The purpose of techslaves.org is to unite technical people with the intention of providing a community to share ideas, experiences and questions. We also provide an avenue for online publication of member articles, files, pictures, etc. although we must admit that this part of the site is certainly the least active in terms of updated content.
The name techslaves.org is a bit deceiving if taken on face value; However, the inspiration that coined this term reflects how we sometimes allow ourselves to become slaves to things we love, and in this case, technology. We at techslaves.org love tech and technology. We love computing, we love theories, we love information and we love to learn. That's why techslaves.org exists. That said, we aren't bitches to tech. We complain about our work systems, our home systems and all other kinds of technology. Us techslaves have enslaved ourselves by technology because of it's absolutely fascinating aspects, not the ones that bring us down. The name also contains humor value. When you work in tech, you can often feel like a slave to it. How many times has a pressing technical issue torn you away from something else that is productive and enjoyable? The term not only reflects our love and joy for technology but mocks how our love of technology and because we choose to be involved with it in both our personal and professional lives, sometimes (often times?) we end up being owned by the systems we manage/program. techslaves.org is a place where us slaves of technology can indulge in the fact that we absolutely love tech and love to play minion to it.

Join Us

Join! We're always looking for new blood to make this place more interesting. To join, simply register a new account and you're all set. Registration is fast and easy. Once you've registered you can start posting on the forum and submitting articles (long, short, whatever) right away. Help make this place a better place, join us!

Contact

Need to contact us? It's simple. Either register an account on the forum or email us. Email: cense .@. techslaves .dot. com Web: Forum

It is my pleasure to announce the latest version of the iSight Disabler, version 3.5. This new version adds support for disabling your iSight under Mac OS X 10.6 Snow Leopard. The script remains nearly identical to version 3 of the AppleScript, adding only another file to which the permissions are changed.

It seems that part of the backend updates to Snow Leopard adds another new VDC driver for the USB iSight beside the old Tiger-based QuickTime one and the Leopard VDC driver! Three files are now targeted under Snow Leopard. Because of the new driver not existing previous to Snow Leopard, the script checks your OS X version to see if you're on > 10.5 and only then tries to modify permissions on the 10.6 exclusive driver, saving the user from an error message.

Now, keep in mind I have NOT tested this on Tiger. By all means, it should work as it still disables both the old Tiger and Leopard drivers as well.

For more information about the iSight Disabler, see the the article for version 2.5.

Download

You can download version 3.5 of the iSight Disabler here or by visiting the Downloads section of techslaves via the menu on the left side of the page. Alternatively, you can cut and paste the following block of code into Script Editor and save it:

-- Intel Mac iSight Disabler
-- Tested on OS X 10.6.2
-- Tested on 1st generation MacBook
-- Version 3.5
--
-- Credit to fdoc from techslaves.org forum for Snow Leopard fix
--
-- All this does is change permission on the iSight driver files. From normal 'a+r' and 'u+rx' when enabled to 'a-rwx' when disabled.
--
-- cense@techslaves.org

tell application "Finder"
   set os_version to version
end tell

display dialog "Intel Mac iSight Disabler
brought to you by techslaves.org.

Version 3.5
Support for Snow Leopard

You need to restart applications which use the iSight driver(s) after applying these settings." buttons {"Enable iSight", "Disable iSight"} with icon stop

set userChoice to button returned of result

set iSightDrivers to "/System/Library/QuickTime/QuickTimeUSBVDCDigitizer.component/Contents/MacOS/QuickTimeUSBVDCDigitizer /System/Library/PrivateFrameworks/CoreMediaIOServicesPrivate.framework/Versions/A/Resources/VDC.plugin/Contents/MacOS/VDC "

if os_version ≥ 10.6 then
   set iSightDrivers to iSightDrivers & "/System/Library/PrivateFrameworks/CoreMediaIOServices.framework/Versions/A/Resources/VDC.plugin/Contents/MacOS/VDC"
end if

if userChoice = "Enable iSight" then
   do shell script "/bin/chmod a+r " & iSightDrivers & "; /bin/chmod u+rx " & iSightDrivers with administrator privileges
else if userChoice = "Disable iSight" then
   do shell script "/bin/chmod a-rwx " & iSightDrivers with administrator privileges
end if

Well folks, I'm officially ITIL V3 Foundation Certified. Otherwise known as business jargon for IT certified.

