~kanarip

I've always been a huge fan of Zarafa, one of merely two serious competitors in the Open Source groupware market.

The other competitor is Zimbra, but I have somewhat less of an incentive to sink my teeth into that Java mess, which installs in /opt/zimbra/, and uses it's own vendored libraries rather then those available in the system stack. This, in my opinion, is just wrong, raises cost and gives you less overall options and control. But enough about Zimbra, because obviously the suite *just works* (and a lot of people are very much happy with it).

I have (and still am) running Zarafa at my company for about a thousand users, and Zarafa's headquarters are pretty close to my company's. I get to speak to Zarafa's people regularly, and most of it is while I'm wearing my Fedora hat ;-)

Either way, now that Robert Scheck and myself are attempting to package Zarafa for our dear distribution, Robert and I run into the following when using Fedora 12:

[jmeeuwen@ghandalf SPECS.mine]$ sudo zarafa-spooler -F
zarafa-spooler: symbol lookup error: /usr/lib64/libmapi.so.1: undefined symbol: _ZN10ECMemTable6CreateEP14_SPropTagArrayjPPS_

Robert has created a topic on Zarafa's forum about this some time ago.

Let me first emphasize that Zarafa is upstream for three libraries:

1. inetmapi
2. perlmapi
3. libmapi

This symbol is undefined in libmapi only, as you can see in Robert's comment.

I once succeeded (I don't know how) to make the command result in a stack trace:

[jmeeuwen@ghandalf spooler]$ gdb /usr/bin/zarafa-spooler
GNU gdb (GDB) Fedora (7.0.1-30.fc12)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/zarafa-spooler...(no debugging symbols found)...done.
(gdb) run -F
Starting program: /usr/bin/zarafa-spooler -F
[Thread debugging using libthread_db enabled]
Unable to open configuration file /etc/zarafa/spooler.cfg
Continuing with defaults
Wed 03 Feb 2010 03:53:54 AM CET: Unable to open pidfile '/var/run/zarafa-spooler.pid'
Wed 03 Feb 2010 03:53:54 AM CET: Starting zarafa-spooler version 6,30,9,18385 (18385), pid 7285
Wed 03 Feb 2010 03:53:54 AM CET: using SMTP server: localhost

Program received signal SIGSEGV, Segmentation fault.
0x0000000000000000 in ?? ()
(gdb) thread apply all bt

Thread 1 (Thread 0x7ffff7fcb820 (LWP 7285)):
#0  0x0000000000000000 in ?? ()
#1  0x0000003d0da20ca9 in M4LMsgServiceAdmin::GetMsgServiceTable(unsigned int, IMAPITable**) () from /usr/lib64/libmapi.so.0
#2  0x0000003d0e259782 in CreateProfileTemp(char*, char*, char*, char*, unsigned int, char*, char*) () from /usr/lib64/libinetmapi.so.1
#3  0x0000003d0e259a3b in HrOpenECSession(IMAPISession**, char*, char*, char*, unsigned int, char*, char*, char*) () from /usr/lib64/libinetmapi.so.1
#4  0x0000003d0e259b29 in HrOpenECAdminSession(IMAPISession**, char*, unsigned int, char*, char*) () from /usr/lib64/libinetmapi.so.1
#5  0x00000000004069a1 in InitThreadData(thread_data*) ()
#6  0x00000000004075bd in ProcessQueue(char*, char*) ()
#7  0x00000000004078ff in running_server(char*, char*) ()
#8  0x000000000040d04e in main ()
(gdb)

I'm not at all too familiar with C/C++ code, and/or libtool (a more recent version of libtool in Fedora is rumored to have caused this?), and so my first step is to Google. Googling for "undefined symbol" doesn't really give you anything else then forum topics with questions and often not even solutions to very particular problems though :/

So, I turn to you, dear Lazyweb, and I'm asking you to help me wrap my head around it and put the finger on the sour spot.

SPEC: http://www.kanarip.com/custom/SPECS/zarafa.spec

SRPM: http://www.kanarip.com/custom/f12/SRPMS/zarafa-6.30.10-1.fc12.src.rpm

Thanks in advance!

Hello everybody,

Once again I'm dragging my boyfriend to a place in the world he probably wouldn't visit otherwise. I mean New South Wales, Australia and Wales in the UK may well not be the most exciting places for him...

