27 November 2010

Using JPA with Spring

SL-370 module 1 shows an example of using JPA with Java SE.
If you want to use Spring with JPA, the java code is just like in Java EE. Here's how the configuration files for Spring look for an example similar to the Java SE example:


<?xml version="1.0" encoding="UTF-8"?>
<persistence version="2.0"
 <persistence-unit name="StockPU" transaction-type="RESOURCE_LOCAL">
  <property name="javax.persistence.jdbc.user" value="public"/>
  <property name="javax.persistence.jdbc.password" value="public"/>
  <property name="javax.persistence.jdbc.url" 
  <property name="javax.persistence.jdbc.driver" 
  <property name="eclipselink.ddl-generation" value="drop-and-create-tables"/>
  <property name="eclipselink.logging.level" value="SEVERE"/>
Spring XML configuration snippet(e.g. in application-config.xml):
<bean id="entityManagerFactory" 
 <property name="persistenceUnitName" value="StockPU" />
<bean name="transactionManager" 
 <property name="entityManagerFactory" ref="entityManagerFactory" />

<tx:annotation-driven />

IPFilter Components / Solaris 10

 For  Solaris 10 8/7 (u4) and higher:

  • Commands
    • svcadm: enable/disable ipfilter
    • ipf: manage rulebase
      • -Fa: flush (remove) all rules
      • -f file: load rules from file
    • ipnat: manage Network Access Translation rules
      • -F: flush (remove) all rules
      • -f file: load rules from file
    • ipfstat: show statistics
      • -io: show active rulebase
  • Daemons
    • ipmon: monitor logging device
      • -D: daemon mode
      • -s: log to syslog local0 facility
  • Files
    • /dev/ipl: device from which you can read log entries
  • Kernel module
    • ipf
  • Links

21 November 2010

Windows 7: Subsystem for Unix-based applications (SUA)

Yesterday I was trying to telnet from my new Windows 7 PC and... telnet was not there anymore. I had to go to "Control panel>Programs and Features>Turn Windows features on or off" to activate it.
While being in turn features on/off there was some other interesting stuff:

  • NFS client (!)
  • Subsystem for Unix-based applications
Subsystem for Unix-based applications (SUA) is the new name for Windows Services for UNIX (SFU),which in its turn is an evolution of the Interix system that Microsoft acquired. It is a set of utilities that make Windows POSIX compliant and eligible for tenders that require POSIX. Compliance is a very different goal then features and usability, so don't expect too much. The option is only present on Ultimate/Enterprise editions (Vista or later).

After rebooting  I could go to All Programs > Subsystem for Unix-based applications and... download utilities for Subsystem for Unix-based applications. That's right, it just enables the possibility to run POSIX programs, but Unix utilities themselves were not bundled, not even a shell.

Going to the download page you get these choices:
  1. Utilities and SDK for UNIX-based Applications_AMD64.exe
    • use for 64 bit Windows on Intel or AMD x86 processors
  2. Utilities and SDK for UNIX-based Applications_IA64.exe 
    • Use for Intel itanium
  3. Utilities and SDK for UNIX-based Applications_X86.exe
    •  use for 32bit Windows on Intel or AMD x86 processors
Take special care, to download the AMD64 file for Intel 64bit x86 architecture. Microsoft supposes unix heads know that AMD did not follow Intel on the 64bit Itanium path and made a 64 bit x86 (pentium) architecture version. Afterwards Intel followed the AMD strategy and started producing 64bit x86 processors as well.

When installing, choose custom installation if you want to include GNU stuff.  When installation is done, Windows prompts for another reboot.

Your system is by default installed with a root directory mapped to c:\Windows\SUA. You can now start a shell from the SUA menu. You can also run commands from windows by passing them as arguments  to c:\Windows\posix.exe. From a SUA shell you can access your windows drives from /dev/fs (e.g. /dev/fs/C is your C  drive).

20 November 2010

Solaris Bookmarks (updated)




Solaris 11 express released

Oracle has made the first release of Solaris 11 Express available for download. The final release will be somewhere next year. It is the first major Solaris release under the governance of Oracle. You can download the OS for free (and for testing). Take care: the default download is a text based installer, scroll down to get a GUI based installer.

