential byacc bison flex
After installing these packages, there are only a few more packages which need to be compiled from source. These are libibcm, libibumad, libibmad, opensm, and infiniband-diags. I've included the bash commands here for your convenience.
cd libibcm*
./configure && make && make install
cd libibumad*
./configure && make && make install
cd libibmad*
./configure && make && make install
cd opensm*
./configure && make && make install
cd infiniband-diags*
./configure && make && make install
Wrapping it all up with an `ldconfig` means you've installed all the necessary components.

Since this package was originally intended for RHEL, there are some changes you need to make to the scripts in the infiniband-diags package.
cd /usr/local/sbin/
sed -i 's/\/bin\/sh/\/bin\/bash/g' *
If your regular expressions are rusty, this command just replaces the #!/bin/sh call with #!/bin/bash.

Finally, to get the hardware itself running, you will need to load some kernel modules. Depending on which hardware you run, you will need to make some changes to this list. Use modprobe to load things first, and then commit the necessary list to /etc/modules.

The following is the list of modules I used for ip over infiniband (ipoib) on a Mellanox ConnectX adapter.
ib_ipoib
ib_addr
ib_mad
ib_sa
ib_cm
ib_uverbs
ib_ucm
ib_umad
mlx4_ib
It is likely that you will need to replace mlx4_ib with another kernel module if you are not using recent Mellanox adapters.

The final step is to configure the infiniband interface itself. In /etc/network/interfaces, add
auto ib0
iface ib0 inet static
       pre-up opensm -B
       address 10.x.x.x        

       netmask 255.255.255.0
It is important to include the 'pre-up opensm -B' line because infiniband requires a mesh manager. Don't worry if every interface has this line. Only the first infiniband adapter to connect to the mesh will start the opensm mesh manager. Every subsequent adapter will shutdown opensm once it detects an existing opensm instance.

That's it. Have fun with your infiniband mesh!

Attribution: When I was originally in the horrifying position of setting up infiniband hardware from scratch, I used the lucubration blog as my guide. A lot of these instructions are derived from there.

Tuesday, May 10, 2011

Adding sticky notes to the GNOME desktop

I recently wanted to write myself a reminder on a post-it, but couldn't find any on my desk.

I figured there would be some options available in the Fedora repos, so I decided to take a shot in the dark.


# yum search notepad
...
 ======= Matched: notepad =======
xpad.i686 : Sticky notepad for GTK+2
...

Thirty seconds later, I was rocking a very slick notepad on my desktop. After adjusting to disable the window decorations (right click) and finding a suitable font, this is what I got.





This here is why I'm head over heels in love with Linux. Coincidentally (and in keeping with the traditions of this blog), I also love gnocchi.

Friday, May 6, 2011

First Post!

Hello and welcome to my personal blog! I'd like to say that I'll update at least once a week, but I would like to keep my posts interesting to read, so my pace could be erratic to start. My first post was originally about a workaround I found for truncated RSS feeds, but I decided to write on a topic I was more familiar about instead, fresh Windows installations.

This post was inspired by a netbook I re-installed for a friend. While I would consider myself a diehard Linux fan, I realize that most of the people around me still use Windows. More to the point, I get requests from friends and family using windows about fixing their computers. Given the tendency for all Windows machines to become festering hives of spyware and viruses, I get these requests incessantly. Kidding aside, given the number of times I've gone through this, I have actually honed a specific procedure for reinstalling Windows.

If you're reading this, then you (or someone you owe a favour to) probably installed the wrong file. It's my hope that this post will help you reinstall your system (and keep you entertained in the process).

First, know that there isn't a sure-fire method to save a system once it has been compromised by malware. More sophisticated programs will rewrite standard diagnostic tools or use undocumented OS API calls to escape detection. I've often found it more productive to demolish and rebuild.

Naturally, the first step before proceeding with nuking is to backup data.

Backing it all* up
(*except the viruses)

Before saving information to an external source, it's important to make sure that the external storage itself won't get infected. Some types of malware will happily write an autorun virus to your external storage if you are unfortunate enough to insert a usb storage device into an infected machine. The key to working around this is to start another environment which is malware free to copy your files over. Being a linux user, my favourite method is to use a Linux LiveUSB key (surprise). Setting one up (from a clean machine!) can be done using the Fedora liveUSB creator. Once you've created the liveUSB key, you can boot into Linux and copy the data over to the backup device. Another option to copy files would be to move the hard drive of the infected machine into an external enclosure and then copy over the files from a clean machine.

Regardless of how you choose to do this, you're not scot free yet.