Anyhow, I myself look forward living there and hope my boyfriend will eventually come on over too. Anyhow, let's talk about me and one of the more exciting things in my life. I intend to do a PhD project on the analysis of drugs in hair (see my facebook website). The research subject really sounds good to me, and I might even have the opportunaty to do some consultancy on the side. Next week I'll check out the University of Glamorgan and so on... Excited to go,

Lydia

I love to be able to announce the first "sysadmin-main" meeting within my company, Operator Groep Delft. You read that right, that's the exact same name the Fedora Infrastructure team - an example to us all as far as I'm concerned, uses to indicate the group of people ultimately in control of all systems and services. Read the more detailed description. I'm going to try and apply this very concept to my company's internal system administration.

Instead of taking care of the Linux infrastructure with no dedicated Linux engineering resources, we decided that utilizing all of the available Linux competencies within the company would be more efficient, more effective, more flexible and would vastly improve redundancy, collaboration and expertise between the bunch of us.

Since we're a consultancy company, most of our Linux Engineers are hired out to customers, making billable hours, earning us all money, and are thus not in a position to really sit down and take care of OGDs Linux infrastructure as well. Basically our engineers can only spend that one minute they have left at the end of a day or the hour they would otherwise waste on one of those boring meetings -they merely require the facilities to do so.

So instead we decided to try and make it a community effort of some sort, in the sense that all sysadmin-main engineers require a minimal Linux certification level of RHCT, and will have access to Life, Everything and The Universe once we've sat together and introduced them to all procedures and such.

Now, nothing is set in stone yet, but at least we're going to have a bunch of interested people show up at our meeting soon, which will hopefully lead to a large group of engineers willing to do interesting stuff.

We'd plan and assign -amongst ourselves- the tasks in our queue. If either of us needs a little more time, we save up to 8 hours a week to spend at more intrusive changes like migrations, upgrades, planning, documentation, build & test, development, that sort of thing. We (as a group) would decide what we do, how we do it, and who actually gets to execute.

Ultimately, I'd be (held) responsible (or accountable?) for the group, and my manager would be responsible for the well-being of the infrastucture as a whole, just like he is now.

Just to give you an impression of what it takes to do what we do between the two of us at this moment, in the very little time that we have available; Zarafa, HA/LB Red Hat Directory Services, Puppet (with help of puppetmanaged.org modules), Cobbler, SELinux (enforcing), Nagios, Munin (looking at Zenoss to replace both), 15 mod_security enabled webservers, 4 database servers, 6 development environment staging boxes, and a couple of workstations.

PS. For those of you who read this, and are colleagues of mine, you can find more information on https://nix-noc.ogd.nl/trac/

If I'm not mistaken, today is the birthday of not just one, but two great friends!

Congratulations both Max Spevack and Jan Wildeboer!

Overheard:

Question: "You apply a Server, Domain Controller and Client security policy requiring all network traffic to be encrypted. Some of your users report that they cannot log in or access network resources. What is the easiest way to resolve the problem?"

Answer: "Tell the user to reboot the computer."

This means, essentially, implicitly, that the policy that *all* network traffic should be encrypted, doesn't apply to *all* traffic ('cause clients can get their updated configuration without being compliant to the new configuration). *sigh* :/

Over the last couple of days it seems more and more people are stepping up to get Ruby 1.9.1 in Fedora, along with the packaging changes and all that. From a new list just two months ago, we now have 17 members working on the same problems collaboratively.

Worth noting is that I'm receiving patches from people that understand Ruby way better then I do, so it's one big happy learning experience for me too ;-) (Noted I do not use Ruby myself, nor do I program using Ruby)

Thanks to Ben Shakal, we're now over the issue I posted about earlier on the Ruby SIG mailing list, where gem install would work, but executing or requiring the gem wouldn't. Great work Ben, thanks!

From here on out, I'm going to extend the Ruby repositories for Fedora 12 and Fedora Rawhide to include some of the ruby gems with the new packaging guidelines. I'm still going to need new packaging guidelines to go along with the new packages so I'm probably going to build those packaging guidelines as I go along.

More news on Ruby later this year, hope to have some working stack early next year.

Hope you all have a merry Christmas!

