It's Sunday, after waking up at Yoshi's place we got straight to work going over the contracts our translator Marie finished during the night. Bloody amazing, she did 10000 words of legal gibberish in 4 days. I was going to outsource some of it, but the rest of the world was at Easter and other companies that I could contact all gave a time frame of more than a week. Not bad for us considering we are not a translation service, I enjoy helping other companies with their globalization plans.
Now she has to do another 20000 in the next 2 days, luckily its pretty much cut and paste, I have faith in her. Now I understand the real meaning of being a good boss, to trust those that are around me.
After the first 10000 was approved and cleaned up Yoshi and our team went for a walk in Asakusabashi to enjoy hanami(花見). It was freezing cold, so we went and had some tempura right next to Kaminarimon.

Hanami, literally means looking at flowers. Specifically it is the appreciation of cherry blossoms. Because the blossoms come and go so quickly it shows us the paradox how the beauty of life is so fleeting. One of the reasons Japanese culture is so grand - life's fragility is celebrated not feared.
After tempura it was just too cold and wet to spend the day outside so we made business plans at Esspressamente in Ginza. After that we all enjoyed a browse at Maruzen book store.

For a finale we ate Chinese, here is a look at the devastation we left behind.

Now its off to home - at long last, I haven't changed my clothes in a few days. I have a little more FujiFilm code to do tonight. Tomorrow I have to get stuck into R&D plans for OLM digital.

Today was maintenance of FujiFilm's corporate intranet - all PHP and Javascript. Typical problems of browsers rendering differently, IE being the worst culprit.
Afterwords I went out with Yoshi (Nexus) we had Monja yaki and crashed over his place. Discussion was about clients who book work and cancel, wasting our time.

After a day of business meetings and the Anime Fair last night I had
RTT over to see what we are doing here at Nexus. Then we had a party
at an all you can eat and drink Korean feast which was also attended
by YellowTwo's Kobayashi san. After the party I had to return to the
office take a nap and prepare for the next days work for FujiFilm.

Yesterday I attended the 2008 Tokyo animation fair. Anyway it was a blast. Lots of cutsie stuff there.
Both yesterday and today are the business days. Saturday and Sunday it is open to the public. Sort of funny hey - cartoon characters everywhere and not a kid in sight. Hey this is serious stuff here, land of the rising fun.
I will be attending today, to see Atsushi Sato and Armin Brunderland ( from Sony Pictures Imageworks) talk. If you are attending mail me if you want to meet up. If you get the chance, you have to check out these booths:
Digital laboratories - R&D, great things you may see in the future developed here in Japan.
Canada - like japan is animation nuts, good software, wander around to see their demos.
Mad House, just a good booth.

Please note that on the public days lots of good business booths will not be there. Pubic days are more oriented to children and otaku, in other words - goods characters etc.

Eventually got through to the people in London, they explained it was Easter. After staying up till morning organizing my Europe team and later organizing people here in Japan - a backup plan. Its now 1830 - time for a shower, then dinner with the boss Ichiro Tanaka, and David Lin from Indyzone, also Sidefx's (Houdini) David Robert and Leyla Tigari. I was going to invite them to one of my favorite Yakitori places in Shibuya. Unfortunately I think the place I planned may have closed down. I did have a standby place marked however that was booked out. Tanaka San knew a better place nearby Kaikaya (開花屋) which was spectacular. The chef was a jolly Japanese man, you can tell he really loves his customers.
The food was amazing, Tanaka San explained that the chef was Iron Chef material. If you ever go there you have to try the cheese tasting prawns - bloody amazing. I mean who cares about calories and cholesterol - flavor is much more important. Belissimo!

I was up all night trying to contact my translator in London, I can translate however legal documents are not in my skill list.
Anyway just realized that he is on Easter break.
Easter, is nonexistent here you see. Ok, ok -new resolution I have to talk to my foreign friends more.
Easter, that's the one with the bunny right? - just joking.