I was happy to take the gracious opportunity offered to me to sit in on the four-day course for someone who was unable to attend. My understanding was that the program cost was about $3000/head so despite the fact that I will jokingly mock ITIL as business jargon for IT, I do appreciate the opportunity and the fact that someone forked out $3000 so that I could be trained and be able to add a little alphabet soup after my name on my business cards (if I actually had business cards, that is).

That said, it's hard to see a useful purpose behind ITIL training or certification for me. While it's "good to know" kind of stuff for working in the corporate IT world, I don't work in the corporate IT world. My one-man-shop is a difficult place to apply the principles, functions and processes of ITIL. If anything, it will help me understand the processes of IT departments that I have to work with a little better and allow me to not be left behind from current big IT shop practices should I ever have the need or desire to go there.

I should be receiving my official certificate and lapel pin soon. I'll be certain to proudly wear it around work so that everyone can appreciate how bad ass my business jargon deciphering skills are.

Just recently, I discovered that IBM decided to quietly switch their UPS vendor from APC to Eaton (Powerware). We needed to replace a dead IBM UPS 3000 XHV (SmartUPS-3000) and so I ordered a new IBM UPS, the UPS 3000 HV (Eaton 5125). Upon receiving the UPS, I noticed that the battery and power module were rather different. So I boot up the UPS and start configuring the web management card and it hits me... this isn't an APC UPS, it's an Eaton! ARG! Why?!? WHY?!?


This won't have a large functional difference but it pisses me off none-the-less. I've been using Network UPS Tools (NUT) with our APC UPS devices over USB and now I come to realize that this Eaton UPS doesn't support USB, or rather it doesn't come with a USB cable although the documentation says it does. Now to integrate this Eaton UPS with NUT I need to use SNMP since the Eaton only comes with a serial cable, which is useless to me for monitoring purposes. I guess I get to find out how NUT's SNMP support is now.

This silent switch with a minor model change/update just rubs me the wrong way. I'm not so happy with the management of this UPS either...

UPDATE: Got the Powerware 5125 working with NUT via SNMP... seems good so far.

For the sake of posterity, here is my /etc/ups/ups.conf for the 5125 to work with NUT:


This of course assume you've already properly configured the 5125 with a DNS name or IP address and properly enabled SNMP, allowing your NUT client to connect

UPDATE 2: The Powerware is starting to grow in my a little. It looks like it packs more juice than the same 2U unit from APC: 45% load and 12 minutes run time compared to an APC with 48% load and 8 minute run time. As long as I ignore the web management interface and stick to NUT via SNMP, I actually kind of like this UPS.

Despite the incredible irony of moving back to mainframe-style computing with modern thin clients and terminal servers, there is a certain attractiveness to running thin clients vs. desktops in environments where users do not require hardcore local computing power, especially in terms of graphics.

Why Go Thin?

The attractiveness largely comes down to management of independent desktop systems + centralized resources vs. thin clients + terminal server. However, there is another attractive feature of going thin: It can be really cheap! I understand that enterprise operations do not have this kind of "cheap" very high on their list of requirements when it comes to connecting users to network resources but I'll ignore that fact for the sake of those who may in fact see benefit from a cheap solution. Besides, even large enterprises that are married to Tier-1 vendors are looking for manageability (which could likely would be why a lot of people turn to the Tier-1s) and this provides manageability!

Cheap, Cheap

So how does one build terminal services and a thin client architecture on the cheap? It starts with recycling aging desktop systems that no longer have the computing power required to run full blown local OS installations and software. Re-using these otherwise near-end-of-life systems is a trade up, though. Unless you still have active service contracts for these systems, the support costs for bad hardware could drag you down... unless you got spares ready to go. If you do still have active support contracts, all the better. In our environment all the thin clients are PII-era white-box machines without any service contracts. When something dies, I yank it out and install a new one. If a system dies altogether and we don't have replacement parts, the system is decommissioned. We haven't run out of thin clients yet, but it will eventually happen. At that point, we will be forced to review our thin client strategy and make a decision on which way to move forwards. I'll briefly discuss that at the end of the article.

