Library Versioning

I have been discovering all about library versioning. What I found came as a surprise to me and others especially those from a sysadmin background.

Basically it all comes down to the fact that the numbers on the end of a library name may not be what you expect and it is even more complex on OS X.

Libtool on Linux

For example consider the following libraries on a recent CentOS 6.2 install:

  • /lib64/libparted-2.1.so.0.0.0
  • /lib64/libproc-3.2.8.so
  • /lib64/libgcrypt.so.11.5.3

These show the three different ways in which a library may be versioned. Chapter 7 of the libtool manual discuses this subject. Libtool library versions are purely concerned with the supported API or interface that the library supports. It determines what the linker will allow to be linked.

libtool library versions are described by three integers:

  • current
    • The most recent interface number that this library implements.
  • revision
    • The implementation number of the current interface.
  • age
    • The difference between the newest and oldest interfaces that this library imple- ments. In other words, the library implements all the interface numbers in the range from number current – age to current.

If two libraries have identical current and age numbers, then the dynamic linker chooses the library with the greater revision number.

This is (or should be) what you see for libgcrypt.so.11.5.3. Running gpg –version shows that the version of libgcrypt is in fact

# gpg --version
gpg (GnuPG) 2.0.14
libgcrypt 1.4.5

The version of libgcrypt is 1.4.5 but its API is 11.5.3.

In order to set the Libtool library version you set the  -version-info 11:5:3 flag using libmylib_la_LDFLAGS in your Makefile.am (See the automate manual).

By contrast /lib64/libproc-3.2.8.so has no numbers after the .so. They all appear before it. This reflects the fact that the developers, for whatever reason decided to use the version number of the application in the library. Running free gives

# free -V
procps version 3.2.8

This is achieved by using the flag  -release in place of -version-info in Makefile.am.

libparted-2.1.so.0.0.0 shows both. Running parted gives

# parted -v
parted (GNU parted) 2.1

OS X

According to Fink the situation on OS X is slightly different. There is a “strict distinction between shared libraries and dynamically loadable modules”. On linux any “shared code can be used as a library and for dynamic loading”. On OS X there are two types of library MH_DYLIB (a shared library) and MH_BUNDLE (a module). MH_DYLIB carry the extension .dylib and can be linked against in the familiar -lmylib at compile/link time. They can not be loaded as a module using dlopen(). MH_BUNDLE on the other hand can be dlopened. Apple suggest naming these .bundle however, much ported software uses .so instead. It is not directly possible to link against bundles as if they were shared libraries.

Fun and games with OS X Lion Server

With the recent release of Lion I decided to upgrade my desktop from Snow Leopard client to Lion Server and at the same time migrate the Snow Leopard mac mini server over to it.

According to the combination of a knowledge base article and the migration instructions Chapter 3 page 24 this should be easy. It was not.

The knowledge base instructions say in step 2-7

Open “Install Mac OS X Lion”. Note: In order to install Lion Server, the Server app must be in the same folder as the Install Mac OS X app. If you just purchased Lion Server, these items should be in the Applications folder on the startup disk.

Click continue and agree to the software license agreement if you agree.

Click the “Show All Disks…” button.

Select a blank disk on which to install.

Click the Customize button.

Select the Server Software package.

Unfortunately that isn’t true. It only works if you are already running Lion Server!!! Here is what you need to do.

Assuming you have a disposable Snow Leopard client on volume A and have a blank volume B.

  1. Boot into Snow Leopard client.
  2. Use disk utility to erase volume B
  3. Download both the Lion Client app and the Lion Server app from the app store.
  4. They will be place in you /Applications folder
  5. Run the Lion Client app, when asked press “Show all disks” then select install on Volume B.
  6. Unlike what Apple say the customise button will stay greyed out and it will ignore the Server app.
  7. During the install ignore the option to migrate (This is a client only migration).
  8. Once Lion Client is installed run the Server App to install the server component
  9. Copy the Lion Client app and the Lion Server app from the volume A /Applications to the new Lion Server /Applications directory.
  10. Use disk utility to erase volume A
  11. Run the Lion Client app, when asked press “Show all disks” then select install on Volume A.
  12. This time what Apple say will be true. The customise button will be enabled and you will be able to select the Server component to install.
  13. Connect the mac mini in target disk mode and during the install you will be invited to migrate from another server.

This guide to hosting Lion software updates on a Snow Leopard Server is correct and useful.

Netgear ReadyNAS Pro

I bought one of these because I keep running out of disk space. With the ability to store 12Tb, I thought it might keep me going for some time to come.