Today I was doing some business for a company that wishes to expand in China, later I had 2 meetings, then I went to OLM Digital to enjoy a talk by Sony Pictures Imageworks Armin Brunderlin. After the talk I chatted about the similar work I have done. Allthough my work is tiny compared to his fantastic research, I gained a ton of confidence, just to learn I had solved some problems similar to he had faced. I also met up with Atsushi Sato from SPI, a great guy who has been out of Japan for 15 years. Sort of like meeting a mirror of myself. I am sure
he will go far over in LA. Afterwords the SPI guys, ATR, OLM Digital R&D team, (including OLM's incredibly hip boss) and I all went out to partake in an Italian feast at Il Pizzaiolo . We all had a little too much wine so the atmosphere was fantastic.
Man I love my job, its great to meet people you respect like today. I suppose I am lucky to have such good friends.
Now I have to go back home, contact the London office and organize some paperwork for another company -its daytime somewhere .

Its official, one of the short films I was working with has been chosen for showing at this years Siggraph. Sorry I cannot mention anymore until the official release day.
I have been in bed with the flu. Great to hear such good news.

Shimamura san and I just had dinner with the head of strategy and contents producer from Capcom/Daletto. They were impressed by what we showed them and we were asked to go around to Capcom in return. Capcom is very close to my office so this is great for them and us. Unfortunately both were suffering due to hay fever as it has just turned spring here.
Hopefully we can get back into games as my last game project with Sony/Enterarks was a hit.

This weekend some business associates from RTT and myself went down to Izu for onsen. The first place we stopped was in Inatori at the shop Tokuzoumaru (徳造丸) for lunch.

After which we got into the Odaru onsen (大滝温泉). I have been doing the Tokuzoumaru/Odaru trip for about the last 15 years, however I have been too busy in the last 6 years to go. Aji is wonderful in the Izu area and Tokuzoumaru has always been my favorite. Odaru onsen, is one of the best onsens in Japan for first time onsen goers. Unfortunately compared to a few years prior some things have changed for the worse. The water is not hot enough - hot, but not typical onsen style hot. Also unbelievably the onsen closes at 5pm (7pm in winter) also they have made swimsuits mandatory. However for a first timer this is a good choice mainly because the best things have not changed, the spectacular waterfall view, and the vast array of onsen types - doukotsuburo, goemonburo, rotemburo.

We later ate some local fare in Shimoda, then retired to a cottage nearby. By morning we were up and ready to go, unfortunately Eric had to leave early. Our first stop was Sawada koen rotemburo (沢田公園露天風呂),
luckily this place had not changed a single bit - water temperature, view, skinship or cost. One with with nature appreciating the fantastic view we all had a great time. We then went north west along the coast up to a small fishing village Arari where we found a new fish restaraunt Yokoda (よこ田). Externally this place looked like any locals store. The inside was clean and had a wonderful array of living sea critters just waiting to be eaten. I had the shop specialty (よこ田定食) a dish of the finest still kicking sashimi.
This place is definitely going on my top list, the price and freshness beating Tokuzoumaru. Then heading north up the coast, dropped into a fish market and after
headed home in total awe of the spectacular views of Mount Fuji from Todatokai and Hedako.
One cannot explain the immense beauty of this mountain. Without fail every time I experience Mount Fuji - Fujimi, Skyline, today's viewpoint, or even at a different time of day - a different character is shown. Our German guest Anton was awestruck and we both agreed that if your residence had such a view television was not needed.

It was great to return back to Izu after such a long time, some things change and some don't. These onsens I used to frequent monthly when I was in my mid twenties, and looking at the face of our guest I remember why.

I was in OLM today we were contemplating some new ways of handling the new object oriented shaders in Pixars Renderman 13.5. and how to interact with ODE, Bullet physics or even better Cuda. Cuda is good however it's not a dynamics engine, it's truly a black box.
After that I went back to the office to contemplate a Cuda<>prman13.5.
Later at 7.30 I had a party with my co-workers from my last company, Monolith. One of the directors there Akira Ayabe is leaving to have for a more serene life in Miyakojima. I was happy and sad at the same time, he is going to have a good time there, however he is one of the reasons I have stayed here. A truly good Japanese director, I hope I can still work with in the future.
See you later Ayabe.
Please don't forget me.

