Note for IPV6 support for DNS and SMTP

For the ipv6 test, I’ve lost some check. To support all ipv6 services, here I list some note for the configuration.

1. Postfix:

Add inet_protocols = all to For security, adding your ipv6 networks to mynetworks if needed.


Change the listen setting of ipv6 as: listen-on-v6 { ::1; }; in named.conf. And to add a ipv6 reserve zone configuration for your domains.

3. This note will be updated if I try other services successfully.

Add SSL support for ssmtp, imaps, pop3s, https, ftp

OS: Gentoo Linux

Services: WEB(lighttpd), SMTP(postfix), IMAP/POP3(courier-imap), ftp (Proftpd)

1. To generate your own certification file, referenced given by Apache2/SSL Certificates, the steps are similar.

And I am using verification by (because it is free, although limited browser acceptance it). For example, using the command to generate a csr file:

$ openssl req -nodes -new -keyout private.key -out server.csr

and then submit it to CA to get the crt file for your request.

Note: After certification, there will be some files, such as root.crt from cacert, a crt file for your server from cacert. And then merge the key file and the crt file to a pem file by:

$ cat {server crt file} {server key file} > {server pem file}

Till now, we finished the preparation.

2. For lighttpd (https): reference from Howto: Linux Lighttpd SSL (Secure Server Layer) Https Configuration And Installation, the Step #4.

All we need just to add a section for ssl port (443) and setup the cert files. For example:

$SERVER["socket"] == "[::]:443" {
 ssl.engine    = "enable"
 ssl.pemfile   = "{location for server pem file}"   = "{location for cacert crt file}"

3. For Postfix (smtps): reference from Virtual Mailhosting System with Postfix Guide on the Code Listing 6-1. What we need is to setup as for example:

smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes

smtpd_tls_key_file = {location for server key file}
smtpd_tls_cert_file = {location for server crt file}
smtpd_tls_CAfile = {location for cacert crt file}

4. For courier-imap (imaps, pop3s): referenced given by Courier IMAP SSL Server Certificate Installtion and Configuration.

At imapd-ssl and pop3d-ssl configuration file, we need to modify the two strings:

TLS_CERTFILE={location for server pem file}
TLS_TRUSTCERTS={location for cacert crt file}

5. Proftpd (secure ftp): referenced from FTP and SSL/TLS.
To add the settings in configuration file:

TLSEngine on
TLSRSACertificateFile {location for server crt file}
TLSRSACertificateKeyFile {location for server key file}

6. Finally, almost all services are support the SSL protocol. You can verify the settings via openssl’s tool:

$ openssl s_client -connect {server ip}:{server port}

For example: 465 (ssmtp), 993 (imaps), 995 (pop3s). Enjoy it.

Some tricky points when using Google App Engine with Eclipse and pydev

Last semester, my term project is to build a site using Google App Engine. As my work environment are all Linux, my choice of IDE is Eclipse directly. For fast develop and deploy, I list some tricky points I encounter when set up the environment. May this help for the newbie like me.

This article will hide much more install details which let reader self to search because it is easy.

1. Download Eclipse and Google App Engine SDK.

2. Install the Pydev plugin: referenced by Configuring Eclipse on Windows to Use With Google App Engine.

Note: The main plugin site of Pydev is move to .

3. Install the Google plugin: referenced by Using the Google Plugin for Eclipse.

4. New a project: File > New > Pydev > Pydev Google App Engine Project

In Next step: The Grammar version must set as 2.5 to fit the GAE setting.

In Next step: To point to the GAE SDK you download and select all packages by default.

(In Next Step: To set up your app id and template.)

Finish the setting.

5. Construct your application. And next we must set up to run it locally.

6. Run Configurations > Pydev Google App Run

First, new a configuration. In the setting window – Main:

a) Browser which project you want to run

b) IMPORTANT: The Main Module must set as GAE SDK’s

Second, in Arguments window:

a) The program arguments must set as ‘.’ (a dot, which means this directory).

b) The Working directory must set as Other and use the button Workspace to choose this project (to the src directory).

