Jay Boisseau, TACC Director, and other TACC staff members will visit UT Arlington on Monday, April 25th to meet with members of our research community and staff who may benefit from access to this resource. Jay will present an overview of the TACC resources and services available to us through the UTRC project and a summary of the research projects underway at TACC. We will have a Q&A session for UT Arlington researchers to discuss our current projects, existing computing resources, future needs, and how TACC can possibly be of assistance.

Please join us in the Palo Pinto room, E.H. Hereford University Center, on Monday the 25th of April from 2:00 to 5:00 pm.

2:00 – 2:30 TACC Resources and Services – Jay Boisseau
2:30 – 3:00 TACC R&D Projects – TACC Staff
3:00 – 3:30 UT Arlington HPC Resources and Utilization – OIT Staff
3:30 – 4:00 HPC Research Spotlight – Frank Lu, Luca Massa
4:00 – 4:30 HPC Research Spotlight – Peter Kroll
4:30 – 5:00 Open Discussion, All

OIT will provide light refreshments.

This one–day workshop is intended to introduce life scientists to high performance computing at the Texas Advanced Computing Center (TACC) with a specific emphasis on NextGen Sequence analysis. Attendees will learn how to utilize an array of computational and software resources that TACC offers for Computational Biology. Topics to be covered include large-scale computing, data management, loading and running applications. An introduction to general sequence analysis concepts along with specific, real-world examples will also be provided. A hands-on lab session will give attendees an opportunity to work with TACC systems on NextGen sequence data sets.
The class is intended for biologists and advanced programming skills are not required. However, a working knowledge of Unix is expected.

Please visit the following URL for course registration and additional details: http://www.tacc.utexas.edu/user-services/training/classes/compbio/

Join the staff of TACC for a 90 minute webinar on March 24 to learn about the capabilities of Lonestar. An overview of the system itself will be provided, along with information about how to apply for an account, and information about upcoming in-depth training opportunities. This course is targeted at all researchers in Texas Higher Education or the TeraGrid community interested in learning about TACC resources.

To register for this event, please visit:

http://www.tacc.utexas.edu/user-services/training/classes/lonestar-presentation/

We’ve been using Puppet at UT Arlington for the past several years. I had initially looked into using CFEngine for configuration enforcement and change management, but a good friend of mine turned us on to Puppet. Puppet has really transformed the way my administrators think about setting up and maintaining systems. There’s a lot less direct SSH’ing into a system, messing with a configuration file (and hoping that you’ve edited the same file the same way on every system), and adding/starting/restarting the service that uses that configuration file. There’s also a lot more control in how we do things — and just like that, viola, we have a documented change control process!

In this example, we’ll bind to the LDAP server using an application account (in the cn=applications,dc=uta,dc=edu branch of our directory server) and search the account branch (cn=accounts,dc=uta,dc=edu) for all users (uid=*). We’ll fetch the NetIDs (uid), e-mail addresses (mail), and the common names (cn) for each account.

#!/usr/bin/perl -w

use strict;
use Net::LDAPS;
use Data::Dumper;

my $bind_dn       = 'cn=mavapp,cn=applications,dc=uta,dc=edu';
my $bind_password = 'mavAppPass';
my $ldaps         = Net::LDAPS->new('ldap.cedar.uta.edu');
my $mesg          = $ldaps->bind( $bind_dn, password => $bind_password );

my $result  = $ldaps->search(base => "cn=accounts,dc=uta,dc=edu",
                                            filter => "(uid=*)",
                                            attrs => ['uid','mail','cn'] );

my $entries = $result->as_struct();

# How many entries did we find?
print scalar $entries . " entries returned\n";

# Print them out
foreach my $dn ( keys %{$entries} ) {
   foreach my $attr ( keys %{$entries->{$dn}} ) {
      foreach my $val ( @{$entries->{$dn}->{$attr}} ) {
         print "$attr - $val\n";
      }
   }
   print "\n";
}

This last section could be simplified using the Data::Dumper module as:

print Dumper( $entries );

CONCLUSION

For the reasons stated above, the court concludes that Novell is the owner of the UNIX and UnixWare copyrights. Therefore, SCO’s First Claim for Relief for slander of title and Third Claim for specific performance are dismissed, as are the copyright ownership portions of SCO’s Fifth Claim for Relief for unfair competition and Second Claim for Relief for breach of implied covenant of good faith and fair dealing. The court denies SCO’s cross-motion for summary judgment on its own slander of title, breach of contract, and unfair competition claims, and on Novell’s slander of title claim. Accordingly, Novell’s slander of title claim is still at issue.

