Monday, March 14, 2011

Use right alt as Windows key in Debian Squeeze

My Thinkpad has no Windows key, so I was using a startup file with xmodmap commands to map my right alt to the Windows key (Super_L).

That worked great until I updated Debian to Squeeze. Then it would only work if I ran it manually after Gnome came up. I tried several startup scripts with different names including .gnomerc, but my settings just wouldn't stick.

So I decided it must be getting overridden by a later step, probably a step where it checks gnome-keyboard-properties settings and calls setxkbmap, so that resets anything you tried to do in a start-up script.

There is an option in gnome-keyboard-properties for "Left Alt is swapped with Left Win". That causes it to run setxkbmap -option altwin:swap_lalt_lwin I believe. That would work perfectly for me, except I want to map the right alt, not the left alt.

So finally, here is what I came up with (probably not the right solution, but it works). I edited all the files in /usr/share/X11/xkb/rules/ with swap_lalt_lwin in them and added a similar line/section called swap_ralt_lwin. Similarly I edited /usr/share/X11/xkb/symbols/altwin and added a section at the bottom for swap_ralt_lwin that works similar to the swap_lalt_lwin section.

Wednesday, February 9, 2011

Debian Lenny to Squeeze on Thinkpad T42

The good:
  • Faster bootup.
  • Very fast switching between X and a VT.
  • Firefox 3.5 is much faster than 3.0.
  • Most Thinkpad extra keys now work great out of the box.
  • Cool desktop backgrounds.
The bad:
  • X11 looked funny. Turns out no themes were installed. Had to install gnome-themes.
  • Got a bunch of warnings from udev on bootup, coming from z60_xserver-xorg-input-wacom.rules, so I purged xserver-xorg-input-wacom.
  • The ACPI hotkey events changed names, so some hooks I had set up in /etc/acpi/events stopped working until I updated the names.
  • EmulateWheel setting in xorg.conf no longer works. xinput works. I installed gpointing-device-settings, which is a very convenient solution.
  • Alt_R keycode is now 108 instead of 113.
The ugly:
  • X wouldn't start. Turns out it was because gdm wasn't installed. Why did gdm get removed during upgrade? Maybe it wanted to replace it with gdm3? But it didn't install gdm3.

Tuesday, January 4, 2011

Samba - How to ignore trusted domains completely

For reasons similar to those mentioned here by Dmitry Butskoy, I needed to make winbind exclude trusted domains. But like he said, "allow trusted domains = no" doesn't seem to affect winbind in this context.

So I built winbindd from source, commenting out the call to rescan_trusted_domains() as Dmitry mentioned here, and it works exactly how I want now!

Looking at the latest version of Samba, 3.5.6, it appears to still not apply that setting in this context. I think rescan_trusted_domains() ought to check lp_allow_trusted_domains() and return if it is false.

If anyone on the Samba team is reading this, I hope you will consider making that change. Hmm, maybe I should submit a patch...

Monday, January 3, 2011

Windows 7 source address selection and unique local addresses

I set up IPv6 on my Linux router, and everything works great, except my Windows 7 box cannot connect to ipv6.google.com, because it uses my unique-local address (ULA) instead of my 6to4 address as the source. Since ULAs are not globally routable, why would Windows even consider using it when connecting to a public address?

The same problem is described here, and the workaround of modifying the prefix policy table does fix it for me, but I too feel it is a hacked/broken solution. (It is however, definitely the correct fix for making Windows prefer IPv6 over IPv4 when connecting to dual stack hosts.)

A "better" workaround I think would be to add a prefix policy of fc00::/7 with its own label and a lower priority. I think that would make it prefer my 6to4 address. Unfortunately, when I run
netsh interface ipv6 add prefixpolicy fc00::/7 4 6
it doesn't add it right :( It shows up as just ::/7, which is the same problem as described here.

So although I believe Windows is using the correct policy table as per RFC 3484, I think it is a bug for Windows to use a ULA as the source when connecting to a public address, and I think it is a bug that it will not let me add a prefix policy for fc00::/7.

Thoughts?

Update (2018-Nov):

Interestingly, in Sep 2012 (about 2 years after this blog post), RFC 6724 came out (replaces RFC 3484), and it does include a policy for fc00::/7 with its own label.  Since current versions of Windows use the policy table defined in RFC 6724, this bug no longer exists.

Wow, I must be prophetic! :)