Older blog entries for lkcl (starting at number 353)

i had an interesting idea: to modify rsync to combine encryption into it, using CBC-mode block ciphers instead of md4 checksumming.

what you would do is, every <blocksize> bytes, perform a single encrypt of a sequential number (or a pre-seeded pseudo-random number generator) and that one block becomes your checksum.

you _would_ need to store those checksums on the server (and the checksums should be stored on the server _anyway_ to save processing power!)

The Plan is, ultimately, to safely and efficiently perform secure backups.

i wish rsync already had a VFS layer, i really do.

7 Feb 2007 (updated 8 Feb 2007 at 12:28 UTC) »



i'm going to collect these:

From: exim-users-bounces@exim.org
To: lkcl@lkcl.net
X-BeenThere: exim-users@exim.org
X-List-Administrivia: yes
Subject: You have been unsubscribed from the Exim-users
mailing list

here's the message that i received which prompted this:

X-SA-Exim-Mail-From: graeme
X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00
Subject: Re: [exim] local_user section with check_local_user
removed (as advised
X-SA-Exim-Version: 4.2 (built Thu, 03 Mar 2005 10:44:12 +0100)
X-SA-Exim-Scanned: Yes (on lkcl.net)

OK, gloves off.

On 01/02/2007 16:06, Luke Kenneth Casson Leighton wrote: >i will endeavour to track down the scope of this problem a bit >further, because i have just tried this: > >HELO localhost >MAIL FROM:<> >RCPT TO:llllllllllllltotallyfakeaddress@localhost > >and _that_ was accepted (!)

In that case, YOUR copy of Exim is not checking against YOUR copy of Cyrus - or anyhting else, in fact - to see if the local_part is valid.

>it's the fact that the mail gets accepted - without even being >checked against the cyrus mailbox, and THEN it gets attempted >to be delivered by LMTP, that bothers me. is that... just... >too much to ask?

No. But then you haven't given us your ACL details, you haven't described the files your Cyrus installation is using, you... well, obviously you haven't done much apart from follow, blindly, recommendations you found somewhere (in HOWTOs, but are they official ones?) and they *don't do what you want them to*

>and this issue smells veeerrry slightly, to me, like a bug or >limitation in exim4 itself, with a limitation in the config file >format (of not being able to specify empty users, for sure).

Incorrect. It is a misconfiguration in YOUR Exim config.


and, this was my reply, after several days, and some quite intense debugging one night that had to involve examining the exim 4.64 source code _and_ taking the risk of compiling and installing a modified version on a live server:


heya folks,

i've been thinking carefully about how to reply to this message, composing a reply over several days.

here's how i expected this conversation, over several emails and days, to go:


"hello, i'm an experienced free software developer and i consider myself to be a reasonably experienced linux admin and i've found a problem that is beyond my level of experience and it might be a bug and i need help in working it out"

you (exim developers):

"greetings, and thank you for contacting us: we're a bit busy but we'll try to get to the bottom of this as well you're probably not correct but we could also be wrong, so we'll see. firstly, just to check: have you tried [description cut] and could you also send your configuration or put it online somewhere. btw, with the greatest of respect: as an experienced free software developer you should know already to do these things to save us time, slapped wrist to you. in the mean-time, your issue smells like this one which we already discussed to death [timescales cut] and here are some references [urls to archives or even better to wiki pages supplied] and it would help enormously if you could read and review those as it will save us a hell of a lot of time which we don't have a lot of".


"oops, sorry, yes i really should know by now: i'll try to make life easier for you and save time. here's the config [url cut]. yes i tried X / no i didn't try Y [delete as appropriate]. thank you for the references, i read them and yes it's the same issue / no i don't believe it is the same, and this and this and this is why [delete as appropriate]".

we go round this loop a few times, resolving what the issue is, or at least trying to resolve it, and each of us gets to learn something, and, ultimately, hopefully, the quality of the code and/or documentation that comes out of it gets improved, and everyone is happy that they learned something.