I've finally recovered some of what broke down earlier this week. Long story short:

• The CPU of my web-/file-/mail-/dns- server is fubar, and the only other Pentium 4 CPU that I could find would not work
• I used the x86_64 CPU and mainboard from slevin (my girlfriend's desktop PC)
• Pulling out and stuffing back in the hardware wasn't difficult, but took me some time anyway (I did not have the right tools, go figure)
• Upgrading -slash- migrating Fedora 10 i386 to Fedora 12 x86_64 as you can imagine took me even longer, only to find out that a lot of configuration and other stuff relevant to various services were incompatible.
• The first thing I wanted to restore was email, and so I did (including external DNS), and then I left it all behind to do some other stuff.
• Now I've gotten around to rebuilding php-5.2 for Fedora 12 so that Drupal would actually work. Various kinds of functions Drupal-6.x uses are deprecated in php-5.3, and
• I had to restore name services internal to my network as well (the Pentium 4 CPU I got from this other machine made this other machine not boot up anymore)

The fun! ;-)

Dear Hyves,

Would you please stop sending me email that does not make sense?

I quote:

Hyves notification

Unfortunately you can't read this mail properly, due to the fact that our outgoing mail is
html-formatted. Your mail program probably only support plain texts.

There's a couple of things wrong with this email;

1. I can read it properly, it's just not the same contents you expect me to read when I open this email.
   You expect me to use a mail client that parses HTML right-away, without me choosing to do so when I want to. I'm sure your engineers will be familiar with the "why HTML mail is bad" meme that has been going on since the '90s.
2. It's not up to you to say anything about my ability to read anything.
3. You say my mail program probably only supports plain text, but that surely does not take into account the fact that I may have chosen to not read HTML emails.

You could, of course, include the actual message you're trying to send in plain text as well, rather then this weird looking (static) message.

I was at a round table session a few weeks ago, where consultants and advisors to local governments in the Netherlands (there's around 400 of them, and then some) discussed "Nederland Open in Verbinding", an initiative by state-secretary Frank Heemskerk with the Ministry of Economic Affairs to get government agencies of all kinds to realize the value of using Open Standards, and inherently (but not primarily) appreciate the value of Open Source software (ergo Free Software, because the rest is Crippleware).

It was the first time for me to talk on such a level, very non-technical, hypothetical and on the policy side of things. Normally, I work on design, development, implementation, administration, innovation, what-have-you, but all from the technical perspective.

Let's finally burn down the list of notes I've taken from that session.

Like within any other organisation, the main factor that influenced the atmosphere during our discussion was money. Not value. No sir! Cold hard cash, of course.

Apparently, or so I was told, government agencies wonder what the TCO on a thing such as OpenOffice.org would look like.

While I'm sure there's plenty of people out there that can whip up a comparison sheet from the top of their heads (and so I told them), that's not the issue I take offense with.

The actual issue I do take offense with is that while asking for a TCO on OpenOffice.org, it seemed that none asking for such a TCO analysis had ever done the exact same thing for either alternative product; most prominently Microsoft Office '97/2000/2003, or even a pending migration to either Microsoft Office 2007 or 2010. If you don't know what the costs were, why are you asking for comparison to what the costs might be should you use the product at zero licensing price? The next big money burning factor was considered to be migration costs.

Going down the list of examples that crossed the table; The next issue was migration off of, say, Microsoft Office (regardless what version), to OpenOffice.org. This one made me laught out loud, since such migrations are part of every single Microsoft Office release you upgrade to, with -in the case of Microsoft Office at least- the added danger of actually 1) being forced to upgrade, and 2) losing data in ways that cause you to never be able to read it again.

I emphasized that regardless of the piece of software used (you write your own if you will), the most important thing was the use of Open Standards, and every single governments agency's choice to either "use or explain". "Use Open Standards or explain why you can't or won't", is what the federal government initiative is trying to tell the other government bodies.

Either way, the choice to use Open Standards or Open Source Software is up to each individual government body. While there is no actual enforcement of the "use or explain" guidelines, the motivation to make a well-founded decision based on facts is moot. The way this is going down now merely creates awareness about the existence of an alternative technology, whether a piece of software or an open standard, you could use. The well-foundedness of the decision is quickly annihilated using false rumors and assumptions, though, and there's noone out there to tell them about the facts.