New feature digest:

  • Image Packaging System (IPS)
    • A new software package system
    • Repositories (depot servers) providing packages over the network
      • mirrors
      • can assist in network install (Automated Installer)
    • Automatic updates
    • legacy solaris packages (pkg) supported
  • Distribution constructor builds an OS image from a manifest (descriptor file). Images can be
    • directly installed on client
    • ISO image
    • VM image
  • Boot environments: streamlined Live Upgrade using ZFS snapshots
  • ZFS
    • ZFS boot/root environment
    • deduplication: detect duplicate data and store single copy
    • encrypted datasets
  • security
    • root is a role now
    • labeling extensions
      • apply labels to IPSec
      • apply labels to ZFS datasets
      • require an extra password to access a labeled resource
  • bash is the default user shell, ksh the default system shell
  • optional graphical boot screen
  • CUPS printing service is the default printing service
    • printer discovery
  • Open Sound System API support (Boomer)
  • Linux removable media management replaces the volume manager (vold)
  • Command assistant: full text search tool to get information on Solaris commands
  • git is bundled (distributed version control system for development)
  • Networking enhancements

Solaris 11 networking enhancements

As of Solaris 11 Express 2010.11 these enhancements are included:

  • Network automagic (NWAM): dynamically configure fixed or wireless network depending on discovery and profiles
    Network automagic
  • sockets no longer use STREAMS
  • Solaris can work as a (L2) bridge (IETF TRILL)
  • unified handling of different types of network interfaces (project Clearview)
    • dladm extended (project Brussels)
    • virtual interfaces, IP tunnels and IPMP can now be accessed as generic IP interfaces. They can now be sniffed (e.g. lo0, traffic between zones...) , asssigned as an exlusive stack to a zone...
  • use virtual network interfaces (VNIC), virtual switches (etherstubs) and virtual routers, bridges and servers (zones) to siumulate an entire network on a single system (project Crossbow)
    • zones can exclusivly own an IP stack without a dedicated physical interface (NIC)
  • Link protection: limit ability of NIC to send spoofed packets
  • VRRP  (Virtual Router Redundancy protocol)
Earlier Solaris 10 networking enhancements.

7 November 2010

3 November 2010

Solaris 10 networking enhancements by release overview (updated)

Overview of most important changes for networking in solaris 10 releases.
3/5 (base)

  • specify source IP by (virtual) interface. Example:
    # ifconfig eri0 usesrc vni0
    The virtual IP vni interface is not associated with any physical hardware and is thus immune to hardware failures. If vni0 has address assigned to it, the system will prefer as the source address for any packets originated by local connections that are sent through eri0.
  • RIPv2, BGP, and OSPF through GNU Zebra (adapted for Solaris)
  • /usr/lib/mail -> /etc/mail/cf
  • routeadm command
  • rdisc wrapped into in.routed
  • use ifconfig to configure ipforwarding for individual interfaces
  • IP quality of service (IPQoS)
  • WAN boot installation
  • SSH 3.5p1 (adapted for Solaris)
  • Stream Control Transmission Protocol (SCTP)
1/6 (u1)

  • SMTP over TLS
  • source address filtering on multicast traffic
  • dladm command for data link (layer 2) configuration, link aggregation (ethernet trunk)
  • IGMPv3 and MLDv2 (IPv6) routing support
6/6 (u2)
  • IPFilter for IPv6
11/6 (u3)
  • Mandatory Access Control (from Trusted Solaris) for networking and other functions
  • Set secure by default network profile during installation
8/7 (u4)
  • SMF based routing services (svcadm in addition to routeadm)
  • merge /etc/inet/ipnodes (for IPv6) into /etc/inet/hosts
  • GNU Quagga routing suite replaces GNU Zebra
  • Key Management Framework for PKI
  • encryption kit included + MD4, MD5, SHA1, and SHA2
  • exclusive access to physical network interfaces by non-global zones
  • DHCPv6 client
  • IPFilter firewall enhancements
    • pfil driver/daemon removed (replaced by packet filter hooks)
    • IPv6 support
    • loopback interface support
5/9 (u7)
  • SHA2 512bit, Diffie-Hellman 4096 bit
10/9 (u8)
  • NTP 4.1.2
9/10 (u9)
  • The client queue runner is now a separate daemon (svc:/network/smtp:sendmail-client). It used to be part of sendmail  (svc:/network/smtp:sendmail).
  • The net_access privilege has been added to the basic privilege set. Denying this privilege, cuts network access.