Wednesday, November 30, 2011

How to install Debian within z/VM with just x3270

If you want to copy debian-installer for System z onto a z/VM user's CMS disk, you don't need access to FTP (and hence the host's TCP/IP stack). You can just use x3270 and transfer files with it. For odd reasons I forgot about this, so let's document it here:
  • Figure out which CMS disk is actually writeable for you (most likely the A disk) by issuing Q DISK and looking for "R/W" in the STAT column.
  • Select File, File Transfer.
  • Tick "Send to host" and "Host is VM/CMS".
  • Download the four installer files to your local machine: debian.exec (a startup script that punches the kernel, boot parameters and initrd onto cards and executes the card deck), kernel.debian, parmfile.debian (the boot parameters) and initrd.debian.
  • Transfer debian.exec and parmfile.debian with "Transfer ASCII file" ticked and Record Format set to "Variable" ("Add/remove CR at end of line" and "Remap ASCII characters" should both be ticked by default; LRECL and BLKSIZE should both be empty.) The host filename is the CMS filename, so something like "DEBIAN EXEC A" (with the spaces, and A replaces with the letter of the writeable disk of your choice). Both files must be prefectly readable in XEDIT (i.e. properly converted to EBCDIC).
  • Then transfer kernel.debian and initrd.debian with "Transfer binary file" ticked and Record Format set to "Fixed" with LRECL = 80. This may take a while.
  • Boot up the installer by issuing DEBIAN to z/VM, starting the script. If you needed to rename the files above (the drive letter doesn't matter), you need to adjust DEBIAN EXEC first.
  • You should see Linux kernel messages now. Profit.

Wednesday, November 23, 2011

Useful Firefox extensions (followup)

Since my last post about Firefox extensions I've enabled two other addons:

Through the comments I got pointed to Fox to Phone which enables you to send links from your browser directly to your Android phone with Chrome to Phone installed. Thanks for that.

Another useful extension that was recommended to me is LeechBlock. You give it a list of news sites you regularly frequent and it will make sure that you only spend a given time budget on them per day or that you only browse them in the evenings (or even a combination of both).

As I expected I did deactivate RequestPolicy again. That said, Facebook recently switched its certificates, so Certificate Patrol was unhappy. It's impressive and sad how many pages actually do cross-site requests to embed Facebook's buttons. If somebody would invent something less annoying to stop this mess, that would be great.

Thursday, November 3, 2011

PAV on Linux on System z

There are various presentations that state the goodness of PAV on Linux. Most revolve around using multipath-tools to assemble a volume if you don't have HyperPAV. But it turns out that the DASD device driver does multipathing for them internally in current kernels (which includes the squeeze kernel).

So all you need to do is setting those alias devices online. When you do that the kernel will log that it detected a new device, but you'll find that it won't create any dasd* device nodes for them, nor will it list partitions. lsdasd will only show you "alias" without mentioning the base volume, but you can fetch that information easily from the uid sysfs entry.

Tuesday, November 1, 2011

Useful Firefox extensions

Many people around me switched to Chrome or Chromium. I also used it for a bit, but I was a bit disappointed about the extensions available. To show why, here's a list of the extensions I've currently installed:
  • Adblock Plus: I guess everyone knows this. It sits quitely in the background and removes quite a bunch of eye-distracting stuff from web pages. You see the web differently and are always confused when viewing pages on your smartphone.
  • British English Dictionary: Pretty self-explaining. Firefox has an integrated spell checker and that one needs a dictionary.
  • BugMeNot: You can right-click on a login field and let it insert BugMeNot data automatically. I don't use it often enough to remember that it's there.
  • Certificate Patrol: SSL's X.509 trust model is weak, to say the least. This extension implements the "save on first visit" trust model and warns you if the certificate or the CA of a URL changes.
  • Download Statusbar: If you're used from, say, Chromium to see your download progress above the status bar, this extension will give you that. I don't like the separate window, especially with Awesome as my window manager.
  • Firebug: Most people know this, too. Very useful when you do web development. You can see the effects of CSS as you type, for instance.
  • Flashblock: YouTube has its HTML5 trial, so you don't need Flash for it. Sadly I had to give in recently (for live streaming sites like the German Parliament, go figure) and have it installed for "emergency" cases. But really nobody needs Flash advertisements or other silly Flash animations, so Flashblock will conveniently refuse to load the Flash plugin unless you tell it to.
  • German Dictionary: As above.
  • Google Translator for Firefox: Translates marked sections on a web page in place. It lets Google guess the source language, so you really only mark the area, click the button and be done.
  • Greasemonkey: Modifies web pages in place to make them more sane, using little scripts. I use two currently:
    • Better Outlook Web Access (OWA): For odd reasons I'm forced to use OWA 2007 at a company of Windows and Mac users. This makes it a little bit more bearable, by allowing you to save your password and by adding a message preview pane. You really don't want to use OWA Light 2007 without this.
    • - video tag: A simple script that lets you watch videos on without resorting to Flash. They ship Theora videos alongside H.264, which is supported by Firefox out of the box.
  • Lazarus: Form Recovery: This already saved me many, many times. Sometimes I hit the stupid Thinkpad page back/page forward keys, or the browser crashes or I'm torn away from a page in another way. This extension keeps your form content mostly save, so that you don't need to start from scratch. A must have.
  • Live HTTP headers: curl -D usually works. But sometimes you need authentication and cookies and stuff, hence doing it in the browser makes sort of sense.
  • Modify Headers: I don't really use it anymore. There was this legend that YouTube lets you watch videos that are blocked in your country (Hello, GEMA, I'm looking at you!) if you provide a X-Forwarded-For header with an IP from another country. Never worked for me.
  • Mozilla Archive Format: If you need to archive a web page or want to collect a bunch of pages for offline reading, this is the way to go. You can conveniently select either single pages or several tabs to be stored.
  • Perspectives: I'm paranoid, so here's the second SSL certificate check. Perspectives uses a bunch of network notaries hosted on PlanetLab to check if everyone sees the same certificate. Together with Certificate Patrol that means if that you save a self-signed certificate on first visit if the notaries all agree that it's the currently installed one.
  • PwdHash: Password re-use on different web sites is bad. There are sites where I'm not very concerned about the strength of my password, but where I don't want to leak my main ones. PwdHash uses the domain name and the password I give as components to a hash function. So if I'm at a computer without access to my saved passwords, I can easily reconstruct the hash. If need be, I can use the JavaScript on the developer's web site to do that.
  • RequestPolicy: It's currently installed but I don't think it will stick around much longer. Too many sites are using embedded cross-site requests, which this extension will allow you to review. As an example every Blogger site that's on a custom domain (like my blog) will trigger it. Instead half of your web will have red flags everywhere full of blocked requests. Not that helpful. Interestingly enough it also polices Flash's outgoing web requests. Which breaks even more often than normal web pages.
  • Secure Login: This gives you a button (or a keyboard shortcut) that allows you to choose from several logins and then goes on and posts those credentials securely to the page in question, bypassing any JavaScript that might want to see them. You also get auto-login bookmarks for those sites which don't allow you to remain logged-in across browser sessions. (Like OWA.)
If Firefox on Android were quicker to start and faster overall, I might even use it there. But as-is it's not very useful. Sadly this also means that I can't use Firefox Sync on my phone and as I don't use Chrome on my desktop I also can't use Chrome to Phone. So I usually go and build a QR code on my laptop and read that with Android's Barcode Scanner.

Of course I'm actually using Iceweasel and I'm very grateful for Mike Hommey's efforts to track the release channel on