The Stone Edge

I have a powerful desktop, — and yes, runs Linux. It has a quad-core CPU, and 10GB RAM. My wife only has a small laptop. So, when she needs to do more serious work, like photo processing, she logs in my machine (using her own account) to do it.

And then we have a problem. All our pictures are stored in one shared repository, which is a directory under “/var”. Any file or picture I created in that directory, automatically received the ownership “my_user_id:users”, where “users” is my default group; and the default permission for the files I created are 744, which means my wife can’t modify it without changing the file permission first; and vice versa.

That’s really inconvenient. So I want to find a way, to achieve following goals:

• Any file / directory we created in our repository, must have group “family”, which is a group I created for just two of us.
• The files we created in the repository should automatically have default permission 664, so both of us can modify them without having to change the file permission first.
• I don’t want to change our “umask”, because that will change the default file permission for anywhere, where I just want that for that specific directory.

I though it should be easy, but it turned out not that straightforward. After some research, here is what I did (do all these as root):

1. chgrp family /var/pictures
2. chmod 774 /var/pictures # users in other groups can also look into this repository
3. setfacl -d -m g:family:rw /var/pictures
4. chmod g+s /var/pictures

If you are interested in the details behind these commands, you can look at this article: Access control lists: Creating an efficient Linux file server with default permissions.

After these changes, we can work smoothly together in the same directory.

More than a year ago, when I chose OpenSuse as my desktop OS, clearly I made a wrong decision — I mean, OpenSuse is very good, but I shouldn’t have chosen the x86_64 version. There are just too many compatibility issues.

Anyway, I don’t want to reinstally my OS yet, so I have to deal with it. Here is how I installed the 32-bit Skype on my 64bit OS:
# 1. download the static version of Linux Skype
wget http://www.skype.com/go/getskype-linux-static
# The file I got is skype_static-1.4.0.118.tar.bz2
#
# 2. untar it to my "apps" directory, where I usually keep all my customized applications
tar xjvf skype_static-1.4.0.118.tar.bz2 -C ~/apps/
#
# 3. get 32-bit libsigc-2.0.so.0
cd /tmp
wget ftp://fr.rpmfind.net/linux/fedora/extras/4/i386/libsigc++20-2.0.17-1.i386.rpm
rpm2cpio libsigc++20-2.0.17-1.i386.rpm | cpio -idv
cp /tmp/usr/lib/libsigc-2.0.so.0.0.0 ~/apps/skype_static-1.4.0.118/libsigc-2.0.so.0
#
# 4. create a script to start skype in /usr/bin
sudo vi /usr/bin/skype
#
# following is the script for /usr/bin/skype
#
#!/bin/bash
#
export LD_LIBRARY_PATH=.:$LD_LIBRARY_PATH
cd ~/skype_static-1.4.0.118/ && ./skype &
#
# 5. make sure the new skype script is executalbe
sudo chmod 755 /usr/bin/skype
Now Skype can be started by typing in “skype” in any terminal window.

Early last month, when I was wandering in a Fry’s store, I found a returned Netgear EVA8000 digital media center. I have always been looking for a good multimedia hub for my living room, but had never found a satisfying one. The feature set of EVA8000 looked pretty good to me, and I remembered some good reviews from Maximum PC, Amazon and Cnet. So I decided to give it a try.

My requirements for a media center actually are not that complex,

1. It must be able to play regular DVDs — how can you call it a media center if there is no DVD-playing feature!? But I want more than just simply playing DVDs. Since I still have some VCD movies, of course I expect it to play them as well.
2. It has to play other video formats from hard drives, such as Divx, AVI, MPEG4, QuickTime, … You name it, I want them all! Playing ripped DVD ISO files is a must, too. In this way, I can manage all my DVD collections from the media center without changing disks.
3. It should be a good manager for my music collections. When I say good, I mean something like iTunes, and even more formats — OGG, WAV, …
4. I have thousands of digital pictures on my desktop in my home office room. Even though I love to show them to my friends, I don’t want to show my messy office, . So, the media center has to connect to my home network and present my digital photos on my LCD TV — trust me, pictures look so much better on a bigger screen, even a mediocre one looks great!
5. I have a 7.1 speaker system with a receiver and I definitely don’t want to compromise my acoustic experience. The media center needs to drive them all.
6. Remote control is a must — using a keyboard or mouse just doesn’t feel like in a living room.

