Older blog entries for logic (starting at number 50)

Cuckoo's Egg
Well, I finally got around to sitting down with this book; it's an excellent read so far, although it's not something I could give to a non-technical friend to enjoy. The writing drew me in quickly, mainly because of the focus; that's my job, and it's fun reading about someone else's experiences. The scary thing is that I could actually imagine those old DECwriters chugging out pages of copy, because we had a ton of those monsters lying around while I was at University. The only part I can't really identify with is the compulsive fear the author seemed to have dealing with the NSA, CIA, and assorted other "spooks" (growing up in Canada, I had heard of them, but never had to really consider their implications; the closest thing we had was CSIS, and you never heard much about them...).
I haven't finished the book just yet, but I've enjoyed it thus far. It presents a refreshingly honest look at how intrusion analysis really works, rather than how you'd like it to work, without explaining away or talking around places where he made errors in judgement, and thus enhancing it's value to the reader. I'll have to add it to Canonical Tomes, methinks.
Work
The past two weeks have kept me busy enough to not have to worry about how much things are falling apart around here, but I had it thrust firmly in my face today, resulting in a decision: I am unwilling to continue subjecting myself to the office politics and miscommunication here, and thus will be either working independantly or in another position within a month. Enough is enough; the resume is already making the rounds. If you're looking for UNIX administration talent in the west suburbs of Chicago, or you're an open source-friendly company looking for architecture or development help, I'm available. ;-) (Note of interest: looks like the opensource.org folks finally did a website update.)
docbook
I finally took the time to convert the rblcheck documentation to docbook (4.1) format. The resulting output from docbook2html is far better than I expected; the last time I looked at SGML parsers, the resulting output was disappointing, to say the least. All I need to do is finish merging the last of the scattering of text files I called documentation into the master SGML document, and then build a quick Makefile.am entry for it (anyone have one offhand? yes, I'm lazy).
SuSE
Work-related issues have finally brought me into contact with SuSE 7.0 and 7.1. My experience so far: it feels like Slackware with RPMs (take that however you wish ;-); the distribution directory structure is the first glaring similarity, but some of the things I'm finding scattered around the disk show the signs of someone trying to take Patrick Volkerding's distribution and make it look like Red Hat Linux (again, take that however you wish).
I was singularly unimpressed by their proprietary installer, YaST (a complete inability to deal with FreeBSDs "whole disk" disklabelling scheme was disappointing, especially when anaconda can deal with it just fine), and the lack of complete ISOs anywhere. Finally, a glaring omission: no crypto in the U.S. version (you can download everything you need, but it's a hassle that Red Hat thankfully eliminated with the release of 7.0).
On the upside, their knowledge base is top notch, although most content is targetted for the German reader, and the distribution is quite complete (a whopping seven CDs, or a single DVD) and very usable. I applaud their move to DVD in addition to CD media; if you're in a facility where DVD-ROMs are the norm, it's six less discs to carry around with you (I'm also glad they chose to also distribute CDs, though; DVD-ROMs aren't quite that ubiquitous yet). The internationalization of the distribution seems far more cooked than Red Hat's latest efforts with 7.0 and the Fisher/Wolverine betas; they've obviously had a lot longer to think about doing it right.
This isn't a distribution that is going to be replacing Red Hat or Debian on any of my servers or desktops anytime soon, but it's an interesting distribution to take a look at. However, I'm afraid some of their recent actions with respect to distribution of their media may make this a review of historical significance only.
Personal
Well, it's official: A year later, and I'm moving again. The new place is a two-floor, two-bedroom apartment; plenty of room for a real living room without computer equipment in it, and a tidy home office (now I just need that desk I've been eyeing ;-).
In other news, my girlfriend has given her notice at her employer, and will be taking the next two months to train for her MCSE; as an old UNIX hack, I was skeptical of the value of the training, but after looking through her course material and the books she's picked up, I'm relatively impressed. Everything obviously has a Microsoft spin to it, but with me providing a bit of cross-platform balance, I think she'll come out of it with a solid grasp of the essentials.
After seeing the material, though, I've come to a realization: no amount of training can make someone who is "just doing a job" good at what they do; you really have to love this stuff. Despite what is obviously a good training program, most MCSEs I've worked with have displayed a distinct lack of real understanding of what they were doing, and always seemed to be just "going through the motions", without any real interest in learning more. On the other hand, open source projects around the 'net are filled with people with little formal training but an intense drive to learn through any means they can find. I'll take two or three of the latter over a company full of the former, because I can fill in the blanks with someone who wants to learn. I can't do anything with someone who lacks motivation.