I spent another day at home, but I was logged in to the office all
day. So I was virtually there at least. Feeling heaps better, I think
I kicked that cold before it took hold of me. I have a new project
coming up codename "China" and I cannot afford to be sick. Medicine was the tree view which is great from my home.

Got up a little late this morning, can't seem to get a good sleep
lately. I think I am coming down with a cold just as winter ends too!
Cannot wait for cherry blossom time, that's my favorite time in Japan.
Anyway today I will order a new machine for cuda development, so not
such a stressful day.
Usually, I only get to go home a few nights a week, staying at a
capsule hotel or having a sento and staying back at the office.
However because I want to kick this coming cold I went home via
sardine can early - see attached pic. Oh and that is not the busiest
it gets. The worst is when once or twice a week someone decides he/she
cant hack the stress, and jumps under a train. Then the train is delayed, so the thousands are backed up on the platform waiting for the staff to clean up the mess.

Today I worked from home. I had spent all weekend doing work and with clients. Sometimes its nice to work away from the bustle of Shinjuku.

Eyedentify Matsuki with Indyzone's Tanaka san and David who just came over from San Hose came out to Nexus on Saturday. We later went out to our favorite restaurant Muran(ムラン). Here they grill pork on huge crystal slabs. Really great stuff. David and Myself with Shimamura went out partying till 10am !! - Well we wanted him to have a good time out - with the champions.

This is the ugly truth on getting Nfsv4 to work with kerberos
The following should also work with Nfs v3 however there is a bug with the rpc.gssd implementation on the Linux I use. Basically the problem is when building kerberos rpc.gssd it assumes you are using Nfsv4 I have filed a bug report here:
http://bugs.gentoo.org/show_bug.cgi?id=212160
# in the following kerberos setup replace YOUR.REALM with your
# kerberos realm name
# replace clientname.domainname.local with your linux client fqdn
# replace osxclientname.domainname.local with your osx client fqdn
# replace servername with your server name
# replace username with the user you use across the network


Step1. on the linux client and server:
USE="kerberos -nonfsv4" emerge -av =net-fs/nfs-utils-1.1.0-r1

Step2. on osx and linux client and server:
#download k5start http://www.eyrie.org/~eagle/software/kstart/
# and build kstart this will install in /usr/local/bin/
# eg:
cd /var/tmp
wget http://archives.eyrie.org/software/kerberos/kstart-3.10.tar.gz
tar -xzvf kstart-3.10.tar.gz && cd kstart-3.10
./configure && make && make install

Step3a. The linux server
create a /etc/krb5.conf for your realm (see docs)
mine looks like:

# /etc/krb5.conf start by Bernard Edlington,
# copyright 2008 Nexus International LLC
[libdefaults]

default_realm = YOUR.REALM
kdc_timesync = 1
forwardable = true
proxiable = true

[logging]

kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/krb5adm.log
default = FILE:/var/log/krb5lib.log

[kdc]

profile = /etc/kdc.conf

[realms]

YOUR.REALM = {

kdc = servername.domainname.local
admin_server = servername.domainname.local
default_domain = domainname.local

}
[domain_realm]

.domainname.local = YOUR.REALM
domainname.local = YOUR.REALM

[login]

krb4_convert = false
krb4_get_tickets = false

# /etc/krb5.conf end by Bernard Edlington,
# copyright 2008 Nexus International LLC

# check that /etc/gssapi_mech.conf file exists
# do the following if nonexistatnt
sudo echo "/usr/lib/libgssapi_krb5.so mechglue_internal_krb5_init" \

>> /etc/gssapi_mech.conf

sudo echo "*/admin@YOUR.REALM *" >>/var/lib/krb5kdc/kadm5.acl
sudo kdb5_util create -r YOUR.REALM -s
sudo kadmin.local
addprinc nexus/admin
addprinc -randkey kiprop/servername.domainname.local
addprinc -randkey changepw/servername.domainname.local
addprinc -randkey nfs/servername.domainname.local
ktadd -k /etc/krb5.keytab kadmin/servername.domainname.local
ktadd -k /etc/krb5.keytab changepw/servername.domainname.local
ktadd -k /etc/krb5.keytab kiprop/servername.domainname.local
ktadd -k /etc/krb5.keytab nfs/servername.domainname.local
# start em up gentoo style
sudo /etc/init.d/mit-krb5k start
sudo /etc/init.d/mit-krb5kadmind start
sudo /etc/init.d/rpc.gssd start
# add it to the default runlevels gentoo style
sudo rc-update add mit-krb5kdc default
sudo rc-update add mit-krb5kadmind default
sudo rc-update add rpc.gssd default