Some other features are good to have, but I don’t have to have them now:

1. TV recording. I know this is one of the most-wanted features for a media center, but fortunately it is not a big deal to me. I am not a big TV fan (as you can imagine, I spend most of my time on Internet instead of TV), so I think I can live without it.
2. Blu-ray DVD and HD-DVD play back. As any new technology, currently these players are ridiculously expensive, just like a $20 DVD drive at seven or eight years ago. I always think it makes more sense to upgrade later when they are more affordable.
3. YouTube and other online videos! Well, I know these low-resolution videos won’t look very good on a HD LCD TV, but sometimes it’s fun to watch them together with friends. Not mention that the Internet does have some high-def video contents such as movie trailers.

As you can see, the feature list for my media center is not too long, isn’t it?

Knowing what I am looking for, you will understand why I was interested in the EVA8000. It is such a slim box, looks like a regular router. According to the manual, it has very strong network capabilities. Even though it doesn’t have a DVD drive and can’t play DVD discs directly, I think I can compromise if it can do other things really well.

The installation process of EVA8000 was fairly easy. It took me a little bit time to understand its menu system, but once figured out, everything is straightforward. But for a non-technical person, it may not be that simple. After setting up the network and my network storage places (I shared my photos and videos to my local home network from my office PC as Samba mounts — yes, my office PC runs on Linux!) , the EVA8000 started scan my media files. This is a painfully looooooooooooooooooong process. I meant it! It took literally more than half hour to go through my 9000 pictures and some video files! The manual said it was building a database for my media collections, but later I found its so-called database is just a plain text file with all my media files listed! I just couldn’t understand why it spent that much time on scanning, even with a wired network connection.

Anyway, once the scan was finished, it was ready to do some interesting things. First I tried to play a DVD ISO file stored on my remote PC. Surprisingly, it did a very good job! The streaming was very smooth, not jumpy at all! But soon I found the audio was only in two channel audio, and I am sure this ISO is encoded in 5.1. A little bit disappointing. Then I tried to browse my pictures from this box, which turned out to be a terrible experience. It is extremely slow. Browsing in sequence is barely acceptable, while random slideshow is totally unusable! I don’t fully understand why DVD playback is good but picture browsing is so slow. One reason I can think of is DVD playback may have a dedicated hardware decoder, but browsing pictures has to use its CPU, which is seriously underpowered.

However, I have to say, this product is actually a pretty good one. It has a lot of potential and is going to the right direction. It has powerful network functionality, with HDMI output, slim and good-looking. If it could come with a DVD drive, and the whole playback experience could be smoother, I might have just settled with it. But now, I knew I have to give it up. Because my goal is — yes — a PERFECT media center!

After returning the item back to Fry’s, I went through my feature list again. I realized that most of the features are actually PC functionalities and what I am looking for is indeed a Home Theater PC! This idea made me excited because I love building PC. Now I have another excuse! But since it will be a PC, I have to add another must-have feature to the list: the softwares must be FREE — aka NO Microsoft Windows! I knew this would make the whole process harder, but, well, who cares! We are geeks, aren’t we?

That’s how I started building my perfect HTPC!