The court also concludes that, to the extent that SCO has a copyright to enforce, SCO can simultaneously pursue both a copyright infringement claim and a breach of contract claim based on the non-compete restrictions in the license back of the Licensed Technology under APA and the TLA. The court further concludes that there has not been a change of control that released the non-compete restrictions of the license, and the non-compete restrictions of the license are not void under California law. Accordingly, Novell’s motion for summary judgment on SCO’s non-compete claim in its Second Claim for breach of contract and Fifth Claim for unfair competition is granted to the extent that SCO’s claims require ownership of the UNIX and UnixWare copyrights, and denied in all other regards.

Furthermore, the court concludes, as a matter of law, that the only reasonable interpretation of the term “SVRX License” in the APA is all licenses related to the SVRX products listed in Item VI of Schedule 1.1(a) to the APA. Therefore, Novell is entitled to a declaration of rights under its Fourth Claim for Relief that it was and is entitled, at its sole discretion, to direct SCO to waive its claims against IBM and Sequent, and SCO is obligated to recognize Novell’s waiver of SCO’s claims against IBM and Sequent. Accordingly, Novell’s motion for partial summary judgment on its Fourth Claim for Relief for declaratory judgment is granted, and SCO’s cross-motion for summary judgment on Novell’s Fourth Claim for Relief is denied.

Finally, the court concludes, as a matter of law, that the only reasonable interpretation of all SVRX Licenses includes no temporal restriction of SVRX Licenses existing at the time of the APA. The court further concludes that because a portion of SCO’s 2003 Sun and Microsoft Agreements indisputably licenses SVRX products listed under Item VI of Schedule 1.1(a) to the APA, even if only incidental to a license for UnixWare, SCO is obligated under the APA to account for and pass through to Novell the appropriate portion relating to the license of SVRX products. Because SCO failed to do so, it breached its fiduciary duty to Novell under the APA and is liable for conversion.

The court, however, is precluded from granting a constructive trust with respect to the payments SCO received under the 2003 Sun and Microsoft Agreements because there is a question of fact as to the appropriate amount of SVRX Royalties SCO owes to Novell based on the portion of SVRX products contained in each agreement. Furthermore, because Novell has obtained the information that it would otherwise obtain through an accounting during the course of this litigation, the court denies Novell’s Ninth Claim for Relief for an accounting. However, the court also notes that SCO has a continuing contractual obligation to comply with the accounting and reporting requirements set forth in the APA.

Accordingly, Novell’s Motion for Partial Summary Judgment or Preliminary Injunction [Docket No. 147] is GRANTED IN PART AND DENIED IN PART; SCO’s Cross-Motion for Summary Judgment or Partial Summary Judgment on Novell’s Third, Sixth, Seventh, Eighth and Ninth Counterclaims [Docket No. 180] is GRANTED IN PART AND DENIED IN PART; Novell’s Motion for Partial Summary Judgment on its Fourth Claim [Docket No. 171] is GRANTED; SCO’s Cross-Motion for Partial Summary Judgment on Novell’s Fourth Claim [Docket No. 224] is DENIED; SCO’s Motion for Partial Summary Judgment on its First, Second, and Fifth Claims and Novell’s First Claim [Docket No. 258] is DENIED; Novell’s Motion for Partial Summary Judgment on Copyright Ownership of SCO’s Second Claim for Breach of Contract and Fifth Claim for Unfair Competition [Docket No. 271] is GRANTED; Novell’s Motion for Partial Summary Judgment on SCO’s Non-Compete Claims in its Second and Fifth Claims [Docket No. 273] is GRANTED IN PART AND DENIED IN PART; Novell’s Motion for Summary Judgment on SCO’s First Claim for Slander of Title and Third Claim for Specific Performance [Docket No. 275] is GRANTED; and Novell’s Motion for Summary Judgment on SCO’s First Claim for Slander of Title for Failure to Establish Special Damages [Docket No. 277] is MOOT.