Step3b Nfsv4 on the Linux server
# see the great howto http://gentoo-wiki.com/HOWTO_Nfsv4

Step4a kerberos linux client - host based
# this is good for a startup implementation
#scp /etc/gssapi_mech.conf and krb.conf from the server
sudo kadmin -p nexus/admin
addprinc -randkey host/clientname.domainname.local@YOUR.REALM
ktadd -k /etc/krb5.keytab host/clientname.domainname.local
# start em up gentoo style
rc-update add rpc.gssd default
# add it to the default runlevels gentoo style
/etc/init.d/rpc.gssd start

Step4b Nfsv4 linux client - host based quick mount
sudo mount -t nfs4 -o sec=krb5 servername:/bar /mnt/tmp1/

Step4c Nfsv4 linux client - host based long term mount
sudo KRB5CCNAME="FILE:/tmp/service.tkt" \

/usr/local/bin/k5start -b -k /tmp/service.tkt \
-f /etc/krb5.keytab -K 10 -l 10h host/clientname.domainname.local \
`sh -c 'mount -t nfs4 -o sec=krb5 servername:/bar /mnt/tmp1/'`

Step5a kerberos linux client - user based
# this is good for a paranoid user who only wants tickets when logged in.
#scp /etc/gssapi_mech.conf and krb.conf from the server
sudo kadmin -p nexus/admin
addprinc username
addprinc -randkey nfs/clientname.domainname.local
ktadd -k /etc/krb5.keytab nfs/clientname.domainname.local
# start em up gentoo style
sudo rc-update add rpc.gssd default
# add it to the default runlevels gentoo style
sudo /etc/init.d/rpc.gssd start

Step5b Nfsv4 linux client - user based
kinit
mount -t nfs4 -o sec=krb5 servername:/foo /mnt/tmp2/

Step6a Kerberos OSX client inital setup
# on osx client
# download Rick Macklem's brilliant Nfsv4 creation
# from http://snowhite.cis.uoguelph.ca/Nfsv4/
# eg:
# wget ftp://ftp.cis.uoguelph.ca/pub/Nfsv4/darwin-port/leopard-client.tar.gz
# tar -xzvf leopard-client.tar.gz && cd leopard-client
# view the readme there, everything is explained crystal clear.
# next scp krb.conf from the server
# I copy it to its default location which should be /etc/ (Are you listening APPLE?)
# then I Delete the Apple default location: rm /Library/Preferences/edu.mit.kerberos
# then ln -s /etc/krb.conf /Library/Preferences/edu.mit.kerberos
# one large problem I had is that the command domain name does not return the fqdn
# to fix this place the ip address then the fqdn then the hostname in that order as
# the first entry in /etc/hosts then reboot.
# eg.
# 192.168.7.1 foobar.local.home foobar
# 127.0.0.1

# START OF RANT
# I like Apple however there is a reason why we have default paths and that is
# so an admin from another os can easily admin.
# Do this too many times Apple and we wont want to admin your boxes
# Better still have links to the native paths like I do.
# END OF RANT

Step6b Kerberos & Nfsv4 OSX client - user based
kadmin -p nexus/admin
addprinc username
kinit
mount -t newnfs -o -4,-T,-Skrb5 servername:/foo /mnt/tmp/

Step6a Kerberos & Nfsv4 OSX client - host based
sudo kadmin -p nexus/admin
addprinc -randkey host/osxclientname.domainname.local
ktadd -k /etc/krb5.keytab host/osxclientname.domainname.local
# the following will refresh the ticket every 10 hours it is a pity Apple's gssd
# implementation is not up to scratch though because this would be best as a
# startup item, that way the machine could farm out processes using nfs to
# users on the lan and be secure at the same time.
sudo /usr/local/bin/k5start -f /etc/krb5.keytab -K 10 -l 10h \

host/osxclientname.domainname.local sh -c 'mount -t newnfs \
-o -4,-T,-Skrb5 servername:/bar /mnt/tmp/'