It's been a while...

ClearCase

I can't think of enough bad things to say about Rational's flagship product right now; their Linux port is, to say the least, disappointing. My experiences so far:
  • Binary kernel module, with a source code stub. They're obviously hoping that the binary interface remains stable from kernel version to kernel version. Nope, sorry. The first big thing to hit them was the SMP prefixes change (for good reasons), which you have to back out of any new version you want to use ClearCase with. So far, the newest kernel I've successfully built with has been 2.2.17, and I'm making headway with 2.2.19pre17 (strlen_user is now strnlen_user, with new calling semantics; whee!), but I'm considering calling it a lost cause. Forget about 2.4, that's going to be a porting job for Rational.
  • Beware slocate. When updatedb hit my MVFS-mounted partitions during it's 4:02 AM run, a non-fatal oops kicked off and MVFS wedged until reboot. I'm going to try this with 2.2.16 and see what happens. Certainly not slocate's fault; ksymoops places the blame squarely on the mvfs module.
  • NFS problems. This is both a beef with Rational and with the automounter that ships with Red Hat 6.2 and 7.0. First, NFS exporting of MVFS filesystems seems to be broken (at least, broken when exporting to Linux clients; while I get errors, I can at least mount the export on a Solaris client...imagine that, Linux NFS problems), which is causing our environment some grief. Second, most of the autofs/amd/automounter implementations for Linux don't properly implement the Solaris /net automounting scheme. Luckily, the autofs4 work done by Jeremy Fitzhardinge results in a very fine automounting setup.
I've been fighting with this for a couple of weeks now. This wouldn't be an issue if I just had the damned source for their kernel module, but I can't do a thing with this binary glop. Wherefor art thou, Subversion?
More playing with Harpia
Why is noone using ADODB for database access in PHP? Here we have this standardized means for talking to a data repository, and everyone still insists on mysql_this() and mysql_that(). Bleh. I'm trying to decide if it's worth the effort to port Harpia to use ADODB (if the authors would even accept the patch; once I decide if I'm going to do it, I'll ask them before I expend the effort), or if I should just write something from scratch. Just what the world needs: yet-another-weblog. ;-)
Solaris netbooting
The last patch that Neil provided seems to have done the trick, but I've lacked the time to post to linux-kernel regarding it to see if anyone has ideas on generalizing it so it might eventually make it into a real release. Plus, I still don't have a booting server; I have a feeling that bootparamd isn't passing some critical values to the client, which might also explain the inability to force an rsize value (which should also solve the NFS packet ordering problem, without a rather ugly kernel patch). More investigation is needed.
rblcheck and relaytest
I swear I'll get back to these eventually. I've given era eriksson CVS write access for rblcheck (he has a few ethical issues with relaytest, for which I can't blame him, honestly), and he may be contributing a bit, but my goal is to clean up both and get out the release I've been meaning to get out for a very long time. ;-)
Personal
The past two weeks have been hellish. I'm fighting a head cold that's a month old now, my mother ended up having surgery due to complications with older operations, my girlfriend's father had quadruple-bypass surgery, I'm trying to organize a move to a new apartment again (has it been a year already?) since what is essentially a one-room dorm isn't cutting it for space (hard to run a home office out of your living room), we're trying to save up the money to put my girlfriend through training for her MCSE (you can snicker and laugh right up until you see exactly how much you have to know to pass those exams). and work is gearing up for a new product release (meaning everyone is in emergency mode: "My issue has priority." "No, MY issue has priority."). One of these days, I'll slow down. Maybe.
Solaris installation from Linux
Still going back and forth with Neil Brown on this one. The prevailing thought is that Solaris' inetboot expects the NFS packets to arrive in a specific order. Some initial tries at monkeying with packet ordering didn't result in any change.
Harpia
Finally got a chance to pull this down and take a peek at it. Seems to run well, but I've got quite a bit of looking-over to do first. There's a few too many hard-coded strings, and most of these weblog backends don't really give me that "I've been carefully audited" feeling. But maybe it's just me.
Solaris network booting from a Linux server
Blarg. I've filed a bug report with Red Hat (since I'm technically using their shipping kernel, not a stock kernel, although this appears to be a general problem) and fired a message off to the Linux NFS development mailing list regarding getting the Solaris network install working from a Linux machine. The problem is with the NFS root filesystem that the installing server tries to use; it mounts up fine, but then fails to be able to communicate because of some incompatibility. If I were to throw the NFS root over to a solaris machine, I'd be able to install just fine (with the installation media itself being on the Linux box; only the NFS root needs to be on the Solaris system). How annoying.