Moreover, and this is where I was truly shocked, the overall consensus seemed to be that Open Standards amongst themselves are difficult to implement and be compatible. For one, someone said, there's more then one version of the Open Document Format. This poses a problem, since Microsoft Office 2007 SP2 only implements ODF 1.1 (and so will Microsoft Office 2010 from what I can see in different preview builds), and so maybe could not deal with ODF 1.2. Not realizing that this is actually a Microsoft Office problem, I wonder if this is how it is going down;

Customer: Yeah, so, give us your offering.

SupplierA: Sure. Here's costs, they're easy. Remember that when you pay less, you get less, huh? There's also benefits, but only for Microsoft Office, primarily because we make it so extremely easy for you to get back at us and give us more of your money. In return, we'll only implement the one true version of this Open Standard, because you know multiple versions of an Open Standard are just going to confuse you, right? So, well, here's the contract, sign at the bottom please.

SupplierB: Our version of the product works wonderfully well with Open Standards, it is free of charge and you only start paying us when our phone rings. You can sign this contract, or look around for a better value proposition. On top of that, we are compatible with all versions of Open Standards and you'll never notice a thing. No transition, no migration, no hassle. If you're dissatisfied, there's no clause stopping you from getting what you get from us somewhere else.

Customer: So, SupplierB, are you saying I can take your product and use it at a zero price license? That all my problems go away? How much trouble am I going to be in and what solving those problems going to cost me? That I can just upgrade the software without a defined project involving migrations and consumer education? That I can just leave and go to your competitor? You must be freaking kidding me. SupplierA, you have a pen?

Long story short, the consultants and advisors to government bodies and other government agencies and organisations are in a position to make sure a conscious choice is being made, by matter of policy. They are in a position to emphasize the true facts and false rumors, and create some incentive to at least consider a particular implementation over another, despite the initial cost -if any more significant, in favour of the long term value. Because that's what this is about finally. Money. The tax payer's money, no less.

You may have seen Lydia's blogpost on FUDCon Toronto as she experienced it. It's the first time she's been at an event like this, while it is my trazillionth time. So, she was interested to see what kind of work we do at such events, what kind of unmess the unconference is like (I've told her many stories about Greg DeKoenigsberg throwing the markers on the floor in Brno, for example), and of course she misses Max Spevack ;-)

All and all, from her story, it may have appeared to you that I'm more of an Ambassador out of the house then I am at home ;-) Hope you all appreciate her $0.02

At the moment I'm writing this, I am in Canada. Even though I haven't been able to explore the country as I would normally do, I have the impression that Canada is more similar to the US than I expected it would be. I think having a healthy life style is more difficult over here than in the Netherlands. On the other hand, how often do I go out for dinner and worry about the amount of sugar and fat in food in the Netherlands? And from the supermarket I just visited I can tell that there is enough fresh food to prepare a decent dinner myself.

Well, let's talk about something I do know instead of the impressions I have gathered over the last few days: FUDCon, the reason I am in Canada... I expected a group of computer geeks, but this was certainly not the case. If I would have give some thought about how social fedora contributors would be, the social aspect would not have been as much a surprise to me. I mean, these people operate in a community and they would only be valuable contributors if they can understand what others want and explain their own views on what the future of a project should be like. Hence, no loners.

At times it does cost me a lot of energy to find the things I'm interested in, because frankly I honestly don't care about the technology side. I mean, what do I care about computer-related stuff such as Ruby? (a project my boyfriend can talk about for days. Luckily, he knows not to talk to me about this stuff) What I do care about is the vision behind open source, how it can be applied in other fields, the reason people devote a lot of time to free software projects and last but certainly not least what a part of my boyfriend's life looks like (what kind of people he meets, what the activities at a conference are like and what makes him tick).

So, what have I learned? Well, I'll start with the basics I already knew. This way it may be more easy to understand where I come from. First of all, let me introduce you to the Fedora project (http://fedoraproject.org/). Fedora is a Linux distribution. Unlike Windows and Mac, Fedora is free and open source. And don't get me wrong; free definitely does not mean it is free of cost though I do run software that I can get at zero price. What it does mean is that one has access to the code, can freely modify it to one's liking and can distribute the modified code. The Fedora project is all about these modifications and sharing the (modified) software with others most prominently upstream. Great minds think about how to solve bugs, incorporate features and discuss the future of a software project. Non-technical people (like myself) can also contribute to the project by, for example, filing a bug report or request a new feature.