It allows you to build raid 0,1 and 5 arrays and Netgear’s own X raid something or other. Unfortunately, it doent allow striping and mirroring. It  is compatible with OS X and supports AFP shares and Timemachine as well as iscsi as I mentioned earlier. However, the GUI is a bit flaky and didn’t seem to like Initiator iqn’s at all. If you download the root ssh plugin you can access the box as root over ssh and look at what it is actually doing.

iscsi config is held in /etc/ietd.conf

Target iqn.2010-2.taurus.sinodun.com:calendarserver
 Lun 0 Path=/e/calendarserver,Type=fileio,ScsiSN=RN293R60037B-003,IOMode=wb
 HeaderDigest CRC32,None
 DataDigest CRC32,None
 IncomingUser user xxxxxxxxxxxx
 InitiatorIQN iqn.2010-02.com.sinodun.hydra:calendarserver

Target iqn.2010-2.taurus.sinodun.com:collaboration
 Lun 0 Path=/e/collaboration,Type=fileio,ScsiSN=RN293R60037B-001,IOMode=wb
 HeaderDigest CRC32,None
 DataDigest CRC32,None
 IncomingUser user xxxxxxxxxxxx
 InitiatorIQN iqn.2010-02.com.sinodun.hydra:collaboration

Firstly their Target IQNs don’t look like the spec described on wikipedia – I don’t know if it is Netgear or Wikipedia that is wrong here and don’t care as this doen’t seem to break anything.

The real problem in the Initiator IQN – I had to add this by hand and it gets stripped out of every entry in the file every time a new iscsi target is created and at other random times. According to the Netgear web GUI theses are needed for persistent reservation support.

However, once it is working it seems nice and stable. If your disks don’t mount just go and check those Initiator IQNs.

OS X Server

I have recently bought one of the new Mac Mini Servers, partly because I like everything mac and partly because I wanted to try OS X Server for my business.

First impressions are great. Apple have taken the best (or very good) OSS and created a nice, if somewhat basic GUI to sit on top. You can of course still go and edit the configuration by hand if need be.

Unfortunately, the graphics card failed in the first unit, however Apple were very good and I had a new unit in a couple of days. This got me thinking. Normally if I wanted to send a computer back for repair or replacement I would remove the disks but with a mac mini you have to prise it open with a paint scraper. Not something I really want to be doing to a box which is still under warranty.

So, when the new one arrived, I decided to take advantage of my Netgear ReadyNAS Pro NAS box’s (of which more later) ability to do iscsi and along with the globalSAN iSCSI Initiator added disks for each service that could contain sensitive data.  This took some time to get working, mostly due to issues with the Netgear but I now have all data on hot swap mirrored disks and the mac mini could go back to apple with no sign of sensitive data.

log(0.5) and the OS X calculator

The OS X calculator is one of my favorite applications and I use it every day for work (I find  the binary display in the programmer view especially useful). So I was very surprised when I noticed that it was giving me the wrong answer for log(0.5). I was getting log(0.5) = 0.301 when it should be -0.301. Strangely 1-log(0.5) was correctly shown as 1.301. Well today I discovered that this only happens if you enable “Show Separators” in  the View menu.

Does anyone else see this or is it just me?

sshd on OS X

I have been trying to understand how the SSH server settings are controlled on Leopard. To turn sshd on you tick the remote login box on the sharing preference pane. You can then control which users are allowed to log in by selecting them in the “allow access for” section.

But where does it store the settings? Traditionally you would have added a clause like

AllowUsers jad
to /etc/ssh/sshd_config. However OS X does not do this, instead it adds a file called
/private/var/db/dslocal/nodes/Default/groups/com.apple.access_ssh.plist
containing what appears to be a list of users in the remote  login group. I have no idea what uses this file. Is it a modified  version of sshd or is something cleverer at work?
And, what was wrong with the old way?

Skype Crash OS X

For the last few months Skype has been crashing every time I tried to start it on my MacBook Pro. There were error messages in the crash log like this

Thread 0 Crashed:
0   <<00000000>>        0xffff07d7 __memcpy + 55 (cpu_capabilities.h:228)
1   ...ickTimeComponents.component      0x991fa700 _SGVideoGetChannelDeviceList + 2069
2   ...ple.CoreServices.CarbonCore      0x90cd0a53 CallComponentFunctionCommon + 513
3   ...ickTimeComponents.component      0x991edb29 _SGVideoComponentDispatch + 123
4   ...ple.CoreServices.CarbonCore      0x90cd0738 CallComponentDispatch + 34

Which led me to think it was something to do with Quicktime and/or video. So it occurred to me that starting iChat and opening the video preview before starting skype might help. It does!

libpcap on OS X

Earlier I wrote about a problem with libpcap on OS X. This is the call in the code that breaks the wireless connection.

/* ask pcap to find a valid device for use to sniff on */
dev = pcap_lookupdev(errbuf);

but replace it with this (en1 is my wireless interface)

dev="en1";

and then use dev in other libpcap functions and it works fine.

libpcap on OSX

The other day I was playing with libpcap on my MacBook Pro. Every time I tried to run the code my wireless network connection was disconnected.

After a bit of playing around I also found this was happening with tcpdump. It appears that running tcpdump -i en1 where en1 is the wireless network interface works fine. I guess the problem is something to do with the call to scan for interfaces.