I didn't blog for the last few days as I have been flat out in business meetings. That and trying to secure nfs at my workplace. Nfs, is good but is a security nightmare. Anyway I ended up building a kerberos system here which works well however......
As is the usual problem I have to link Windows with Linux and with OSX.
I am sure you know where this is going.
Windows has only one true commercial nfs client from hummingbird, this borked on my XP x64.
Linux no problem , I built and modified the lot from source.
OSX well, it has kerberos with nfsv3 and there is a great nfsv4 version from Rick Macklem http://snowhite.cis.uoguelph.ca/nfsv4/ however the problem lies with Apples gssd implementation. To put a long story short you must log in to get a ticket. So this leaves my dream of having deamons using kerberized nfs in the background gone.
here is our discussion on the OpenBSD-NFSv4 mailing list:

On Thu, 6 Mar 2008, Bernard Edlington wrote:

> Great!!, works well on my leopard (10.5.2)
> However the apple gssd implementation seems to only allow mounts after
> login (due to the caching system)
> I was trying to get nfsv4 mounts pre-login.
> Yes I have tried tickets with k5start, and self built kinit.
> The problem seems to be with mount_newnfs and gssd will never look at
> a File based cache.
> Have you had any luck with pre mounting nfsv4 on apple?
>
With Kerberos, I'm afraid not and I don't think it's possible. As you
note, the Apple gssd (and the entire Apple Kerberos subsystem, I believe)
uses an in-memory credentials cache that seems only accessible from
processes within the login session. (I don't know if it done via the POSIX
process session or some mechanism on the Mach side, but I haven't been
able to get daemons to access it, even when the upcall specifies the uid
of the user currently logged in with a valid TGT.)

I actually use static nfsv4 mounts in my Mac lab, but they only use
AUTH_SYS. I ended up writing a cheezey little daemon fired up by launchd
to get the mounts done. (You are welcome to that, but it's useless for
Kerberos mounts.)

You might try filing a bug report with Apple and see what they say, since
I'm pretty sure their Kerberized NFSv3 mounts work the same way (use the
same gssd).

rick
ps: I hope you didn't mind me adding the mailing list as a cc, since I
thought others might find the info useful.

In this post I will show you how to build a RHEL4 glibc/gcc system compatible with a source based Linux like Gentoo.
The problem facing many large companies creating software for Linux is that there is a vast array of distro's out there -which one do we create for ?
The usual answer is whatever is the most popular, for example Redhat. Don't get me wrong, my first Linux install was a Redhat install way back in 1998. At that time people were leaving the sinking SGI boat in droves for NT. I would rather die than be tied to a dos prompt all day, so at the time I took up Linux as an alternative to Irix.
Till now I have tried most Linux variants however I like to build my own using either Linux from scratch or Gentoo why? Because Redhat and other binary based builds are good until you need some slight adjustments.
Let me give you an example, a while back I had to install a rpm on a Fedora box for a client, problem was that the rpm was not built with the appropriate Japanese language libraries. Ok so I have to get another lib rpm right? Wrong, I was in rpm hell going back and forth between
binary and source rpms to get what was a fairly simple request. With Gentoo ( or any source based self built Linux ) everything is built from source on your box. A kit car guys Linux. Dont like the muffler? no problem - don`t build it sort of Linux.
I have never had a problem running graphics packages like XSI, Maya or Renderman on Gentoo, hey I ran them on Opensolaris back in 2005 which was a really good trick - they ran at native Linux speeds too!
Using binaries from a third party can be a little tricky, the real problem arises when developing for them. The rule of thumb is to use the same distro the creator used when making the binaries in question. Why?
In order of importance these should be preferably be the same version and be built with the same parameters, libraries etc, in order of importance.

• glibc
• gcc
• linked libraries
• kernel (sometimes)

So as you can understand the easiest way is to install the same distro as the binary maker - I don't take the easy route.
Please note there also three other ways:

1. to also have secondary glibc's, but I will save that confusion for another post.
2. to have chroots for each development in question, again I will save that confusion for another post.
3. dual boot.
   