Up to now, my only contribution was to request a feature with the words: “will I ever see you [Jeroen van Meeuwen] again in the living room?”(https://fedorahosted.org/revisor/ticket/136). I must admit, I do not really consider this a contribution. Mostly, I just do not care enough about bugs as am easily satisfied as a user and instead of filing bugs I myself adjust when software works a bit differently than I expect. The only program I use enough to care about is the GIMP. So maybe I will get involved if there is something with this program... WTH, I might even be learning how to program software if it is important enough to me. I mean, if I do not try to change the program to my liking, I should not be allowed to complain about it. And as a side effect, I might do the other users a favor that may have the same problems as me. To me, as a user, this is the strength of Free and Open Source software; The possibility to get involved, get your problems fixed, your expectations met, all as part of this upstream process, so that others may enjoy the solution(s) or feature(s) as well.

I would say the main advantage of Free and Open Source software is the inherent transparency that allows you to fix bugs that annoy you (or others) and add interesting features. However, I'm not like the people that write code. As I understand, they mock around with the code just for fun. And why is it fun? Because it is a challenge. And of course, with this method of working you are able to excel and learn from others, since the community will respond on your actions. And though I do not understand why you would be interested in excelling in this type of activity I do understand the motivation if I think about my interest to work in the field I'm most interested in (let's just say I don't have a 9-to-5 mentality).

What I have learned at FUDCon is some technical stuff such as how to file a bug report.

• Where?
  Bugzilla.redhat.com, bugs.kde.org and/or bugzilla.gnome.org (it does depend what you need to report. To really get involved with the GIMP I would directly go to the upstream GIMP website, same thing applies to the other software projects in Free Software).

• What kind of information is wanted?
  What package it belongs to, what version of fedora you are using, whether it is a RFE (request for enhancement) or a bug report, a screen shot of the problem/ error, what hardware you use. In case it was a bug also information such as: what you were doing when it went wrong, what you think should have happened and try to reproduce it. Hence: a lot of information. Don't be put off by this, because filing a report without this information could be just as valuable. Of course, I won't deny that it is more likely that the bug gets fixed when more information is available. I mean, the developers should be able to understand enough of the problem to deal with it. A good way to get a problem solved is to provide all information a developer might need to reproduce the bug on his development workstation.

Another thing I have learned is that Free and Open Source Software is absolutely not free in costs since maintenance is expensive. I mean: time is money, right? A lot of very enthusiastic people work for the fedora project and this is the only way that it could work. Without a doubt it is nice to hear people talk about this since it simply means that they are extremely passionate about something. They all think that anybody could do it. And maybe they are right. The only question is: do you want to spend time to figure this out? Needless to say, everybody answers this question differently. All I ask of you (if you are not a contributor) is that you set aside your excuses and answer the question honestly. If you can't be honest to yourself, think about what this says about you. Do you feel morally obliged? Or do you want to spend your time on something that is more important to you?

So, what about the money stream in a Free and Open Source (FOS) world? Instead of paying for the product one would pay for a service done by skilled people. If a company wants to have the software designed slightly different the company can wait and wait and wait and meanwhile hope that their request or bug report gets enough attention from a skilled developer. This, however, may not be the most efficient and effective way to deal with a problem or deficiency. Hence, why not pay someone to do it for you? In addition, pay someone to maintain the system as well. That is how in a FOS world someone obtains money: getting paid by doing a service rather than selling a product. Don't get me wrong it's not all about the money. I, however, do think that money is a helpful tool for trading one's spare time for the stuff he/ she wants to obtain regardless of whether that is an experience or material stuff. Anyhow one thing does become more difficult in a FOS world. Ever since other people think for us users products are made that we got used to. In fact we don't really know what we need or what we want, because that has never been an issue. Hence, in an FOS world it suddenly becomes important that one realizes what it own demands and wishes are, that one can communicate this with the person that will work on this and that that person is able to understand the demands and wishes. At times another person to help (with this process of realizing the needs and with a clear communication between the user and developer) would be a wise idea. Another thing that can be handy in this process is to make a simple sketch of how things will finally look like. Think about a mock-up for a website. More honest feedback will be given then. After all, people realize that it is relatively easy to make changes in a sketch whereas it is not so easy to modify a written code accordingly to the feedback. A piece of useful advise for a design is that one should group different objects when a design is (almost) done just to protect the design. Since accidentally moving one tiny object is not as noticeable as moving a whole group of objects. Honestly, this is a bit besides the point, the point is that in a FOS world people are still able to make money, but in a different way in which communication plays a huge role. The reason I speak of world and not software is that this story does apply to software as well as other fields such as science. Instead of access to the code, one would have access to raw data in science.