I’ll make my comments after each section of code.

<?php
# specify the location of our directory server and
# attempt to establish a connection (note we're not binding yet)

$ds = ldap_connect("ldaps://ldap.example.edu");

You’ve got to know the location of your directory (LDAP) server and the method that your administrator allows you to connect (ldaps or ldap). I’m using the PHP ldap_connect() function to make the connection. The ldap_connect() function can take a URI for your directory server. It returns an LDAP link identifier on success or FALSE on error.

if ( $ds ) {
   # form the LDAP distinguished name (DN) that we'll bind
   # with from the POST variables $uid and $password

   $uid = $_POST['uid'];
   $password = $_POST['password'];
   $userdn = "uid=$uid,cn=accounts,dc=example,dc=edu";

I’m assuming a couple of things in the preceding code: (1) the page that you’re coding is called from another that passes POST variables, and (2) that the POST variables are called ‘uid’ for the userid and ‘password’ for the password. We’ll form the RDN from the ‘uid’ and the base for our account tree in LDAP. (Note: It wouldn’t make any sense to call this page using GET variables — otherwise your password would have been encoded in the URL. You’ll also want to ensure that your POST variables are defined before you process any of this code.)

   # attept to bind to the directory server

   $result = ldap_bind( $ds, $userdn, $password );

Binding to the directory server is easy using the ldap_bind() function. You reference the link identifier from the ldap_connect() function and the userdn and password variables stored from the POST. ldap_bind() returns TRUE on success or FALSE on failure.

   # search the accounts branch for the entry (uid=$uid) and
   # save the results in an array called $accounts_searchResult

   $accounts_searchResult = ldap_search( $ds, "cn=accounts,dc=example,dc=edu", "uid=$uid" );

The ldap_search() function does the hard work of searching the directory and returning a data structure with your results. There are many options you can pass to ldap_search(), but only three are required — the ldap link identifier from your ldap_connect() function, a search base (where to look), and a filter (what to look for).

   # the elements of the searchResult array are ldap entries. Grab the
   # first entry off the array and examine it

   $entry = ldap_first_entry( $ds, $accounts_searchResult );

The ldap_first_entry() function will return the first entry (go figure) from the data structure returned by our previous call to ldap_search(). The first entry should be the only one we care about since we were searching for a specific user. If you were trying to search for all users, say you were developing a page that displayed a telephone directory, then you’d want to investigate into the ldap_next_entry() function, which would — like it says — fetch the next entry from the result of your search. Both functions return an entry identifier on success and FALSE on error.

   while ( $entry ) {
      # let's find the DN for this specific entry

      $dn = ldap_get_dn( $ds, $entry );

      echo "dn: $dn<br>n";

The very first thing this example prints out is the LDAP DN (distinguished name) of the entry. This is useful, as it is the key into your directory for the username that we searched for. The ldap_get_dn() function returns a string containing the DN of the entry or FALSE on error. Now let’s print out the results of the query. I’m going to use nested HTML unordered lists for the display — if you can’t follow along, just remove the <ul> and <li> tags from your code and it will display the same information (only not as fancy).

      # let's examine all of the attributes associated with this entry

      $attrs = ldap_get_attributes( $ds, $entry );

The ldap_get_attributes() function will return an array of all of our attribute names ( the descriptive name assigned to each piece of information in the entry — like uid, displayname, mail, etc). Next we loop through each of the attributes and display their values. The following bit of code is a bit convoluted and will probably only make sense if you think of the entry as a two-dimensional array.

      echo "<ul>";

      for ( $i = 0; $i < $attrs['count']; $i++ ) {
         # the array $attrs will use the attribute name (a string) as the
         # subscript notation. Ex: $attrs[displayname] = 'john doe'

         echo "<li>$attrs[$i]n";