Recently I registered two domains: my personal domain www.coffeestone.com, — mostly for my blog, wiki, and maybe other personal usage, and … www.myseconddomain.com for our community forum. I plan to use Wordpress for my blog, JSPWiki for my wiki, and JForum for my second domain. JSPWiki and Jforum will be running in Tomcat, and both domains will be in the same Linux server. A router with my static IP sits between my server and Internet, which is also a firewall and forwards incoming traffic on port 80 to my Linux server. So here are my goals:

1. Use one Apache to serve both domains;
2. Run two Java applications separately, with a script that can easily shutdown / start each of them independently;
3. Use Apache to redirect traffic to each Tomcat instance based on the requested domain name.

My server is running on OpenSUSE 10.1, with Apache 2.2.0 and Tomcat 5.5.20.

1. Software installation

First, I have to install some software / modules.

1. Apache
   By default, Apache is already installed in OpenSUSE. If it has not been installed, go to YaST / Software / Software Management, search for Apache2 and install it.
2. Apache modules
   I also need some Apache modules:
   a) apache2-mod_php5: this module is necessary for PHP support
   b) mod_jk-ap20: this is the module that connects Apache and Tomcat together
   c) php5-mysql and php5-mysqli: these modules provide mysql support for PHP5Following modules are good to have for performance and stability reasons: apache2-worker, apache2-prefork. All these modules can be easily installed from YaST.
3. Load Apache modules
   All Apache modules can be loaded from YaST. Go to YaST / System / ‘/etc/sysconfig’ Editor, and then navigate to the directory Network / WWW / Apache2 / APACHE_MODULES, add ” jk” at the end of the setting — this will add the module mod_jk-ap20 to Apache; also make sure “php5″ is there if you also need PHP support. Then click “Finish”.
4. Tomcat
   Tomcat is a Java application, I prefer to install it manually instead of from YaST. I’ll cover that later.

2. Configure Virtual Hosts in Apache

Because I want to serve more than one domains from my server with one IP address, I have to use name based virtual host. To learn how virtual host works in Apache, check http://httpd.apache.org/docs/2.0/vhosts/ for more detail. I tried to do the virtual host configuration in YaST / Network Services / HTTP Server, but that didn’t give me all the controls. So I did it by adding / changing configuration files. In OpenSUSE 10.1, all Apache related configuration files are in directory /etc/apache2.

1. Add a NameVirtualHost
   Open /etc/apache2/listen.conf, add a line:
   NameVirtualHost 192.168.2.2:80This tells Apache that the IP 192.168.2.2 (my server’s local network IP) will serve the name based virtual hosts. If your server connects to Internet directly (no router in between), you may want to change the IP address to your static IP. In my case, all incoming traffic has to go through my router first, and then forwarded to my local server with IP address 192.168.2.2, so I only need to specify my local IP address here.
2. Add virtual host files
   In OpenSUSE 10.1, all virtual host configuration files should go to /etc/apache2/vhosts.d. Every file in this directory ending with .conf is automatically included in the Apache. To make the configuration even easier, OpenSUSE already includes two template files in that directory: vhost-ssl.template is for a virtual host with SSL, vhost.template is for a virtual host without SSL. Since my site will not have SSL, I used the latter one as my template.
   cp vhost-template coffeestone.confThen I changed the file coffeestone.conf to:<virtualhost>
ServerAdmin webadmin@coffeestone.com
ServerName coffeestone.com
ServerAlias www.coffeestone.com
DocumentRoot /srv/www/vhosts/coffeestone.com
.....
</virtualhost>You should change the value of DocumentRoot and other domain related directives. To do that, you can simply do a search for “dummy-host” in the conf file and replace them with the correct values. Following the same procedure, I created another conf file for my second domain: myseconddomain.conf.
3. Change host file
   Because my local IP 192.168.2.2 is a NameVirtualHost, I have to make my domains to be resolved as 192.168.2.2 locally. Open file /etc/hosts and add following line:192.168.2.2 www.coffeestone.com www.myseconddomain.comAgain, if your server has the static IP already, you don’t have to do this.
4. Create doc root and restart Apache
   mkdir /srv/www/vhosts/coffeestone.com
echo "coffeestone" > /srv/www/vhosts/coffeestone.com/index.htm
mkdir /srv/www/vhosts/myseconddomain.com
echo "myseconddomain" > /srv/www/vhosts/myseconddomain.com/index.htm
rcapache2 restartThen I type in www.coffeestone.com and www.myseconddomain.com in my browser and check if both of the index pages show up correcty. Another way to test if the virtual host configuration works is to use command “httpd2 -S”. You should get something like:
   VirtualHost configuration:
192.168.2.2:80 is a NameVirtualHost
default server coffeestone.com (/etc/apache2/vhosts.d/coffeestone.conf:15)
port 80 namevhost coffeestone.com (/etc/apache2/vhosts.d/coffeestone.conf:15)
port 80 namevhost myseconddomain.com (/etc/apache2/vhosts.d/myseconddomain.conf:1)As you can see, my domain coffeestone.com is the default server because its conf file (coffeestone.conf) is alphabeticly before the second domain’s conf file (myseconddomain.conf). If I want to make my second domain the default server, I can just rename its conf file to _myseconddomain.conf.