Of course I heard an awful lot more. Mostly technical stuff, like that RPM 5 is worse than RPM 4 and only to be used for one package. But hey: do you care about this? Or how certain patches are required for such and such? I know I don't care so let's stop writing right here.

So now that I have this new netbook thingy, kinda like a key-chain accessory, I want the packages I have installed on my huge-ass need-a-truck laptop to be on the netbook as well. I could, of course, do a rpm -qa on one end and install the packages listed on the other end, but that's not very sustainable. Here's what I did:

1. Let Puppet collect the packages on node ghandalf.kanarip.com
2. Let Puppet install all of those packages on weee.kanarip.com

Like the snail said, riding on the back of the turtle: Weeee!

With a little help from my friends (Andreas Thiennemann in particular), I managed to get my hands on a piece of equipment I was planning on buying anyway; a netbook.

Here in Canada though, these things are particularly cheap.

Next on the list of things to do is:

1. Never boot anything but a superior version of the greatest Operating System on a piece of equipment as cool as a netbook. The first thing that Acer will attempt to boot is a Windows Vista based eRecovery Suite in order for you to install Windows XP Home. I rest my case.
2. Download Fedora 12.
3. Check the list of things you need to know before trying all kinds of things to make the foo work. In my case, I found this page very useful. For one, it helped me boot Fedora ;-)

I finally managed to come up with a bunch of proper patches that give us Ruby 1.9.1 packages again, the way we want them to be after our little HackFest at FUDCon in Toronto. At first, they would succeed in rpmbuild, but not in mock or koji, but after all I got them to build in mock. Assuming they will then build in koji too, I'm submitting a couple of scratch builds now in the background as the Internet in the Hotel isn't all that fast, and after the builds have finished we may have some packages to play around with ;-)

Only a handful people seemed interested in a FUDCon session on Ruby, Ruby-1.9.1, the Enterprise Edition, packaging foo and so forth, so it's not part of the BarCamp ;(

I'm planning to have the session tomorrow though, just after lunch, in one or the other room, so if you are interested please follow around the guy with the bad haircut wairing a Von Dutch hooded sweater ;-)

FUDCon starts! ;-)

Weeeee! Release party is ongoing!

It's more of a socializing thing then it is about Fedora 12, really, but what the heck ;-)

Also, we're speaking English rather then Dutch ;-)

I'm having trouble creating a Re-Spin for Fedora 11, as you might have suspected given the number of Re-Spins released by Fedora Unity for this number 11 release.

This time, it is networking in the installer image that isn't at all functional. I suspect changes to NetworkManager, released as an update for Fedora 11, have caused the dependencies to shift, and those dependencies might not be in the installer image (install.img) nor the initrd.img.

To troubleshoot such things is rather difficult, and takes up a lot of time. Maybe I'm just being inefficient at it (any hints can go to kanarip@fedoraunity.org please!).

Anyway, I just wanted to let you know that that's what causing the hold-up.

I wanted to share with you the way Operator Groep Delft monitors and profiles Zarafa, the best Open Source Groupware available today. We have about a thousand users in LDAP, of which approximately 200 are internal employees (the ones in the branch offices) compared to approximately 800 external users (consultants, part-timers, etc.). We use Nagios for monitoring, and Munin for profiling. Munin integrates with Nagios in that given a set of thresholds, when a profiled resourse is out-of-bounds, it can let Nagios trigger the alerting.

Anyway, let's see some Munin graphs (who doesn't like colored graphs?):

The number of Connections to the Zarafa server

The number of connections to the Zarafa server is a simple `netstat | grep <process-name> | wc -l`. Some users will have more then one connection (Outlook users for example), and so the number of users (see below) is a different number. Also mind that, contrary to the Outlook and/or IMAP (persistent) connections, the webmail connections are polled once per 5 minutes, and thus the number of webmail (non-persistent) connections is probably off by a factor X. We chose to not choose X and instead derive statistics based on the actual numbers in the graph.