The setup
The machine is a 64 bit chip (intel core2 duo laptop)
64bit Linux for Pixar's Renderman Pro 13.5x server comes as following combinations:

gcc 3.3.3 - glibc 2.3.x
RHEL 4.0-64 (gcc 3.4.3, glibc 2.3.x)
RHEL 4.0-64 (gcc 4.0.2, glibc 2.3.4)
FC5-64 (gcc 4.1.0, glibc 2.4)

64bit Linux Maya 2008 comes as following single built binary:

RHEL WS 4.0 update 5(gcc 4.1.2, glibc 2.3.4-2.36)

So the best option (out of a very bad selection) we have is to have a system glibc build of 2.3.4 built with gcc 3.4.3 with an additional gcc 4.1.2 for Maya . Why build with 2.3.4 and not 2.3.6 because it is hard if not impossible to downgrade a glibc. Upgrades are trivial.

# This first step is unnessesary unless you want to have all data
# encrypted. No data at my company is unencrypted - company
# policy
# replace sda? With your partition
env-update && source /etc/profile && export PS1="(chroot) $PS1" && \
emerge app-shells/bash && \
yes -5 | etc-update && \
emerge -vO1 libperl && \
emerge -vO1 gdbm && \
emerge -vO1 perl && \
emerge -v1 autoconf && \
emerge -vO1 findutils && \
emerge binutils-config && \
emerge =binutils-2.16.1-r3 && \
env-update && source /etc/profile && export PS1="(chroot) $PS1" && \
binutils-config --amd64 --x86 1 && \
env-update && source /etc/profile && export PS1="(chroot) $PS1" && \
emerge -v1 gcc-config && \
emerge -vO1 sys-libs/zlib gettext sys-apps/texinfo bison gcc && \
gcc-config 1 && \
binutils-config --amd64 --x86 1 && \
env-update && source /etc/profile && export PS1="(chroot) $PS1" && \
emerge -vO =python-2.3.6-r3 && \
emerge -vO python && \
emerge -vO portage && \
yes -5|etc-update
chmod 644 /etc/resolv.conf
emerge -vO1 sys-apps/baselayout && \
yes -5|etc-update
env-update && source /etc/profile && export PS1="(chroot) $PS1" && \
bash /usr/portage/scripts/bootstrap.sh && \
emerge gcc && emerge -ve system && emerge -ve system && USE=symlink emerge tuxonice-sources
#cp /usr/src/linux/be* /mnt/gentoo/usr/src/linux/
#cp /usr/src/linux/.config /mnt/gentoo/usr/src/linux/
cd /usr/src/linux/ && ./be_make.sh && \
emerge fcron logrotate metalog dhcp acpid ntp sysfsutils udev jfsutils vim rcs \
gentoolkit xorg-x11 tmpreaper nfs-utils davfs2
emerge pbbuttonsd kde-meta kde-i18n netplug \
scim-anthy scim-qtimm kasumi scim-input-pad scim tomoe tcsh
# FROM SOURCE MACHINE RUN
#cp -rf ~/.ssh /mnt/gentoo/root/
#for x in dispatch-conf.conf fstab ; do cp -ai /mnt/gentoo/etc/$x /mnt/gentoo/etc/.$x.orig && cp /etc/$x /mnt/gentoo/etc/$x ; done
#base="etc/init.d";for x in "PixarLicenseServer" "alfmaitred" alfserver be_pixarbak pixard; do cp -a /$base/$x /mnt/gentoo/$base/$x ; done
#base="etc/conf.d";for x in "PixarLicenseServer" "alfmaitred" alfserver be_pixarbak pixard pixar; do cp -a /$base/$x /mnt/gentoo/$base/$x ; done
#base="etc/ssh";for x in "ssh_config" "sshd_config"; do cp -ai /mnt/gentoo/$base/$x /mnt/gentoo/$base/.$x.orig && cp /$base/$x /mnt/gentoo/$base/$x ; done
#base="etc/conf.d";for x in ntp-client net clock hostname ; do cp -ai /mnt/gentoo/$base/$x /mnt/gentoo/$base/.$x.orig && cp -a /$base/$x /mnt/gentoo/$base/$x ; done
#base="etc/modules.d";for x in alsa g_file_storage ipaq ; do cp /$base/$x /mnt/gentoo/$base/$x ; done
# cp /mnt/gentoo/etc/modules.autoload.d/kernel-2.6 /mnt/gentoo/etc/modules.autoload.d/.kernel-2.6.orig && cp /etc/modules.autoload.d/kernel-2.6 /mnt/gentoo/etc/modules.autoload.d/
#update-modules
#cp -a /backing_file /mnt/gentoo
#cp -a /etc/X11/xorg.conf /mnt/gentoo/etc/X11/
for x in PixarLicenseServer acpid alfmaitred dbus fcron hald metalog ntp-client pixard portmap sshd vmware xdm;do rc-update add $x default;done
emerge mozilla-firefox nspluginwrapper acroread netscape-flash adobesvg xdm sudo
emerge -ve world
emerge -ve world
#emerge =gcc-4.0.2-r3 =gcc-4.1.2 =gcc-4.1.0-r1
emerge =gcc-4.0.2-r3 =gcc-4.1.2 sys-fs/sshfs-fuse
#upgrade to gcc-4.1.2
#gcc-config 7
groupadd -g 777 blocal
useradd -d /home/blocal -g blocal -G winusers,winadmins,guest3,guest2,guest1,leonard,yoshi,hisako,roseatte,pixar,vmware,plugdev,cron,fcron,users,video,tape,dialout,cdrom,audio,uucp,floppy,disk -s /bin/bash -u 1000 blocal