LTSP

The core of our Linux-based thin client environment is LTSP (Linux Terminal Server Project). LTSP provides a means of managing thin client configurations centrally. It should be noted that my experience with managing LTSP ends at version 4.x. I have not yet played around with or implemented LTSP 5.

LTSP provides your thin client systems with a boot image (usually via the network) and once booted, the thin client will pull down it's configuration from the LTSP server. A "nice" LTSP-based thin client environment has a few requirements:

• PXE boot capable thin clients
• DHCP server
• TFTP server

The DHCP and TFTP can and often do all reside on the same physical or virtual system but that's obviously not required. You'll also want to have several other basic network services like DNS, NTP and what not but I assume your network already has such services up and running already.

I won't go over the LTSP installation as the project already has much better documentation that I could hope to produce on the subject. No purpose in duplicating the effort for a poor result! Chances are however that your modern distribution includes LTSP, you just might have to give it a "yum install" or "apt-get install" to pull it down from the repositories and get it installed.

I Know the Pieces Fit!

All these pieces fit together and here's how.

First the DHCP and TFTP servers must be configured to boot your thin clients from the network and provide the boot image your systems will require. For the DHCP server, I used ISC dhcpd and the configuration for networking booting thin clients looks something like this:


The most LTSP-relevant parts of this configuration are the "next-server", "filename", "root-path" and "font-servers" part of the main configuration and of course the correct MAC address ("hardware ethernet") and IP address ("fixed-address") assignments for each thin client. Of course, you don't have to use fixed addresses for your thin clients, you can just as easily use a pool. I find it useful to maintain a fixed IP on each client however so I always know which client is which by network address instead of just by MAC.

In the example above, "next-server" refers to the address of the TFTP server that hosts your LTSP boot images, "filename" refers to the relative path to the LTSP boot image that your thin clients will be using, "root-path" refers to the root of your LTSP installation (on the server) so the thin client knows were to look for required configurations and files. The "root-path" is shared from the terminal server using NFS in our case and "font-servers" should be fairly self-explanatory if you know a little bit about X11 server architecture.

TFTP is relatively simple. Most TFTP servers are managed via xinetd so I'll provide an example for that case. Here's an approximation of the "/etc/xinetd.d/tftpd" configuration in use in our environment:


The only really different/relevant parts of this configuration are the "server_args" and "disable" options. The "server_args" can be used to define the TFTP server's root directory with the "-s /path" option.  The "disable" option must be set to "no" and the xinetd server HUP'ed (or restarted) for the TFTP to start and accept connections.

Everything In A Neat Little Package

Once you have DHCP and TFTP setup, you should be able to boot PXE clients. After they've booted, your thin clients will be instructed to run sessions in virtual terminals as per the main LTSP node configuration. If your users are instructed in the use of virtual terminals, this can have several advantages. Say you don't only have a Linux terminal server, you also have a Windows terminal server or ever several terminal servers. In this case, you can have your "client" (local X server) for the Linux server in the 1st vt and the windows terminal server client (running inside another X display) in vt2, etc. You also have the option of using XDMCP so users are presented with a choice of which terminal server to connect to, this can be your vt3 or the only option you present, it has the same flexibility as any other vt. The caveat for this is that XDMCP does not work with RDP, only X11 so you're left with one terminal, vt1 with your XDMCP provided X11 server choice dialog and vt2 with your Windows terminal server.

At this point you only really need to tweak a single system, the Linux terminal server, to change your users environment. They want the latest Gnome or KDE do they? Upgrade the server, upgrade everything. That's nice. Same goes for security patching, you just update the one system instead of X number of desktops. If you wanted to update your thin client boot images, you could do that as well. A script called "ltsp-build-client" is provided that automates the build process.

Well that was cool. Not really sure where to go from here with this now that I've said I won't talk about LTSP configuration. Hmmm. Posting it anyways.