You can find our version of the zarafa_connections Munin plugin here.

The number of Unique Source IP addresses

Like I said, the number of actual users is something different then the amount of connections. Some users may have more then one connection so how do we derive the number of users from the number of connections? While Zarafa comes with a neat utility called zarafa-stats, it is not what we were looking for and so we chose to pick unique IP addresses for Outlook, IMAP and webmail users, and pick unique users for ActiveSync connections (also through the webserver, like webmail access, so we parse the webserver logs here). There's one more cheat in the number of webmail and ActiveSync connections I need to tell you about:

Instead of examining the webserver access_log files per hour, we take into account the hour before the current hour too. In a way, we examine the access_log files (of combined format by the way) in a range of 60 to 120 minutes. The reasoning is as follows; If we don't, at the start of every hour the number of users is zero. Then, as the hour passes, the number of users would increase and increase a little more until the hour passes and the next hour starts. This would have caused the graph to look like the teeth of a saw, which would misrepresent the number of users entirely.

You can find our version of the zarafa_users Munin plugin here.

The number of Queries per Second on the dedicated MySQL Database server

These users cause Zarafa to put some load on your database server, of course, and since we have a dedicated MySQL server just for Zarafa, the number of queries per second is interesting as well. This is a standard Munin plugin -or at least it's shipped in the version of Munin for Extra Packages for Enterprise Linux 5 as well as Fedora.

Note how the number of queries per second turns out to have > 50% cache hits at average (for the week). Over a longer period of time, I can tell you, the number of cache hits averages about 50% overall, and anywhere between about 30-40% during office hours.

I can't seem to find a nice, simple, stupid web administration interface for LDAP. I want the users of said web interface to just be able to click "Add User" and fill out givenName, sn. I'll derive from that a uidNumber, uid, homeDirectory, mail, generate a password, send out an email. Or something like that.  Same goes for groups "Add User to Group", or "Remove User from Group". All based on authorization levels or ACLs in LDAP, of course. Reliably enforcing a naming convention and all kinds of standard operating procedures.

So, I started my first Ruby on Rails project, and I called it SLAP (Simple LDAP Administration Panel). Since it's my first Ruby on Rails project, I'm trying to get used to the semantics that is Rails... Enabling the brand new Rails project to simply authenticate and authorize through LDAP for example is being a PITA. I'm looking at ActiveLdap, but I can't seem to figure it out -it is very scarcely documented.

Apparently people follow this tutorial to install PHP 5.2.x on their Red Hat Enterprise Linux systems. It uses the repositories from our dear Remi Collet, and at first I didn't understand why anyone would do that, install an unsupported version of PHP on a platform you specifically chose to get support for. I was under the impression Red Hat themselves would have a decent offer in the Application Stack channel, but what I found out is that a subscription to the Red Hat Application Stack v2 would cost around $1.999 a year (source). Go figure ;-)

It feels like this is part 7 or 8 in the ruby series, but I hope you're still hanging in there ;-)

Last time I blogged about Ruby 1.9.1 search paths, but after some converstation with Stephan Kasal in private, and some more on the Ruby SIG mailing list, I'm leaning towards the simplest ever search path;

/usr/local/lib{,64}/ruby
/usr/local/share/ruby
/usr/lib{,64}/ruby
/usr/share/ruby

As I also mentioned in this message, this looks very clear and straightforward to me! Regrettably, I have not yet had much response on the mailing list. I hope to be doing some rebuilds of packages depending on ruby later on, see how that goes, and maybe release a 1.9.2 release candidate version somewhere.

Our services (primarily our web services and puppetmaster services) have recovered from unexpected interruption.

Are you a Ruby enthusiast or maybe a Ruby on Rails web application developer? Did you know Fedora has a Special Interest Group (SIG) for Ruby related development and issues?

If you are a Ruby dev, but you didn't know about the SIG, here's our Wiki page (lists SIG members, things to do, and needs a little work), and we now have a mailing list. Whether you are with Fedora already, or just use Fedora, Extra Packages for Enterprise Linux (EPEL) or Enterprise Linux itself (Red Hat, CentOS), this mailing list is your chance to get in touch with the developers and packagers that work on your platform.

