Ali’s Notes

Shifting using concatenation in VHDL

Posted in Uncategorized, vhdl, FPGA by aghoras on September 29, 2011

A really cool way of building a shift register in a signal line is using the string concatenation operand:

shift_reg <= shift_reg( shift_reg'width -2 downto 0) & input_bit;

leave a comment

Notes on SELinux

Posted in Linux by aghoras on August 16, 2011

For an explanation of SE Linux log files, see: here

Let’s say you get a log error like:

type=AVC msg=audit(1313516426.864:1706): avc: denied { search } for pid=29034 comm="httpd" name="/" dev=dm-2 ino=2 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=dir

followed immediately by:

type=SYSCALL msg=audit(1313515666.226:1676): arch=c000003e syscall=4 success=no exit=-13 a0=7fe2ebad17f0 a1=7fff0ca3b680 a2=7fff0ca3b680 a3=0 items=0 ppid=29030 pid=29033 auid=4294967295 uid=48 gid=487 euid=48 suid=48 fsuid=48 egid=487 sgid=487 fsgid=487 tty=(none) ses=4294967295 comm="httpd" exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0 key=(null)

The scontext field is the process context that’s doing the search action to tcontext. The second line says the process httpd lives at /usr/sbin/httpd.

Let’s look at the context fields like: system_u:system_r:httpd_t. This field is broken up into three sub-fields with the following format: user:role:type:mls. When looking at processes, the mls field is often omitted. Within the default targeted policy, type is the important field used to implement Type Enforcement. In the above error message, the type http_t does not have search permission on “/”. Now this is a bit strange because httpd should be accessing /www only. Let’s look at the permissions on /www by doing ls -lZd /www. We get

drwxr-xr-x. apache apache system_u:object_r:etc_runtime_t:s0 /www

We can see that there’s a conflict between the “type” fields. So we need to change the type context of /www (and all of its contents). How do we know what context type to change it to. The obvious answer of “httpd_t” will not work because it is not a type that goes with a file or directory.

To see what the httpd_t is allowed to access, try

sesearch -A -s httpd_t

The -A tells sesearch to list all the ‘allow’ policies starting with what follows -s. The parameter after -s is a RegEx so you go crazy with this thing. You can also use the -t option to see what types can manipulate another type. So we get an output like:

allow httpd_t httpd_sys_content_t : file { ioctl read getattr lock open } ;
allow httpd_t httpd_sys_content_t : dir { ioctl read getattr lock search open } ;
allow httpd_t httpd_sys_content_t : lnk_file { read getattr } ;

So we change the context of /www with the command:

chcon -R -t "httpd_sys_content_t" /www

This change is not permanent, however. chcon changes the labeling of the files/directories, but does not tell the system about this alternate labeling. If a relabel gets triggered on the system, for any reason, these labels could get changed back to the default. You need to tell the system about the alternate labeling using the "semanage fcontext" command.


semanage fcontext -a -t httpd_sys_content_t '/www(/.*)?'

leave a comment

Notes on epoxy glass top finish

Posted in Uncategorized by aghoras on August 12, 2011

I used Parks Super Glaze epoxy finish on a test project. The first tip is to make sure you use exactly a 1:1 ratio of resin to hardener. Also, mix the stuff pretty well. The directions recommended 3min of stirring in the first container (after adding the resin to the hardener’s container) and then 3 min of stirring in the final container. I did 3+9 min until the mixture got warm.

Also when pouring, scoop a good bit of epoxy towards the edges and get a good flow going. Recover the dripping using the container used for pouring. For better results, consider sealing the wood. This keeps little air bubbles from coming out of the pores of the wood.

Have a torch ready and start working out the bubbles as soon as possible. Also, make sure the edges are rounded and not sharp so that the surface tension does not pull the epoxy away from the edges.

After about 30 min, scrape the drippings off with a putty knife. That’s easier than using a knife later. Don’t worry if the drips leave a taffy-like string behind. It will go away by itself.

Use shims and a level to make sure the work surface is perfectly level.

leave a comment

Display current filename at the bottom of the VI (vim) window

Posted in Uncategorized by aghoras on August 1, 2011

To display the info including the filename of the current file near the bottom of the VIM window type:
:set ls=2

leave a comment

lettuces are bitter

Posted in gardening by aghoras on July 21, 2011

Both Roma and black-seed lettuces turned bitter as of 7/18. It’s a pity because I didn’t get to use the Roma :(

Tagged with:

leave a comment

Roma tomato and basils

Posted in gardening by aghoras on June 14, 2011

The Roma tomato and the basils are in the west and north gardens as of 6/13.

leave a comment

svn+ssh on subeclipse

Posted in Uncategorized by aghoras on June 10, 2011

To get svn+ssh to work on Eclipse using Subclipse requires a bit of work. Apparently, Subclipse does not know how to do SSH natively. Here are the steps I followed on windows to get things working.

  1. Get puttygen to generate a local private key
  2. Use puttygen to create both a private and a public key
  3. Add the public key to the server’s ssh authorized_keys file
  4. Get and install Tortoise SVN windows subversion client. We’re going to use the ssh client that comes with this program to do the tunneling.
  5. Edit the file under
    %ALLUSERSPROFILE%\Application Data\Subversion\config
    and set the ssh section under [tunnel] to: <
    ssh = C:\\Program Files\\TortoiseSVN\\bin\\TortoisePlink.exe -i c:\\home\\putty_keys\\private_key.ppk -l gho18481
    In this example, my user name is gho18481. Make sure to put the “\\” in front of each path otherwise things wont work. Under UNIX, the config file should be under /etc/subversion/config

leave a comment

More planting

Posted in gardening by aghoras on June 6, 2011

I Sweet Baby Girl and Mortgage lifter are in the West planter box. Also planted the rosemary and the cabbages.

Tagged with:

leave a comment

Beats and Carrots are in the ground

Posted in Uncategorized by aghoras on May 18, 2011

I planted four 2′ rows of carrots and beats yesterday. I planted the carrots where the tomatoes were last year. The beats are a little too close to the peach tree but we’ll see how they do. This is the second year for both seed packets.

leave a comment

Starting Herbs from seed

Posted in gardening by aghoras on May 10, 2011

I need to have started the herbs and the peppers about a month earlier (around the first week of March). Also the potting soil is a good investment since it is very soft and allows the moister to penetrate into the pot. However, it has the disadvantage of drying out very quickly. The start time for the tomatoes was probably good but I need to stick to two seeds per pot instead of 4. They all seem to germinate and I end up wasting a bunch of good seed.

leave a comment

Follow

Get every new post delivered to your Inbox.