3. Install Wordpress

This part is the easiest part in the whole process. Download the tgz file from http://www.wordpress.org, and then extract the content to /srv/www/vhosts/coffeestone.com, which is my document root for the website. I want the URL for my blogs started with “http://www.coffeestone.com/blog”, so I change the directory for Wordpress to “blog” under directory “coffeestone.com”. Now the directory structure looks like:

/srv/www/vhosts/
     +-- coffeestone.com
                     +-- blog

Then I follow the “Famous 5-Minute Install” instruction to configure the Wordpress. After that, I go to www.coffeestone.com/blog and my blog is there!

4. Run two Tomcat instances in one server

Now it’s time to install the two Java web applications in Tomcat. To do this, you must understand two important concepts in Tomcat: CATALINA_HOME and CATALINA_BASE. Basically, CATALINA_HOME is the directory where your Tomcat is installed; CATALINA_BASE is where your web application is installed. This means in your server, usually there is only one CATALINA_HOME (because only one copy of Tomcat binary is necessary), but there can be multiple CATALINA_BASE (because you may install several web applications). CATALINA_BASE usually contains following subdirectories:

• conf - Server configuration files (including server.xml)
• logs - Log and output files
• shared - For classes and resources that must be shared across all web applications
• webapps - Automatically loaded web applications
• work - Temporary working directories for web applications
• temp - Directory used by the JVM for temporary files (java.io.tmpdir)

CATALINA_HOME contains directory “bin” and “common”. If you want to know more about these settings, look at file $CATALINA_HOME/RUNNING.txt.

