Author: Ville

Yahoo! Widgets Off the Screen! (And How to Get Them Back)

I like Yahoo! Widgets (formerly known as “Konfabulator”). I use XP for some time to come and thus don’t have the option to use Vista’s widgets (the only thing in Vista that currently has some draw to it is DirectX 10, but I digress..). Every now and then a widget “gets lost”. For example, when starting a program (like a game) that changes the display resolution, the widgets get tossed around seemingly randomly, and sometimes they end up outside of the active (and possibly maximum) resolution of the display. Closing a widget and reopening it won’t help. Uninstalling Yahoo! Widget Engine probably helps, but who wants to do that regularly? There’s an easy registry fix (and if the problem is frequent, one could even write a small batch file that would place the widgets at their desired locations).

Shut down Widget Engine first (also from the system tray), then find the following key in your registry with regedit (you may want to use search especially if the system has many users and thus many SIDs).

The keys that determine the widget locations can be found at

HKEY_USERS
user’s security ID, or “SID”,
… e.g. S-1-5-21-1482476501-362288127-1801674531-1233
Software
Yahoo
Widget Engine
Widgets
widget name, e.g. “Calendar”
Windows
Main Windows
Positions <- delete this binary value

Then restart Widget Engine (and reload the “lost” widget if it’s not loaded by default). It the default placement is in the middle of the screen (or middle of the “active” screen on some multi-monitor systems).

Disclaimer: As always, the usual disclaimers and warnings apply to any registry mods. Know what you’re doing since it is possible to destroy your Windows installation with careless registry edits.

Installing bcron on FreeBSD 7.0

bcron is a better cron (though the “b” in the name probably comes from the first name of its writer, Bruce Guenter).  It was created with security in mind, and is especially well suited for multi-user systems where the individual users need to be given access to their respective crontabs. With bcron this can be accomplished without compromising the system security.  Here’s a quote from the bcron page:

This is bcron, a new cron system designed with secure operations in mind. To do this, the system is divided into several seperate programs, each responsible for a seperate task, with strictly controlled communications between them. The user interface is a drop-in replacement for similar systems (such as vixie-cron), but the internals differ greatly.

As of writing of this bcron can not be found in the FreeBSD 7.0 ports system. Fortunately its installation is fairly straightforward.  Yet the included documentation is rather spartan so I provide a more complete outline below.

  1. Install latest bglibs if not yet installed** bglibs is best to install from a downloaded tarball rather than from the ports (while the ports version installs the libs in a more logical location at /usr/local/lib/bglibs/ the programs that utilize the library (bcron, ucspi-unix, etc.) have difficulty locating it.

    ** few symlinks are required (these refer to the locations bglibs installs itself when compiled from the tarball rather than from the ports):

    /usr/local/bglibs -> /usr/local/lib/bglibs
    /usr/local/bglibs/lib/libbg-sysdeps.so.2 -> /usr/local/lib/libbg-sysdeps.so.2
    /usr/local/bglibs/lib/libbg.so.2 -> /usr/local/lib/libbg.so.2

  2. Install ucspi-unix if not yet installed as bcron components communicate via UNIX sockets. This requires bglibs and also compiles and installs well using a downloaded tarball (it’s also available in ports at /usr/ports/sysutils/ucspi-unix, but I prefer to compile it from the downloaded tarball).
  3. Make sure /var has been moved off the root to /usr/var before proceeding. See an older post for details.
  4. Make sure daemontools (and hence supervise) has been installed and is operational as bcron will be started with it.
  5. Create a system user “cron” (for example by using vipw command) and group “cron” (by editing /etc/group). This user/group will own all the crontab files (though not /etc/crontab as it’s system crontab and needs to be owned by root:wheel).

    user:
    cron:*:50:50::0:0:BCron Sandbox:/nonexistent:/usr/sbin/nologin

    group:
    cron:*:50:

  6. Create the spool & tmp directories:
    mkdir -p /var/spool/cron/crontabs /var/spool/cron/tmp
    mkfifo /var/spool/cron/trigger
    sh
    for i in crontabs tmp trigger; do
    chown cron:cron /var/spool/cron/$i
    chmod go-rwx /var/spool/cron/$i
    done
  7. Create the configuration directory /usr/local/etc/bcron:mkdir -p /usr/local/etc/bcron** You can put any common configuration settings into this directory (it is an “ENVDIR”), like alternate spool directories in BCRON_SPOOL.
  8. Create the bcron service directories (there are three services) and add the scripts below it:

    mkdir -p /var/bcron/supervise/bcron-sched/log
    mkdir /var/bcron/supervise/bcron-spool
    mkdir /var/bcron/supervise/bcron-update

    Set their permissions to 1750 for security purposes (no world access, sticky bit):

    chmod 1750 /var/bcron/supervise/bcron-sched
    chmod 1750 /var/bcron/supervise/bcron-spool
    chmod 1750 /var/bcron/supervise/bcron-update

    Make all the run and log/run scripts executable by root, readable by group:

    chmod 740 /var/bcron/supervise/bcron-sched/run
    chmod 740 /var/bcron/supervise/bcron-sched/log/run
    chmod 740 /var/bcron/supervise/bcron-spool/run
    chmod 740 /var/bcron/supervise/bcron-update/run

    and make log bcron-sched subdir accessible by root, group:

    chmod 750 /var/bcron/supervise/bcron-sched/log

    RUN SCRIPTS:
    /var/bcron/supervise/bcron-sched/run:

    #!/bin/sh
    exec 2>&1
    exec envdir /usr/local/etc/bcron bcron-start | multilog t /var/log/bcron

    /var/bcron/supervise/bcron-sched/log/run:

    #!/bin/sh
    exec >/dev/null 2>&1
    exec
    multilog t /var/log/bcron

    /var/bcron/supervise/bcron-spool/run:

    #!/bin/sh
    exec >/dev/null 2>&1
    exec
    envdir /usr/local/etc/bcron
    envuidgid cron
    sh -c ‘
    exec
    unixserver -U ${BCRON_SOCKET:-/var/run/bcron-spool}
    bcron-spool

    /var/bcron/supervise/bcron-update/run:

    #!/bin/sh
    exec >/dev/null 2>&1
    exec
    bcron-update /etc/crontab

  9. Kill the deafult cron daemon and add the following to rc.conf so it won’t restart on reboot:

    #disable default cron; bcron is used instead (started by supervise)
    cron_enable=”NO”

  10. Symlink bcron services’ primary supervise directories to under /var/service to start bcron services (you can also use svc-add command if you have installed supervise-scripts):
    ln -s /var/bcron/supervise/bcron-sched /var/service/bcron-sched
    ln -s /var/bcron/supervise/bcron-spool /var/service/bcron-spool
    ln -s /var/bcron/supervise/bcron-update /var/service/bcron-update
  11. Set /etc/crontab permissions to 600, and make sure it’s owned by the root.
    chmod 600 /etc/crontab
    chown root:wheel /etc/crontab

    ** For other users the owner of the crontab file in their respective home folders would be cron:cron.

  12. Edit /etc/crontab and test that it gets updated. Note that there is a brief delay, perhaps one minute or so, after you save the crontab until the change becomes effective. Also note that the default shell for the crontab is /bin/sh. You might want to change it to something more powerful like c-shell (/bin/csh) or bash (/bin/bash) that you’re familiar with. You may also want to augment the default path, for example, by including /usr/local/bin for user-installed commands.