for x in \
winuser:winusers:`head -c 10 /dev/random | base64 |sed 's/[^a-zA-Z0-9]//g'`:8880:8881 \
pixar:pixar:`head -c 10 /dev/random | base64 |sed 's/[^a-zA-Z0-9]//g'`:7771:7771 \
bglobal:bglobal:`head -c 10 /dev/random | base64 |sed 's/[^a-zA-Z0-9]//g'`:8001:8001 \
roseatte:roseatte:`head -c 10 /dev/random | base64 |sed 's/[^a-zA-Z0-9]//g'`:8002:8002 \
hisako:hisako:`head -c 10 /dev/random | base64 |sed 's/[^a-zA-Z0-9]//g'`:8003:8003 \
yoshi:yoshi:`head -c 10 /dev/random | base64 |sed 's/[^a-zA-Z0-9]//g'`:8004:8004 \
leonard:leonard:`head -c 10 /dev/random | base64 |sed 's/[^a-zA-Z0-9]//g'`:8005:8005 \
guest1:guest1:`head -c 10 /dev/random | base64 |sed 's/[^a-zA-Z0-9]//g'`:8006:8006 \
guest2:guest2:`head -c 10 /dev/random | base64 |sed 's/[^a-zA-Z0-9]//g'`:8007:8007 \
guest3:guest3:`head -c 10 /dev/random | base64 |sed 's/[^a-zA-Z0-9]//g'`:8008:8008 \
winadmin:winadmins:`head -c 10 /dev/random | base64 |sed 's/[^a-zA-Z0-9]//g'`:8879:8880
do
echo $x|awk -F: '{ print "groupadd -g "$5" "$2 \
" && useradd -d /home/"$1" -g "$2" -p " $3 " -s /bin/bash -u "$4" "$1 \
" && mkdir -m 750 /home/"$1" && chown "$1":"$2" /home/"$1\
" && usermod -a -G winusers "$1}'
#echo $x|awk -F: '{ print "userdel "$1" ; groupdel "$2" ; rmdir /home/"$1}'
done

passwd root
passwd blocal
mkdir /mnt/oldroot
echo "/dev/mapper/oldroot /mnt/oldroot jfs noatime 1 0" >> /etc/fstab
env-update && source /etc/profile && export PS1="(chroot) $PS1"

Today I attended the Open source conference Japan again, there was noticeably more people compared to yesterday. There were better sessions too. I met William Baxter (OLM research) there. He was there for the D programming BOF. I couldn't attend the D BOF that as I am really interested how others have been applying Ruby. Later in the day there was a great Opensolaris meeting.