Author Archives: Adam Young

About Adam Young

Once upon a time I was an Army Officer, but that was long ago. Now I work as a Software Engineer. I climb rocks, play saxophone, and spend way too much time in front of a computer.

Java Web Applications in Fedora

Posted on by
4

Fedora and Debian play the role where many chaotic projects get a degree of charm school: they learn to play nice with a lot of other projects. In Fedora, as near as I can tell, there is only one Java based web application packages as part of the distribution: Dogtag, the Public Key Infrastructure server. As we look at how PKI should look in the future, the dearth of comparable applications packaged for Fedora leaves us with the opportunity for defining a logical and simple standard packing scheme. While I am not there yet, this post is the start of my attempts to organize my thoughts on the subject. I’m looking for input.

Continue reading

Finding Java Classes

Posted on by
1

I’m back on a Java project. Been a while, and I want to capture some of the tricks I’m using.

Right now, I’m just trying to import the project into eclipse.  Seems that the current team members don’t use it.  I’m an IDE kind of guy, at least when it comes to Java.

Building the .classpath file can be tricky.  However, since I know that I have a good build, and that this project it a good participant in the Fedora build process, I have the advantage of knowing that my packages reside in /usr/share/java.  Still, all eclipse gives me is a set of classes that it can’t find.  how to find them?

This project uses CMake.  I could look for all of the Jar files in the CMakeLists.txt files, and I might do that in the future.  However, a trick I’ve developed in the past has come in handy.

 

class2path(){
echo $1 | sed 's!\.!\/!g'
}

JDIR=/usr/share/java

make_alljars(){
for JAR in `find /usr/share/java -name \*.jar -type f ` 
	do for CLASS in `jar -tf $JAR |  grep \.class` 
		do echo $JAR $CLASS  
	done 
done > /tmp/alljars.txt
}

 

First, the make_alljars function creates a map in (value key) order. The value is the Jar file name, and the key is the class name. To fine a Jar file that contains a given class (in this example netscape.ldap.LDAPConnection) , run:

 

grep `class2path  netscape.ldap.LDAPConnection` /tmp/alljars.txt

And the output is

/usr/share/java/ldapjdk.jar netscape/ldap/LDAPConnection$ResponseControls.class
/usr/share/java/ldapjdk.jar netscape/ldap/LDAPConnection.class

This works really well with eclipse, in that the error messages have the name of the class. You can then just highlight the class name, paste it into the command line in place of the class I have above, and when you get the Jar file name, you can highlight to save to the clipboard. From The right click context menu pick Java Build Path and then Add External Archive and then paste the whole path in.

Updating a certificate for a FreeIPA web server

Posted on by
1

As I install, uninstall, and re-install FreeIPA, I start getting:sec_error_reused_issuer_and_serial. This used to be a minor annoyance, solved by clearing the certificates out of, and restarting, the browser.  Recent versions of Firefox have complained even after doing this, leading to the current approach: clear your browser cache.  Instead, you can update the certificate on the web server, and this should give you a cert with a new serial number, and avoid the error message.

Continue reading

Announcing FreeIPA 2.1.0

Posted on by
Reply

Cross posted from the FreeIPA mailing lists:

The FreeIPA Project is proud to announce the latest release of the FreeIPA. As always, the latest tarball can be found at http://freeipa.org/

FreeIPA 2.1 is available in Fedora 15. It is currently in the updates-testing repository along with a number of its dependencies. Fedora 16 and rawhide builds will be coming soon.

== Highlights ==

* General client and server installation improvements. Server installation is significantly faster.
* Improved support for IPv6.
* General UI improvements related to navigation and work flow.
* Added UI for automount.
* A Host-based Access Control (HBAC) test tool
* Deprecation of HBAC deny rules
* A CA is no longer required on every replica and may be added post-install to a replica (see ipa-ca-install).
* A new replication tool for dogtag has been added (ipa-cs-manage). This allows you to control the replication topology of your CA.

 

Continue reading

IPAddress for local Virtual Machines

Posted on by
7

When running Fedora as a KVM/Qemu  host for  virtual machines, you have the issue that you don’t know the IP Address for a virtual machine once you create it.  IP addresses that are assigned via

The MAC Address is in the config file saved in

/etc/libvirt/qemu/$VMNAME.xml

Once you start the virtual machine, you can fetch the IP Address from the DHCP lease file in:

/var/lib/dnsmasq/dnsmasq.leases

To correlate the two:

 

#!/bin/bash

VMNAME=$1

MAC=`cat /etc/libvirt/qemu/$VMNAME.xml |   xml2 | awk 'BEGIN{FS="="} /mac..address/ {print $2}'`

IP=`grep $MAC /var/lib/dnsmasq/dnsmasq.leases | cut -d' ' -f3`

#$VMNAME has MAC $MAC and IPAddress $IP
echo $IP

 

This must be called as root or via sudo.

UPDATE:

Chris Lalancette notes that the cannonical version of the MAC address can be found using 

virsh -c qemu:///system dumpxml $VMNAME