Installing daemontools service supervisor on FreeBSD 7.0

D. J. Bernstein’s daemontools includes a service supervisor which ensures services it supervises are restarted should they ever stop due to a program/system error. Daemontoos is easy to install, and is best installed from FreeBSD’s ports system at /usr/ports/sysutils/daemontools.  Be sure to also install the manual, which you can find in a sub-directory work/daemontools-man. The README file that can be found within instructs to [manually] install the manual entries using the command gzip *.8 ; cp *.8.gz /usr/share/man/man8/ (while residing in the daemontools-man directory). Once installed, there are few additional steps to do:

  1. Copy /usr/ports/sysutils/daemontools/work/svscan.sh.sample to
    /usr/local/etc/rc.d/svscan.sh and give it owner execute privileges with
    chmod 700 /usr/local/etc/rc.d/svscan.sh
  2. Create /var/service and create a symlink to it from /service
    mkdir /var/service
    ln -s /var/service /service
  3. Add following to /etc/rc.conf:
    #start /var/service scanning
    svscan_enable=”YES”
  4. Reboot the system (svscan will *not* start on a BSD system before the system is rebooted)

Optionally you can also install Bruce Guenter’s supervise-scripts that make life a whole lot easier with daemontools’ supervise.

  1. Install latest bglibs if not yet installed
    ** bglibs is best to install from a downloaded tarball rather than from the ports (while the ports version installs the libs in a more logical location at /usr/local/lib/bglibs/ the programs that utilize the library (bcron, ucspi-unix, etc.) have difficulty locating it.** few symlinks are required (these refer to the locations bglibs installs itself when compiled from the tarball rather than from the ports):
    /usr/local/bglibs -> /usr/local/lib/bglibs
    /usr/local/bglibs/lib/libbg-sysdeps.so.2 -> /usr/local/lib/libbg-sysdeps.so.2
    /usr/local/bglibs/lib/libbg.so.2 -> /usr/local/lib/libbg.so.2
  2. Download, compile, and install supervise-scripts. Once installed, you’ll find new commands svc-start, svc-stop, svc-restart, svc-add, svc-remove, svc-isdown, svc-isup, svc-waitdown, svc-waitup, and svc-status in /usr/local/bin. These make scripting and managing services much easier.

When switching programs to be svscan-started and svscan-managed, remember to make sure they’re not being started either as default services by the system, or that a prior startup setting doesn’t exist in  /etc/rc.conf. Disable them (depending on the service) by commenting out the startup in /etc/rc.conf, by adding a “NO” clause in /etc/rc.conf (such as cron_enable=”NO”), or by disabling the corresponding startup script in /usr/local/etc/rc.d.

If you mess up a service initialization, uninstall the failed service (i.e. unlink the service’s primary service directory from /var/service), delete the “supervise” subfolders (and “down” file if present) from the service’s primary service directory (there’s one also in the “log” subfolder). Then reboot the system, and reinstall the service either by using the supervise-scripts command svc-add, or by simply symlinking the service’s primary service directory to /var/service (for example ln -s /var/db/mysql-supervise /var/service/mysql).

Moving var, tmp Off the Root in FreeBSD

One one of the first things I do on a newly installed FreeBSD system is to move /var and /tmp to under /usr. Since I usually allocate about 4Gb for the root slice and the rest of a disk—usually several hundred gigabytes—goes to /usr (well, there’s also the swap slice that takes few gigabytes) having /var and /tmp there is more comfortable as some log files, database files, or some temp files can sometimes grow to multi-gigabyte size and exhaust the root space.

Below is a simple procedure to move the /var to /usr/var and /tmp to /usr/var/tmp. This is best to do early on in a new system installation since many services tend to hook into /tmp and/or /var, and may thus lock files in those directories making the move more difficult. If you’re making this move on an established system, at least stop all the services that might interfere with the process (such as database services). It might even be a good idea to boot into a single user mode (if you do so, remember to correctly mount your disks before proceeding). I usually do this early in a new system install, before installing any major services, or at least before scripting them to run.

  1. Move /var to /usr/var 
    mkdir /usr/var
cd /var
tar cvf - . | (cd /usr/var; tar xvf - )
cd /
chflags -R noschg /var
rm -rf /var
ln -s /usr/var /var

  2. Move /tmp to /usr/var/tmp 
    mkdir /usr/var/tmp
cd /tmp
tar cvf - . | (cd /usr/var/tmp; tar xvf - )
cd /
chflags -R noschg /tmp
rm -rf /tmp
ln -s /usr/var/tmp /tmp
chmod -h 777 /tmp
chmod 1777 /usr/var/tmp