Vim:
Time to actually peruse the documentation; I managed to somehow encrypt one of my web pages by accident with "vimcrypt". Not that it was too big of a deal; Google is my (caching) backup device. ;-)
Solaris:
I've almost managed to get one of my Linux boxes serving as a network boot server for my old SS2; hopefully I'll actually get Solaris 7 loaded on that beast this evening. I am now quite ready for the network installation section of the Sun Certified System Administrator exam. Which I really need to finish studying for; I should have picked up that cert (well, the 2.6 version of it, anyway) four years ago, but I've just been too lazy.
Acronymania, Keyworditis:
I've been perusing a few job boards lately, just for fun, and I'm amazed at the copy that the headhunters get away with publishing; they're rivalling the last round of spam I received for grammar and punctuation abuse. But the key feature of all of these is the overuse of cryptic acronyms and industry buzzwords; it doesn't take much to realize that most of those are written by recruiters with absolutely no understanding of the positions they're hiring for. It worries me that these are the gatekeepers for most new entrants to the business; it's akin to the U.S. Patent Office trying to determine the validity of patents on industries they can't possibly know the details of.
Debian:
I'm both flattered and embarassed. rblcheck is in Debian proper (flattered), and I've never added dpkg support to the source tree (embarassed), although a kind soul within the Debian project did so already. So, I'm repenting by teaching myself about building dpkg packages, so that I can feel comfortable merging the work already done into the source tree; hopefully, I'll get around to cranking out an RPM spec file for it as well.
First impressions of the dpkg scheme: this feels almost exactly like RPM, except that everything is broken out into separate files (within a single directory), while RPM conviently (or inconveniently, depending on your point of view) keeps all additions tucked in a single file. In the long run, dpkg is probably more flexible (ie. would seem to handle future extending a little more gracefully), and gives package maintainers a standard place to tuck packaging-specific scripts and data. The documentation for dpkg seems to be a bit better too, but that's only because it seems to be current; RPM has a fine manual for it, but it's so out of date as to be useless.
Fragmentation:
It seems a shame that the community has a tendancy for NIH (not invented here) syndrome; dpkg vs. RPM vs. ports vs. openpackages (etc), QT vs. GTK+, GNOME vs. KDE, Konqueror vs. Galeon vs. Mozilla, GNOME Office vs. OpenOffice vs. KOffice, etc. I've heard others say that the Linux community (using them as a generalization for GPL-using projects) doesn't have the same tendancy towards fragmentation that the BSD crowd have (again, generalizing for projects without viral licensing, using the FreeBSD vs. OpenBSD vs. NetBSD rift as their prime example), but it would seem to me from the prior examples that free software developers, in general, strive for reinvention and shun reuse.
Whether this is bad or not is a judgement call, and one that I haven't made myself yet; on one hand, it has resulted in some fantastic improvements to the existing "state of the art" (NCSA HTTPd vs. Apache, NCSA Mosaic vs. Mozilla, etc), but on the other hand, it has also resulted in replication of effort, often on a massive scale (XFree86 vs. Berlin, for example). It's also resulting in huge community rifts (GNOME vs. KDE, Samba vs. Samba TNG, OpenBSD vs. the world), which pundits could easily use as "representative examples" of our inability to collaborate.
What's my point? I don't really have one. I'm just thinking out loud, and hoping someone else has some thoughts on the subject.
How are you gentlemen !!
I have no idea why I laughed uncontrollably when I saw this (and the original thread that started it). The 'net gets weirder every day...
rblcheck:
Obviously, no release. This weekend was crazy, and didn't afford a lot of time for coding. On the other hand, I finally picked up my very own copy of the new Dragon Book. Whee!
gcj:
I wasn't expecting much when I started playing with this, but I'm actually impressed; it's nice having "just another GCC frontend" for Java. If you're working with this stuff, by the way, the following makes a nice little addition to your GNU make makefiles:
JCC=gcj

% : %.o $(JCC) $(LDFLAGS) --main=$@ $< -o $@ $(LDLIBS)

%.o : %.java $(JCC) -c $(CFLAGS) $(CPPFLAGS) $< -o $@

Caveat: the "--main=$@" option isn't such a good idea, since it really could be anything you want. It works for me, since I follow that convention, but someone better versed in the ways of make may want to adjust that a bit to taste.
rblcheck:
Hopefully, I'll squeeze a release out this weekend, regardless of the "readiness" of it. If I don't get one out, I never will. ;-) I'm expecting the only changes to be documentation updates, besides what's already in the CVS version.

41 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!