In the previous post I covered the ideas behind tidbit. In this post I will try and cover the technical aspects of the tidbit system. Currently the work is very exploratory, so everything may change.

Tidbit record structure

This is a typical tidbit which was generated using the Rhythmbox plugin:

TIDBIT/0.1; libtidbit/0.1; Rhythmbox Tidbit Plugin v0.1
tidbit_userkey==usePzEg4Cl4g1ASdzpssVHtQ1hJJilS+ryiBWjF...
tidbit_table==audio/track
tidbit_created:=1281479640
tidbit_expires:=1313037240
artist==Arcade Fire
title==Keep The Car Running
album:=Indie/Rock Playlist: May (2007)
genre:=Indie
year:=2007
play_count:=34
rating:=0.8
tidbit_signed:=JyJ1fIwhRL5t3y9CACmshm/UibYVhvInxh7XVx4...

The first line is the header. It states the version of the tidbit followed by the user agent. The rest of the record is composed of key-value pairs. The key has a strict format of lower-case letters and underscore. The value can contain any character above 0x1F, and is terminated by a new line. Other characters must be escaped. The first  four pairs are compulsory and they all contain “tidbit_” at the start to distinguish them from normal data. The userkey is a unique(ish) 1024 bit RSA key the user uses to identify themselves and also serves as the public portion of their signing key. It is base64 encoded and in the text above it is clipped but in reality it is over 100 characters long. Table is compulsory field which designates the subject matter. The created and expires values state when the record was created (must be in the past) and when it will expire. Expired records are no longer valid. These are currently using Unix time, but a more general format will be used in the future. This is followed by a number of values specific to the record type. Finally, the record is completed by a signature which signs the body up to that point (also base64 encoded). The signature is generated using the user key which signs an SHA512 hash of the record (up to that line). There is a hard limit of 2KB per record to prevent abuse.

The separation between the key and the value is either ‘==’ or ‘:=’. These signify if to search for that value, or overwrite the value. When inserting a new record, a search is performed for any records which match all the key/value pairs with the ‘==’ separator. These records are discarded as they are overwritten by the new record. To ensure the correct sequence in cases where an old record is re inserted into the database, the created date is checked. This allows a record to be updated by destroying an older version.

Library

A library (libtidbit) handles most of the complexity of creating tidbits, key handling, communicating with databases and performing queries. Keys are stored in a gnome-keyring. There are also python bindings which make creating plugins simple. Here is partial mock-up of an example use in Rhythmbox:

In this plugin, forming tidbits and passing the out is very easy. Presenting the data is the hard part.

Databases

There are several database backends used in tidbit:

• Memory database is used to cache recently accessed records.
• Fork database is not a real database but rather a connection to two, which fetches records from the local database to minimise long distance transactions.
• D-Bus database is a service which allows several applications to share a single cache, and minimise external accesses.
• HTTP database is the method used for long distance transactions with the global servers.
• Sqlite database allows cached records to be saved between sessions.

The default database supplied for libtidbit access is a caching fork of a memory database and a D-Bus connection. The D-Bus service wakes up automatically to connect the applications to the global servers.

There are just three database commands at the moment:

• Insert to push new tidbits into the system
• Query to ask for tidbit GUIDs which match a query
• Fetch to get the full record from a GUID

The GUID is actually the signature and is unique(ish) to each record.

Example

Lets do a 2 minute into of how to create and post a tidbit for a fictional TV application. The following should be the same in both C and Python (although C requires types).

Step 1: Get a key

key = tidbit_key_get ("mytv", "MyTV v1.2");

Here we supply the name of out application twice. The first should never change so we pick up the same key each time, and the second is used for the user agent.

Step 2: Get a database

database = tidbit_database_default_new ();

This gets the default database on the system.

Step 3: Create the record

record = tidbit_record_new ("television/episode");

This creates a new record we can put data into. The table name is compulsory so we supply it here.

Step 4: Add the data

tidbit_record_add_element (record, "series_name", "Ugly Betty", TIDBIT_RECORD_ELEMENT_TYPE_KEY);
tidbit_record_add_element (record, "episode_name", "The Butterfly Effect (Part 1)", TIDBIT_RECORD_ELEMENT_TYPE_KEY);
tidbit_record_add_element (record, "rating", "0.6", TIDBIT_RECORD_ELEMENT_TYPE_VALUE);

Note the difference between the key and value entries (as the ‘==’ and ‘:=’ before). We may change our rating later, so that is a value, and so overwrite the records which match on the keys.