1. Install TomcatAfter download the Tomcat binary, just untar it to the directory where you want to install it. I like to put it under /opt.
   cd /opt
tar -zxvf /tmp/apache-tomcat-5.5.20.tar.gz .Now I have a directory /opt/apache-tomcat-5.5.20.
2. Create a soft link to the Tomcat directoryIn the same directory,
   ls -s apache-tomcat-5.5.20 tomcatIn this way, I can always keep my CATALINA_HOME as /opt/tomcat. In the future if I want to upgrade Tomcat, I just need to update my sym link to point to the new directory.
3. Create directories for all Tomcat instances.
   I am going to keep all my tomcat instances in /opt/tomcat_instances:
   mkdir /opt/tomcat_instances
mkdir /opt/tomcat_instances/jspwiki
mkdir /opt/tomcat_instances/myseconddomainIn my case, the CATALINA_BASE for my JSPWiki will be /opt/tomcat_instances/jspwiki, the CATALINA_BASE for my second domain will be /opt/tomcat_instances/myseconddomain.
4. Create CATALINA_BASE directory structure for each Tomcat instance
   Copy following directories from /opt/tomcat to /opt/tomcat_instances/jspwiki and /opt/tomcat_instances/myseconddomain:
   cp -pr /opt/tomcat/conf /opt/tomcat_instances/jspwiki
cp -pr /opt/tomcat/logs /opt/tomcat_instances/jspwiki
cp -pr /opt/tomcat/shared /opt/tomcat_instances/jspwiki
cp -pr /opt/tomcat/webapps /opt/tomcat_instances/jspwiki
cp -pr /opt/tomcat/temp /opt/tomcat_instances/jspwikiDo the same thing for the second domain. The option -p will keep the original permissions, option -r will copy all files recursively. After the directory structure is created, those directories in original directory /opt/tomcat can be removed. If you do a ls on /opt/tomcat, it gonna look like:
   drwxr-xr-x 3 root root 4096 2007-01-28 23:00 bin
drwxr-xr-x 6 root root 4096 2006-04-14 14:09 common
-rw-r--r-- 1 root root 11558 2006-04-14 14:09 LICENSE
-rw-r--r-- 1 root root 704 2006-04-14 14:09 NOTICE
-rw-r--r-- 1 root root 6384 2006-04-14 14:09 RELEASE-NOTES
-rw-r--r-- 1 root root 7146 2006-04-14 14:09 RUNNING.txt
drwxr-xr-x 5 root root 4096 2006-04-14 14:09 server
5. Copy war files to CATALINA_BASE
   cp /tmp/JSPWiki.war /opt/tomcat_instances/jspwiki/webapps
cp /tmp/myseconddomain.war /opt/tomcat_instances/myseconddomain/webapps
6. Configure every Tomcat instance
   Now I need to configure these two web applications to run on different ports to accept web requests and start / stop command. The configuration file I need to work on is server.xml in directory $CATALINA_BASE/conf. For the web application JSPWiki, I leave every setting as default; for the second domain, I need to change following settings:
   a) Change the shutdown port from 8005 to 8105 — this is the port where Tomcat listens to the shutdown command:
   <Server port="8105" shutdown="SHUTDOWN">
   b) Change the Coyote connector port from 8080 to 8180 — this is the port where you can connect to Tomcat directly:
   <Connector port="8180" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" .../>You can also comment out this tag completely if you don’t want the Tomcat instance to accept any request other than forwarded by Apache. Usually doing this is useful and more secure if your web server is exposed to the internet directly. In my case, I have a router / firewall to connect to Internet and I do like to connect to my Tomcat instances directly from my internal network at port 8080 / 8180, so I kept this section.c) Change the AJP connector port from 8009 to 8109 — this is the port where Tomcat accepts the web requests from Apache:
   <Connector port="8109" enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
7. Create a script to control Tomcat instances.This script is mostly from this article: http://edwardaux.wordpress.com/2006/09/20/3/. I just add one more argument to make it more flexible. Download the attached script (tomcat.sh) to /usr/local/bin and make sure it is executable. To run it, just type in:
   tomcat.sh {start|stop} {instance_name}The instance name is the name of the directory in /opt/tomcat_instances. For example, I can type in
   tomcat.sh start jspwikito start my web application JSPWiki.
8. Configure Java web applicationsAfter starting both Java web applications, I went to http://192.168.2.2:8080 to configure my JSPWiki and http://192.168.2.2:8180 to configure the Java web application for my second domain.

5. Make Apache and Tomcat work together

Finally we come to the last step.