There's a possibility the files you backed up were infected as well. However, these viruses won't infect your computer until you attempt to open them. We'll take care of this later. Just don't use the storage device for anything else, unless the idea of reinstalling a second computer sounds appealing to you.

Demolishing

You'll need to wipe and reinstall the operating system at this point. All Windows installers I am familiar with will allow you to delete and recreate partitions. Delete all the old partitions and recreate a new one to install Windows on. If circumstances allow, it would be best to install Windows 7 over XP. The multi-user environment is much improved, as well are some security features. It will also be supported for the next few years to come.

Word(s) of warning
While we're on the topic of reinstalling windows, I cannot stress enough the importance of using trusted software sources. Don't download a cracked version off a sharing site. I have yet to come across a cracked version of a program which I have been able to fully trust. My reasoning is simple: There's very little incentive for someone to invest the effort and incur the risk of cracking software, while there is much more incentive for the same cracker to install malware which steals your credit card number or enrols your computer into a russian botnet. If cost is an issue, Microsoft offers multiple free MSDNAA licenses to university students in Math, Engineering, and Science. During my undergrad, I had more licenses than I knew what to do with.

Finally, the same advice applies to other software as well. Always download software directly from the author (or company's) website. If a SHA1 or MD5 hash is provided, give it a check over.
Once the new OS is installed, we can continue on to the next step of installing updates and drivers.

Rebuilding

First, you'll want to take the proper precautions to prevent new infections while you're setting things back up. Your new brand new installation of Windows will be missing the latests security updates and consequently will be more vulnerable than a slice of chocolate cake when I'm nearby. Make sure you are behind a good firewall (i.e. router) and have no other computers on your network are compromised (temporarily disconnect them if you are not sure).

At this point, fix any missing driver issues you have by downloading the latests drivers from their website or from Microsoft Update. You can now proceed to install security updates as well. When everything is updated and all the drivers are installed, you can proceed to set up your standard software toolchain.

Toolchain installation

Everyone has their own preferences, but some software choices make more sense than others. I've chosen my software toolchain according to the following criteria.
  • Resource requirements
  • Trustworthiness
  • Must be free (cost and also free of advertising/spam)
  • Must be (relatively) easy to use
Here is my standard toolchain of programs to install.

  • Firefox + Adblock Plus
    • There's a lot of 'registry cleaners' and 'antivirus' malware waiting for unsuspecting relatives to install. They're advertised using traditional ad networks. It's easier just to ignore all of it. Plus webpages turn out cleaner.
  • Chrome - if its a netbook
    • Better for limited real estate screens.
  • Adobe Reader X
    • Includes a sandbox to prevent PDF exploits from wrecking your system. 
  • Adobe Flash
    • Can't get work done without it.
  • 7zip
    • Open source archive manager. Takes care of .zip, .rar and .7z formats. Doesn't nag you either.
  • WinCDEmu
    • Open Source Virtual ISO mounter. Useful when you find yourself in possession of ISOs but don't want to waste a CD-R or DVD-R.
  • InfraRecorder
    • Open Source CD/DVD burner. Much less of a resource hog than commercial alternatives available.
  • VLC Player
    • Open Source video player that handles almost every codec under the sun. Very good and has lots of great features (like recording webstreams).
 The final piece of software to install would be the anti-virus software. You usually want to save this for the last step because any good anti-virus will add a bit of overhead to your computer (It needs to scan programs as they run). Microsoft Security Essentials is actually one of the best that I've found. It's very light on resources, while purportedly having one of the best detection rates available. It's also free and will never nag you. A definite win in my books.

Final configuration options before restoring files

There's 3 changes that I make to systems which seem to increase the security available. I haven't run into issues with them yet.

  1. Disable autorun. This is already set by default in Windows 7, but Windows XP still has issues.
  2. In Windows 7 systems, treat all networks as 'public'. You can do this by joining a new network and then checking the box in the bottom left-hand corner of the dialog. 
  3. Most important: Create a strong password protected administrator account and then degrade the permissions on the original account to a 'standard' account. Don't forget to password protect it as well. When installing software, you can upgrade permissions to the admin account. Windows 7 will prompt you, while you need to do this yourself in Windows XP with Shift + Right click.
Restoring backup files

This is the final step. Plug your external storage and then immediately scan it with your antivirus. After it declares everything clean, then you can proceed to copy your files back to your hard drive. Do not do this in reverse order.

And that's it. A few hours later, you're back up and running!

I hope you found this post helpful and please do feel free to comment.

Please note: While I may sound resentful about solving others' computer problems, I actually enjoy helping out. If you know me personally and are currently freaking out about the favours you'll need to repay for my tech support, stop worrying. I really don't expect anything in return.