Step 5: Sign the record

tidbit_record_sign (record, key);

Once a record is signed, it cannot be altered.

Step 6: Insert it into the database

tidbit_database_insert (database, record);

Step 7: Tidy up

tidbit_record_unref (record);

Now we are finished with this record, we free it. By now, the record is happily on its way around the world.

Development

If you have interests in the semantic web/distributed hashtables, you have an idea for an awesome application, you found a fundamental error or you just want to have a bit of a play, then the source is available.

I have always hosted my own @brej.org mail server on my home machine, upon which I have become more and more reliant, over the years. But one thing always worried me a little. I have a dynamic IP address, changes in which are tested for every 5 minutes and the DNS entry is automatically updated (thanks to the guys at afraid.org). So at most there is a five minute window during which I cannot reach my home computer, and neither can my mail. Mail servers have an automatic cooloff and retry system, so if they cannot contact the target system, they will retry a few minutes, hours and eventually days later. This is great because an email simply doesn’t disappear if a server goes down for a while. You can always tell if someone is lying if they say that the email they sent must have got lost (never seen this happen). But what can happen, in my case, is the mail server attempts to connect to some random machine assigned by old IP address. Luckily these rarely run mail-servers themselves so nothing bad usually happens, but never the less there is always a chance and I like to sleep at night knowing it is all fine.

Google Apps

I was a little put off by the thought of someone else running my mail server because I was scared that many of the options I relied on were not going to be there, and secondly, I am always afraid that I will get lazy, stop being able to manage things like mail servers, get a mac and consume my own brain.

I already have a gmail account, but you cannot deliver the mail of an entire domain to gmail account. Instead, you can use Google Apps. These are designed for businesses and organisations, but for individual (and small group) use it is free. You have to control the domain DNS entries. Firstly you have to prove that you have control over the domain, before the setup is allowed to begin. Setting up a single user and selecting all uncaught mail to go to that account was fairly straightforward. Once that is set up, you can flip the switch and point your MX entries to the gmail servers. The site has a guide including images of how to do this with most domain providers, although the images are very blurry (not sure why). Then it is a case of waiting a couple hours while the DNS caches are refilled and your mail starts trickling to the new server. IMAP is fairly easy to set up. There is a folder called [Gmail] that holds the normal set of default folders, so in thunderbird (or any other mail client), you have to set the drafts and sent to point to those. There is no support for nested folders, which is a shame, but the folders themselves are just representations of tags, so it may not make as much sense. The biggest job is setting up the filters.

I have a set of procmail filters which made prioritising very simple. To replicate this in Gmail, it took a few more filters. Most mailing lists make this easy by adding a list name to the headers and gmail recognises these ans suggests the right filter. What I didn’t realise at first is that filters can have reasonably powerful logical expressions, but you have to use the rather generic sounding “has words” filter. There is an implicit AND between the different filters, so using this field is the only way of getting an OR between a subject and a from field e.g. from:(a@foo.org) OR subject:(“[foo]” OR “bar”).

One annoyance is that it matches on whole words (with underscore being a valid letter) and I still haven’t found a method of  matching “CS_Newsletter_2010” but with any number at the end. The second annoyance is the outgoing SMTP “corrects” your from address to be the one of the account you logged in with. This is annoying as I like to send from different addresses, but I guess I can still keep my home sendmail setup for that, or create an account (with a forwarding to the master account) for each outgoing address. (UPDATE) Actually it couldn’t be easier. You have to validate that indeed an email address belongs to you by entering a code sent to it. It works with addresses of other domains too.

Following the success of the Indian night. I am hosting a TexMex party.As the party invitation points out “I have never been to Mexico, but I have been to Texico and I have watched a lot of Speedy Gonzales, so I imagine it is a bit like that”. So apparently one thing people have at Mexican parties is a piñata. I have never seen a piñata in real life so this is completely guess work as to how to make it.

The body is make of papier-mâché. I was hoping to a baloon the exact right shape, but instead I had to go for a large balloon for the body, and a second balloon for the head. I covered the body balloon from all sides but the base, then turned it upside down and placed the smaller balloon on top and started placing more and more paper strips to stick the two baloons together. You really need three hands for this task.

After the first layer, I let it dry in front of a fan for a couple hours before adding the second layer including a beak make of card. There were 3 layers all together. I used the flour water glue mixture, of which the second batch worked a lot better as it was a bit thicker. This is the end of day one, as it then takes about 24 hours to dry completely.