1. Add configuration for mod_jk
   This is the configuration file that defines the behavior of mod_jk. Under directory /etc/apache2/conf.d, create a file “jk.conf”:
   <IfModule mod_jk.c>
JkWorkersFile "/etc/apache2/workers.properties"
JkLogFile "/var/log/apache2/mod_jk.log"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"
</IfModule>This configuration file tells Apache that the worker thread of mod_jk is defined in file /etc/apache2/workers.properties, the log goes to /var/log/apache2/mod_jk.log; it also defines the format of the log file.
2. Add configuration file for mod_jk workers
   Create a file /etc/apache2/workers.properties:
   ps=/
worker.list=wiki, myseconddomain
worker.wiki.port=8009
worker.wiki.host=localhost
worker.wiki.type=ajp13
worker.wiki.lbfactor=1
worker.myseconddomain.port=8109
worker.myseconddomain.host=localhost
worker.myseconddomain.type=ajp13
worker.myseconddomain.lbfactor=1In this configuration file, “ps” is the file system separator of my OS — if you are on Windows, it should be “\”; lbfactor is for load
   balancing — since I don’t need that, I just keep it 1; the port is the AJP connector port we defined in previous section (4.6.c) .
3. Change the virtual host file to forward traffice properly
   Open file /etc/apache2/vhost.d/coffeestone.conf, add following line: JkMount /wiki/* wiki
JkMount /wiki wikiThis tells Apache that any requested URL to my domain www.coffeestone.com, if it is started with “/wiki”, it will be handled by mod_jk worker “wiki”, which is defined in our workers.properties to forward to localhost 8009, where my JSPWiki is running. Similarly, open
   file /etc/apache2/vhost.d/myseconddomain.conf, add following line:
   JkMount /* myseconddomain
JkMount / myseconddomainThis tells Apache that all incoming traffic to my domain www.myseconddomain.com will be handled by mod_jk worker “myseconddomain”, which is defined in the workers.properties to forward to localhost 8109, where my second Java web application is running.

Finally I finished everything. I restarted the Apache and Tomcat:

tomcat.sh stop jspwiki
tomcat.sh stop myseconddomain
tomcat.sh start jspwiki
tomcat.sh start myseconddomain
rcapache2 restartAnd then, I got my Wordpress blog running on http://www.coffeestone.com/blog, my wiki running on http://www.coffeestone.com/wiki, all together with my second domain nicely in one server!

6. References

1. http://tomcat.apache.org/tomcat-5.5-doc/RUNNING.txt
2. http://tomcat.apache.org/tomcat-3.3-doc/Tomcat-Workers-HowTo.html
3. http://httpd.apache.org/docs/2.0/vhosts/
4. /usr/share/doc/packages/apache2/README.QUICKSTART
5. http://www.linuxjournal.com/article/8561
6. http://edwardaux.wordpress.com/2006/09/20/3/
7. http://raibledesigns.com/page/rd?entry=setting_up_cvs_appfuse_jspwiki

My system is OpenSUSE 10.1 x64 on Athlon 64 X2 3800+. Since Adobe released Flash 9 for Linux a few weeks ago, I have been trying to install the plugin for the Firefox 2.0 (64bit), but with no luck. The reason is that the plugin is 32bit, which doesn’t work well with the 64bit Firefox. After some research, today I finally get it done by using nspluginwrapper. Here is how I did it:

1. Download nspluginwrapper
   According to the author of nspluginwrapper, “nspluginwrapper is an Open Source compatibility plugin for Netscape 4 (NPAPI) plugins. That is, it enables you to use plugins on platforms they were not built for. For example, you can use the Adobe Flash plugin on Linux/x86_64, NetBSD and FreeBSD platforms.” Currently the latest version is 0.9.91.2. You will need both the plugin and the viewer.
2. Install plugins
   # install the viewer; You have to install the viewer first
# because the plugin depends on it.
rpm -Uvh nspluginwrapper-i386-0.9.91.2-1.x86_64.rpm
# install the plugin
rpm -Uvh nspluginwrapper-0.9.91.2-1.x86_64.rpm
3. Use the nspluginwrapper to wrap the flash plugin
   I assume the flash plugin has already been installed. If not, go to YaST / Software Management and search for “flash” and install it. After the installation, you should find a file /usr/lib/browser-plugins/libflashplayer.so. Now we need to wrap it:
   nspluginwrapper -i /usr/lib/browser-plugins/libflashplayer.so
4. Now restart the Firefox and go to YouTube, you should be able to watch those great video clips.