AT NO FUCKING TIME are the words "ok, gloves off" anticipated to be heard in those discussions, the ones in my head.

graeme - as an experienced developer, you should know better.

if someone describes to you something that quite obviously demonstrates that they haven't got a clue [like i did when i didn't know what <> was], but they appear to be quite articulate and also quite intelligent, then next time why don't you consider telling them "look, dude, you're completely in the wrong ball-park, and you're likely to take up quite a lot of our time if we explain it to you in detail. please trust me when i say that your issue is probably this this or this, and please investigate it by trying that, that or that, and come back to us and let us know".

telling me that my issue is a problem with someone else's default configuration is FUCK ALL use to man nor beast.


i did some code-walking in exim 4.64 and to me it would appear that there is a problem with 550 codes being ignored by the code that uses src/transport/lmtp.c - but (and i know why and i agree with the design) i haven't yet found the point where the exec()s call out from, as it's a bit complicated to follow (and the code comments are extremely useful and well-written but it's _still_ a bit hard to follow as it's unfamiliar code to me).

here's the thing: i've already made my decision not to pursue this.

instead, i'm just going to put in a little bit of exim config and leave it at that. if that exim config makes messages from <> bounce with a reject message saying 'sorry, <> messages not accepted, please send manually to postmaster@lkcl.net' then so be it. it solves my immediate problem.

so, your 'ok gloves off' stupid outburst has _lost_ you someone who could have helped you solve a problem. helped you to help others. which is the whole point of writing free software.

_don't_ do that again. not to anybody. no matter _what_ you may have heard about them.

now, here's the thing. this is _another_ example of developers who can't deal with intelligent but inexperienced users of their software, who _want_ to help, _want_ to get things resolved.

and yes, i know that i'm a complete pain, and i go totally off on the wrong tangent making the wrong conclusions and treading on toes along the way - but who doesn't???

here's the bit about this that makes me particularly sad: i love exim, and it's a great mailer, and i consider it to be a hell of a lot easier to work with than the alternatives: with exim, i can achieve more (extremely complex things) in a very short amount of time.

the goal of the developers (all free software developers) should be to think of ways to accelerate the development of free software to reach and help the maximum number of people that they can.

this is a _classic_ example of how not to go about doing exactly that. the developer, in this case, graeme, was extremely sarcastic, extremely nasty, extremely unhelful, rude, curt and generally demonstrated, without saying so (which would actually have been much better) that he really didn't want to waste his time even communicating with me.

and yes, i know i'm a pain. but somebody has to be a pain. otherwise there's no way to know when the pain stops, is there?

this is _way_ cool code, and i wrote it :)

def add_d2(*args): """ cool function for making dictionaries of dictionaries ad infinitum.

1st arg: top-level dictionary of .... of .... of ... of dictionaries [... keyname for dictionary of dictionaries of dictionaries ...] [... keyname for dictionary of dictionaries ...] [... keyname for last dictionary ...] final arg: value to be stored. """

dict_list = [args[0]] key_names = list(args[1:-1]) val = args[-1]

for keyname in key_names[:-1]: dict_list.append(dict_list[-1].setdefault(keyname, {})) dict_list[-1][key_names[-1]] = val

you use it like this:

    d = {}
    add_d2(d, keyname1, keyname2, asmanykeynamesasyouwant, val)

and then you can do this:

    print d[keyname1][keyname2][asmanykeysasyouwant]

and it will return val.

i've been using a two-dimensional dictionary-of-dictionaries-of-values for quite some time in some of the code i've been working on, and when i needed a third dimension i went RRRRIGHT, that's it, i'm writing a multi-dimensional dictionary-storing-thing.

it even works for 1-dimensional dictionary things (duh, so why bother?? just do d[x] = y but yes, if you have a function which does multidimensional storage then it's useful not to have to special-case 1 dimension)

y'know... _just_ sometimes, a simple bit of code can be... really cool :)