For example: ${workspace_loc:[project_name]/src}.

7. Now, you can run your project locally on port 8080.

Enjoy it.

Make gedit to know Chinese encoded text automatically

The gedit, a text editor default provided by GNOME desktop environments, is set to recognise UTF-8 encode ONLY. To make it known how to open files encoded by another character sets correctly (eg. Chinese Big5, GBK, and so on), a simple step is given for GNOME 2. There are two ways to do it, one is by command line, and the other one is by GUI.

1. By command line – using the gconftool-2 tool:

First to get your current setting by

$ gconftool-2 --get /apps/gedit-2/preferences/encodings/auto_detected

and you will get the result like:


And then to add the wanted character sets, for example, Big 5 and GBK, w/ the command:

$ gconftool-2 --set --type=list --list-type=string /apps/gedit-2/preferences/encodings/auto_detected "[UTF-8,CURRENT,ISO-8859-15,UTF-16,GBK,BIG5-HKSCS]"

2. With GUI editor – gconf-editor:

$ gconf-editor

and then find out the path: /apps/gedit-2/preferences/encodings/auto_detected. The settings will show on the right side, and then you can add the character sets.

History search backward/forward for bash

One way to make the up/down arrow more functional in BASH environment is to assign the history search binding to them. But in my  Gentoo box (w/ long usage for about 2 years), the configuration is just:

$ vim ~/.inputrc

And then add the settings:

"\e[A": history-search-backward
"\e[B": history-search-forward

After re-login, the function works.

But in my new install Ubuntu box (10.04, 10.10, 11.04), it is not work. For some references: bash 記憶指令 For Linux, the solution is to use the HEX code of the keys not he old binding method (maybe for some API changes?). The detail step lists:

1. Find out the HEX code of up/down arrow. With this command:

$ showkey -a

and then keystroke them, you will get the output like:

^[[A      27 0033 0x1b
          91 0133 0x5b
          65 0101 0x41
^[[B      27 0033 0x1b
          91 0133 0x5b
          66 0102 0x42

2. Set up the hex code with bindings:

$ vim ~/.inputrc


Missing gcin (or applet) icons with Unity on Ubuntu 11.04

It is tragedy to upgrade my ubuntu box before it actually release. The new desktop environment – Unity, which was used in netbook Ubuntu version previously makes a new experience but with more missing thing. For example, the notification area icons are blacklisted via some reason (Farewell to the notification area).

The solution to solve it is simple, just settings via some commands, the reference is from How to re-enable notification area applets in Ubuntu 11.04. The commands are:

1. Get your current settings via:

$ gsettings get com.canonical.Unity.Panel systray-whitelist

And the result will like

['JavaEmbeddedFrame', 'Mumble', 'Wine', 'Skype', 'hp-systray']

2. Modify it w/ adding gcin, like:

$ gsettings set com.canonical.Unity.Panel systray-whitelist "['JavaEmbeddedFrame', 'Mumble', 'Wine', 'Skype', 'hp-systray', 'gcin']"

3. Relogin and the tray icon shown. 🙂

P.S if it is no work, retype the command via root, it may help.

Thanks for the people for help in thread on gcin forum.

Strange behavior of tomcat

Today, I work till midnight and waste much time for two stupid bug of Tomcat.

1. My configuration(locale web.xml) of a web service did not be active. That is, no mater what I modify the configuration and reload the application, it still no work.

For a long long long trace (for the correct application code and also tomcat re-installation twice), the problem is due to the file permission.

After I change it from 600 to 644, it works.

2. For servlet which setting correctly response and request charset, and content-type to UTF-8, the GET method for Chinese String is broken.

The final answer to solve it is modify the global web.xml configuration and adding the URIEncoding="UTF-8" into the Connector.

The two bugs wasting much more time for me and they are all stupid which make me cry.