I've posted a few things on Ruby before, I know, but this is one thing I really wanted to share with you. I'm thinking of making the search path look like this:

[jmeeuwen@ghandalf ruby-1.9.1-p243]$ ruby-1.9.1 -e 'puts $:'
/usr/local/lib64/ruby/1.9.1
/usr/local/lib64/ruby
/usr/local/share/ruby/1.9.1
/usr/local/share/ruby
/usr/lib64/ruby-1.9.1/site/1.9.1
/usr/lib64/ruby-1.9.1/site/
/usr/share/ruby/site/1.9.1
/usr/share/ruby/site/
/usr/lib64/ruby-1.9.1/vendor/1.9.1
/usr/lib64/ruby-1.9.1/vendor/
/usr/share/ruby/vendor/1.9.1
/usr/share/ruby/vendor/

Ergo;

1. Your local, architecture specific, ruby version specific stuff
2. Your local, architecture specific stuff
3. Your local, architecture independent, ruby version specific stuff
4. Your local, architecture independent stuff

   ^^ This would include results from "gem install"

5. Packaged, architecture dependent, ruby version specific stuff, such as ruby gems from RPM, or ruby libs
6. Packaged, architecture dependent stuff
7. Packaged, architecture independent, ruby version specific stuff
8. Packaged, architecture independent stuff

   ^^ This is where "yum install rubygem-*" would put it's files

9. Architecture dependent ruby vendor, ruby version specific stuff
10. Architecture dependent ruby vendor stuff
11. Architecture independent, ruby version specific, ruby vendor stuff
12. Architecture independent ruby vendor stuff

Did I forget anything? Comments?

I recently blogged about rubygem-passenger-2.2.5-2 being available from my repositories, and there's a few side-notes on this:

1. rubygem-passenger now requires rubygem-hawler, which was not (but is now) available from those same repositories
   rubygem-hawler enables one to perform /usr/bin/passenger-stress-test, which would have failed prior to including rubygem-hawler. I realize this would have better been split to a separate package, which is on my TODO list for the next version of rubygem-passenger
2. The Apache2 module is readily available through the mod_passenger package, a subpackage of rubygem-passenger. There's no need to run passenger-install-apache2-module and in fact that command will fail. I've added to my TODO list to remove that command from the package entirely, or replace it with my own script that lets you know to install the mod_passenger package.

A Fedora 12 Release Party in the Netherlands, how does that sound?

I'm asking, just to see how many people would be interested. Since there's more then just Dutch speaking Fedora enthusiasts in the Netherlands, part of this blog post is in English, and for those of you that don't speak Dutch; drop me a line on whether you'd like a Fedora 12 Release party in NL (or not), at kanarip@kanarip.com.

In het Nederlands dan;

Wat zou je denken van een Fedora 12 Release feestje? Een paar highlights van de nieuwe features, een paar PCs met de nieuwste versie erop zodat je deze kunt uitproberen, een aantal CDs en DVDs, en een lokale mirror voor als je je laptop wilt upgraden (met opstarten van netwerk, preupgrade, yum update/upgrade, jij kiest).

Daarbij natuurlijk de gelegenheid voor een hapje en een drankje en een gesprek met andere Fedora enthousiastelingen...

Hoe klinkt dat? Laat het me weten via kanarip@kanarip.com -we kunnen dan een beetje inschatten over welke orde van grootte we het zouden kunnen gaan hebben.

I've made rubygem-passenger-2.2.5-2 packages available for Fedora 10, Fedora 11, Rawhide and EPEL-5 for those interested. You can find them at http://www.kanarip.com/custom/ if you're interested.

PS> Rubygem-passenger (a.k.a. mod_rails/mod_rack) will not be in Fedora until someone fixes the package shipping its own version of Boost

PS^2> Rubygem-passenger's %{_bindir} files have now been fixed, but for passenger-stress-testing you'll need rubygem-hawler (which is in the repositories as well)

If there is no objections within the next few days, I would like to upgrade rubygem-git to version 1.2.4 (instead of 0.7.0 which is now in Fedora 11). It is a requirement for one of the projects still in development over at my company. I'm not sure how many people use it, so I wanted to let you know ahead of time I'm going to upgrade it (unless there's significant objections).

Drop me a line if you have objections ;-)