         # some attributes can be multivalued
         # (ie: affliation can be either student, staff, or both student and staff)
         # the value of the attributes is stored in the second dimension of the
         # $attr array: $arrt['attribute_name'][0 .. N] = ( value0, value1, ... valueN )

         echo "<ul>n";

         for ( $j = 0; $j < $attrs[$attrs[$i]]['count']; $j++ ) {
            # print out all of the attributes
            echo "<li>" . $attrs[$attrs[$i]][$j] . "</li>";
         }

         echo "</ul></li>n";

      }

      echo "</ul>";

Phew, we’re done with that. You did follow it all, didn’t you? In a nutshell, PHP can reference arrays using keys instead of just plain old integers (like some languages do). So you can reference $attrs['displayname'] to return an array of the values associated with ‘displayname’. To actually see the values we index into the second dimension of the array — $attrs['displayname'][$index], where $index is a value between 0 and the number of ‘displayname’s.

      # if there are more entries in the search result, show the next one

      $entry = ldap_next_entry( $ds, $entry );
}

We’ve previously discussed the ldap_next_entry() function. What this line of code does is grab a new $entry before the while() loop repeats itself. As previously discussed, ldap_next_entry() will return FALSE on error meaning that we’ll drop out of the while() loop when we reach the last entry.

   ldap_free_result( $accounts_searchResult );
   ldap_unbind( $ds );
}
?>

We close with some housecleaning functions. The ldap_free_result() function will free up the memory we’d allocated to holding the search result. Note that all result memory will be automatically freed when the script terminates. If your script isn’t ending here, calling ldap_free_result() is a good idea as it will keep runtime memory usage low — and your sysadmin happy. The ldap_unbind() function unbinds from the directory server — and keeps your directory server administrator happy too.

The Last Friday Of July is System Administrator Appreciation Day

Let’s face it, System Administrators get no respect 364 days a year. This is the day that all fellow System Administrators across the globe, will be showered with expensive sports cars and large piles of cash in appreciation of their diligent work. But seriously, we are asking for a nice token gift and some public acknowledgement. It’s the least you could do.

Consider all the daunting tasks and long hours (weekends too.) Let’s be honest, sometimes we don’t know our System Administrators as well as they know us. Remember this is one day to recognize your System Administrator for their workplace contributions and to promote professional excellence. Thank them for all the things they do for you and your business.

Nominate Your IT Hero for SysAdmin of the Year 2007.

Let’s say you have a series of PHP pages in your web site that access your MySQL server. What happens if you need to change the name of your MySQL server? Would you go into each file individually, search for the line (or lines) of code to edit and save the file? This can be tedious, error-prone and time consuming.

The ’sed’ (string editor) command is often used to accomplish this, where sed is passed a file name and a regular expression for the string substitutions. Output from sed is sent to standard output (usually the terminal) which means that you must redirect it to another file and then copy the new file over the original. This effectively changes the original but requires a lot of excess steps. There’s got to be a better way, right? Yes, ‘perl’ can do it in one shot –

SysAdmin Mantra

A good sysadmin is a lazy sysadmin.

Enter ‘Perl Pie’

I forget who first introduced me to the concept of ‘perl -p -i -e’ (or ‘perl -pi -e’). This has become such a mainstay of my practice that I often mention it to people assuming that everyone knows of such things. Basically, ‘Perl Pie’ is a one-line perl program that does inline edits to your file given a regular expression (preserving file ownership and permissions — a topic that I didn’t discuss in the ’sed’ example above). The syntax should look familiar to anyone who’s used ’sed’ or regular expressions.

perl -p -i -e 's/original text string/replacement string' foo

Note: perl uses the same regex syntax as sed, making this an easy concept to remember

But Wait, I’ve got a ton of files to edit

There are numerous ways to accomplish editing multiple files, but they all share some basic principals:

1. Find a list of files matching your change criteria
2. With each file, apply the ‘Perl Pie’

Most GNU/Linux sysadmins are familiar with the Bash shell. Here’s a simple example that changes all of those PHP pages we talked about earlier. This example also involves the ‘find’ and ‘grep’ commands:

$ for filename in $( find . -type f -name '*.php' -exec grep -q '$db=OLDMYSQLSERVER' '{}' ';' -print );
do
   perl -p -i -e 's/$db=OLDMYSQLSERVER/$db=NEWMYSQLSERVER/g' $filename
done