The One Book Meme

Well, I’ve been tagged – how can I pass this up. My good friend Thomas handed off to me. The One Book Meme started two years ago (!) and is still running. It was even translated into Italian.

This will be a nice diversion from the usual, I promise.

One book that changed your life: Getting Things Done, by David Allen

One book that you’ve read more than once: Anna Karenina, by Leo Tolstoy

One book that you’d want on a desert island: Where There is No Doctor, by David Werner et al (or possibly Victory, by Joseph Conrad)

One book that made you laugh: The Complete Calvin and Hobbes (3 vol. set) by Bill Watterson

One book that made you cry: Please Stop Laughing at Me, by Jodee Blanco

One book that you wish had been written: My Story, by Joan of Arc

One book that you wish had never been written: Can’t think of any off hand.  Most every book has its good points, and all can be learned from in some way.

One book you’re currently reading: OpenVMS System Management Guide, by Baldwin and Hoffman

One book you’ve been meaning to read: Jane Eyre, by Charlotte Brontë

Now tag five people. (Hm, the hard part…)

Well, I got four anyway.  Hard to come up with just one book….

Apache Cocoon and Customer Service

This is a very interesting article about using Apache Cocoon working, and how it compares to Struts and why. It is, first and foremost, a story of an Apache Cocoon customer and why they are unsatisfied. Don’t read just the article; read the comments too.

The article details several points where the Apache Cocoon community fails their customers:

  • Missing and incomplete documentation
  • Requirements on other, undesired systems (such as Maven)
  • Inflexibility: inability to use IntelliJ instead of Eclipse, for example (or at least, no documentation on how)

I don’t know about some of these, but I can sympathize with the lack of documentation and the inability to use Cocoon in a production environment. Some of the Apache projects, especially Java ones, seem to want to use all the latest and fanciest tools, but forget that others use something different – which makes it impossible to integrate Cocoon into established environments.

This lack of recognition of the corporate customer will only hurt Cocoon in the end. The switch to Apache Maven (instead of using Apache Ant as previously) also seems to have hurt Cocoon more than helping.

Many open source projects lack this customer focus: it is not a buzzword (or should not be), but rather a way of thinking. Many projects are done purely because somebody wanted to – but a serious long-term project outgrows its leader/founder and needs to consider the ramifications to its user base in what it does. A serious project also needs to consider what do the customers want? What do they need?

Programmers often do not understand why not everyone can read their documentation and just “get it.” A good example is the page “Your first Cocoon application using Maven 2“. I’ll annotate certain sections here, with likely responses from a corporate perspective (imagine a system administrator turned manager talking):

Note: First, make sure that you have Maven 2.0.6 or above installed. You can check this by calling mvn –version from command line. If this doesn’t work for you, read the Maven in 5 Minutes tutorial.

I don’t want to use Maven. I shouldn’t need to install a new product just to use Cocoon – and we’ve only just gotten Cocoon approved. Now I need to get another big package tested and approved? Why can’t you use Apache Ant like everybody else?

Note: Cocoon is not tied to Eclipse IDE by any means. This step only describes what can be done to avoid tedious work of setting up project in Eclipse manually.
If you don’t use Eclipse, you can either skip this step or find a similar procedure to load the block in the IDE of your choice.

That’s good to know. So how do I do it with IntelliJ? How do I do it with NetBeans? How do I do it without any IDE at all? I don’t want to have to install yet another big package that has to get approved.

After creating the block you probably want to run it. For this purpose there is a Maven plugin, that generates a minimal web application that loads your block.

Great. I need Maven just to run the application? Come on. Do I really need to get another big package approved?

Note: The mentioned minimal web application is automatically created, when mvn jetty:run is invoked. This happens because the rcl goal of the Cocoon plugin is bound to the Maven build lifecycle which is invoked too, when the jetty:run goal is executed. See the block’s pom.xml for details.

What’s an rcl goal? What’s a Cocoon plugin? What’s a Maven build lifecycle? What’s a jetty:run goal? Now I’m really confused – and you tell me to “read the source” rather than explaining yourself. And it sounds like I need Jetty, too. Great. Tomcat is on our system, and now I’m supposed to use Jetty? Or am I?

Apache Cocoon is a fantastic product – and I’ll keep using it where it fits in.  However, I do not expect to use 2.2 any time soon (which appears to be the first to require Apache Maven).  The project could use a very strong dose of customer relations.  The only reason other projects win is because they work with what people already have and are easy to use – and Apache Cocoon 2.2 neither works with current tools nor is easy to use.

Implementing Security (and the NSA)

The NSA is, of course, the United States National Security Agency. It’s their job to a) keep the nations computers secure; b) find out how to break everyone else’s (ah, the dichotomy of national intelligence!). Thus, some of the best computer security minds are at the NSA – it was the NSA that brought us SELinux (and still does!).

They also have a vast array of security guides available for download. These include guides on securing Solaris 8 and 9, MacOS X 10.3 and 10.4, Windows 2000, Windows XP, Windows Server 2003, Windows Vista, and more.

Use a security guide next time you secure a box – and not necessarily just one. Do some research. Implement all of the security you can on all of your boxes – even if it is not on the Internet. One day, someone might just crack through – then all of your internal systems will be at risk. Each system should be able to withstand an assault without falling.

SystemTap (and DTrace)

SystemTap is one amazing piece of work – it is a programmer-friendy and admin-friendly interface to KProbes (which are included in the Linux 2.6 kernel).  When you compare its capabilities to what has gone before, it is truly amazing.  Here are some of the things you can do:

  • Quantify disk accesses per disk per process (or per user)
  • Quantify the number of context switches that are a result of time outs
  • List all accesses to a particular file and the process that accessed it

This is only the tip of the iceberg. There is a wiki with more details, including “war stories.”  There is a language reference there as well.

There was an excellent article in Red Hat Magazine, “Instrumenting the Linux Kernel with SystemTap” by William Cohen.

One controversy that came up was that the initial impetus for creating SystemTap was to implement something like Sun’s DTrace for Solaris but under the GNU Public License.  Solaris and DTrace are licensed with Sun’s Common Development and Distribution License (CDDL), which many feel makes DTrace incompatible with the GPL-licensed Linux kernel.

Apparently, the CDDL is also incompatible with the BSD-licensed FreeBSD, as FreeBSD 7.0 will not have DTrace either.  There appears to be some licensing issues.

According to the Wikipedia entry on the CDDL, it was designed to be both GPL-incompatible and BSD-incompatible.  With regard to the GPL, the entry suggests that Sun never clarified why; as to the BSD, Sun did not want Solaris to wind up in proprietary products – which the BSD license allows.

On a brighter note, Eugene Teo was able to get the SystemTap tool to work on the Nokia N800.  The article seems to be behind a wall at LiveJournal; the article is still in Google’s cache.  However, it does requires some amazing convolutions:

  • A kprobes-enabled kernel must be installed on the N800
  • The SystemTap programs (like stap) must be installed on the N800
  • Any traces must be cross-compiled on another host
  • The kernel module thus created must be moved to the N800
  • Once the kernel module is in place, then the trace can be done.

So every desired trace requires precross-compilation on a desktop (sigh)…  Oh, well.

There is even a GUI for SystemTap in the works.

Modding the Asus Eee PC

It seems that people are already busy at work modifying the Asus Eee PC. Over at tnkgrl there are extensive pictures of the internals, and now a new post with detailed instructions on adding a USB Bluetooth adapter to it without losing the USB port.

The Eee PC community is already flourishing, with forums and more at


Get every new post delivered to your Inbox.

Join 43 other followers