5 Feb 2007 (updated 5 Feb 2007 at 21:21 UTC) »

i'm just doing the first backup of my laptop - ever. dating back to nearly 1999, when i was working for linuxcare i got given the 10gb hard drive from the laptop i was using at the time and i continuously transferred the data from that drive to the next machine, every, what... 18 months or so.

now, i am using rsync to do backups of a 60gb drive, which i haven't fully partitioned yet, and there are 1.3 MILLION files on it.

gahhd _damnnn_.

ncm: i'll take that orinoco card off your hands. seriously!

luke: spam...

ok, the stop-windows-from-being-able-to-be-installed problem is a variant on this:


basically, the XP install cd doesn't understand the partition layout that linux fdisk can end up creating. so, that's 512 bytes which can, if put into a virus payload, wipe out windows, wholesale.

3 Feb 2007 (updated 3 Feb 2007 at 15:36 UTC) »


i've just discovered a way to terminate any possibility for windows xp to be installed on computers.

the implications are staggering. a small LVM partition scheme of only 512 bytes in size, when overwritten by a virus to a hard drive's boot sector, would be sufficient to wipe out a large proportion of the world's internet-enabled computers.

i absolutely love it.

oh dear god, it's not limited to HP machines. i've tried on a dell optiplex, too. and i've tried both XP home and XP pro install disks.

30 Jan 2007 (updated 30 Jan 2007 at 15:01 UTC) »

badger, perhaps you are in a unique position to explain this one to me.

why is it that fedora is reinventing all of the infrastructure that has been available in varying degrees in debian for ... what... fifteen years, now, and ubuntu for a couple of years?

and how the bloody hell did anyone either cope or expect to get anywhere _before_ such infrastructure existed?

on a different note: i installed a fedora core 6 system last week, and i am extremely glad that the person whom it was destined for was happy to take over, as the process of locating and installing the appropriate software, with yum, was a complete fuckup.

the kernel version installed was incorrectly detected by FC6 (it's a P4 2.6ghz system and the version of the kernel installed was 586 or something which didn't even have p4-clockmod or cpufreq _in_ it).

search words on yum search are ORed not ANDed, which made locating cpu freq / power management utilities and the a working kernel _really_ difficult to track down.

yum itself takes forever to show anything.

the display output is shit as it contains no summary (apt-cache search + apt-cache show: there's no obvious equivalent, all i could find was yum search)

i had to pipe the output from yum to a file and then go through it manually.

then when i actually located a kernel, i installed 2.6.19 thinking that would work, then discovered that there was a 2.6.18 kernel that would _actually_ work, and got some bitch-stupid complaint about not being able to downgrade!

what the fuck has a kernel got to do with an operating system??

i should be able to put any number of kernels on WITHOUT complaint or molly-coddling from some stupid tool.

the whole exercise was a genuine waste of time, and i spent several hours earning a grand total of about 15 GBP profit. i would be better off signing on for unemployment benefit.

p.s. who the bloody hell thought that xml would provide a good database index for yum?

y'know, it's weird. i do so much with computers - messing about with them, getting them sorted for people to use. the contrast between what they require and what i can do is so stark, that, when i am done configuring a machine, i feel kinda...


it's very strange: i just don't know what to do.

it just emphasises, in-your-face, that computers really are, at present, just a tool.

Advogato seems to have quite a lot of power with google :) this is a good thing, i believe, but with that power comes responsibility, on our part, to make sure that the information linked to is actually important - so for god's sake don't abuse it.

my link Toshiba Satellite Pro A100 which is a report on installing debian on one of these machines is on the first page of the search words - very amusing.

The only things that outrank it are article reviews (trustedreviews.com ha ha) and people quite likely to be paying some money to google for advertising the sale of their A100 laptops (kelkoo, laptopsdirect, etc. etc.) but hey whether they are or aren't, i find it amusing to be near the top of the list.

the same thing happened for the Acer 5044WLMi, which, as a less popular machine, ends up as the top hit ha ha.

344 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!