Then it is onto the crate paper. I found the easiest way was to get a full folded roll of the paper, cut it lengthwise into two and add cuts to make the loops. Then draw a line of liquid paper glue and stick the strip to it.

Work from the bottom up, otherwise each strip gets in the way of the last. Also I kept some areas fur free, in the bottom and the face. Here I glued a single layer of black crate paper. For the beak, that needed about three layers to not show the text under it.

At this point, I did the surgery to add fill the penguin and attach the rope. I was worried that the rope would just rip the head apart, so I tied it to a pencil and fed it though a hole in a CD. That distributed the force around a ring in the head. At one point the back caved in a little, but with the weight of the sweets inside, it was possible to push it back out.

Then finally, attach the wings and feet. I punched two holes in the body and the wing/foot and used coloured cable ties. These work very well as you can trim them off.

Add a decorated hitting stick, and there you go, a Tux piñata. I’ll shall see tomorrow if it works.

UPDATE: Pictures and video of the party including Tux.

After months being manufactured, the Utopiums are back! I will explain more about what they are in another post, but for now here are some photos.

Here are the packaged chips (20 of).

They also send you the remaining unpackaged dies. These have an excellent ability of confusing the camera’s auto focus.

The full die is 5mm by 3mm.

And this is what they look like under a microscope. They do get dirty very quickly when exposed to a dusty room.

On the bottom right of the chip logo are the thank-yous. The Tux and the Fedora logo are about 0.5 mm tall (perhaps the smallest ever?). You can see the diffraction grating giving a nice secondary colour.

At different angles, they look very different.

And here is a wise comment left by the one of the Async symposium reviewers.

I am still testing the beast, but it does work. It has executed a number of programs and the wagging slices do become by-passable. The biggest worry was the reset as that is quite complicated, but it seems fine. I will open source the design and the tool set some time next month.

I ordered some USB sticks to give away to the better students to encourage them to contribute to open source software. The idea is that they can run their own installation where they can install development libraries etc. I’ll write more about this in a few weeks when I know how successful this has been.

Installing Fedora on the disks is relatively easy. Nowadays I install computers using a USB drive, by simply DDing the iso directly to the device.

dd if=Fedora-12-i686-Live.iso of=/dev/sdb

The target USB stick will look just like any other hard drive. You just have to make sure you install the bootloader onto the target stick by overriding the BIOS boot order in the grub installation screen.

Once installed, I didn’t want to actually boot the device as I wanted the students to go through the first boot process of setting up a their own user. But I wanted to install some development packages and do a full system update. This can be done by mounting the device, chrooting and running yum commands. The live image has a /mnt/sysimage which is already set up to do something like this by already having /proc and /dev correctly set up.

mount /dev/sdb1 /mnt/sysimage
chroot /mnt/sysimage

The biggest issue with running from USB sticks is that they have no on device cache, thus each fsync command takes absolutely ages. Yum, correctly, makes heavy use of fsync to make sure it leaves the system in a sensible state even if interrupted. To speed things up I tried libeatmydata, which worked surprisingly well. I updated the installation several times faster. LibEatMyData is named thusly because of it’s real ability to screw things up royally, but in this situation if anything went wrong, I could just restart. Maybe some yum devels could mention if this is outright dangerous, or a fairly safe trick if you can guarantee no interruptions.

Of cause at this point I only have one stick installed, and making six this way is out down right boring. So long as the other disks are the same size (or larger), you can clone the disks from one to another. You need a bit of storage space so best to do this from another machine.

dd if=/dev/sdb of=master_image
dd if=master_image if=/dev/sdc
dd if=master_image if=/dev/sdd
dd if=master_image if=/dev/sde
...

Watch out though if you use this method, all the partitions will gain the same UUID, which will confuse the system when more than one is plugged into a single machine.

The postage costs are annoying so I went with play.com, who offer free postage (which is nice). What was ridiculous is that they post each item in a separate box which is way too big. For a tiny piece of plastic, there is a Kingston presentation box, each placed in its own massive cardboard box and posted separately. I hear this is because they have some kind of tax loophole where parcels of value below some threshold are not taxed.

The entire CS department has be refitted with awful Dell machines which have some screwy USB chipsets which allow booting off a memory stick only from the back ports on some manufacturers. I did something really stupid by accidentally mentioning to duty-office that it was possible to boot the departmental machines off a USB device. Now they are now going to go through and disable this feature (Grrr).