Older blog entries for mascot (starting at number 36)

19 Mar 2003 (updated 19 Mar 2003 at 00:17 UTC) »

God I'm scared. I'm just rebooting my server (in Germany; no physical access) with an untested patched kernel to fix the ptrace vulnerability :-$

Do I trust Alan Cox's patch not to clash with my existing multitude of patches...? Only time will tell.

--EDIT--------------8<--------------EDIT--

PHEW! It came back up fine. Now just to see whether it's stable.

I'm now responsible for a RedHat-based dedicated server hosted in Germany, which I'm managing on behalf of a friend. I've got to be very careful to avoid killing networking (nothing worse than the realisation that you've just broken SSHD and you can't now log in and fix it!). So far it's survived, although there were a couple of hairy moments with iptables. (It's also survived a deluge of traffic when another friend (aes)'s screenshot, also hosted on that server, got posted on the front page of GnomeDesktop.org... I never realised that site was so popular!)

Discovered many stupidities in Ensim Webppliance - shame it's not open source, otherwise I'd fix the problems :-( A project idea for someone: a GPL'ed Ensim clone. Specifically:

  • Lets you create domains on the server, each with their own website and chroot environment
  • Manages the config for apache (with vhosts), sendmail (or preferably something nicer like Postfix - not an option with Ensim!), proftpd, ssh, etc. so each user can connect as though they had their own server
  • When you connect through SSH, FTP, etc. it should work out which chroot you need to be in - Ensim does this with a PAM module that looks for horrible usernames like "me@mysite.co.uk" (which most programs refuse to count as a username!) - this means "log user 'me' into the chroot environment for 'mysite.co.uk'"
  • Tracks bandwidth used for each site separately
  • Allows for different access levels for the control panel - i.e. designated Site Owners can log in to change a few things about their domain (e.g. add mailboxes); designated Resellers can log in and create a limited number of domains with limited total bandwidth, etc.

It's the sort of project I'd really like to write (or contribute to) myself. But unfortunately I don't have the time at the moment. If anyone knows of a good, free product which does some or all of the above, please tell me. I'm never happy being tied to a product which I can't fix when it breaks. (Now there's an argument for open source software which you don't hear enough in businesses...)

My complete list of university offers for anyone interested. Now I've got to pick just two :-( Probably Cambridge as first choice, and Warwick as second. But if you ask me again tomorrow I will probably have changed at least three times :-)

You've got to pick based on grade requirements: if you make the grades for your first choice, you automatically go there, and you don't get to choose your second choice if you change your mind. So this is pretty much the final decision... and I'm no good at decisions :-(

aes: hey, that should have been in my diary entry ;-)

Yes, I have been offered a place to read Computer Science at Trinity Hall, Cambridge. I've just been too busy to tell Advogato :-/ .

E-mail

follower: Thanks for the pointer to FastMail; I'll certainly look into that. Their free service obviously doesn't have the features of Port995, but for a small one-off payment it seems I can get a decent service.

I haven't quite decided how I'm going to organise my e-mail yet. I need to be able to pick up new mail on the move, but I keep a fairly large archive of past mail at home. Ideally my home server would download new mail from my IMAP server, but leave a copy there, without touching the 'New' flag (so it will still download mail I've read via the Webmail interface). I can't think of a way to do this (I don't think Fetchmail supports this - it uses the 'New' flag to mark whether it's already fetched a message). I believe Fetchmail can do this with POP3, by keeping a list of message UIDs it's downloaded - anyone know whether you can do this with IMAP? It wasn't possible last time I checked.

I might have to settle with accessing my INBOX folder via IMAP across the Internet from home - not ideal, since my connection is fairly slow.

Merry Christmas!

Oh, wait, it's after midnight (here in England), so in theory it's not Christmas any more. But a Merry Christmas to those of you in lesser time zones ;-)

Where has all the time gone?

All that time I decided I had over the Christmas holidays... all these projects I was going to do... I haven't done a single one. Where has the past week and a half gone? Oh well, I'm sure I'll have time over the remaining couple of weeks [famous last words...].

Let's see... stuff to do...

  • Write "e-mail helpdesk" script for the Intranet I've written - of course, this should only take ten minutes or so, but I still haven't done it...
  • Do more coding on MyAddressBook - I had a load of ideas and bugs to fix, but they never happened.
  • Tidy up my room :-) Erm... what colour was my carpet again? I seem to have lost it beneath heaps of assorted stuff.
  • Work out what I did with my partitions; I'm sure I've got another distro hanging around in a partition in some obscure corner of my hard disk... this distro hasn't been in my GRUB menu for a while, but I might have a boot disk for it. (That's the problem with 60Gb hard disks - so big you can lose entire operating systems in it...)
  • Find out why Gentoo's NVidia module compilation pretends to apply a patch to make it work with 2.5.x kernels, but yet it doesn't work. (I'd like to try out 2.5.x, but then again, I'd like X to work too.)
  • Fix my e-mail - MyRealBox (my current free provider) seems to be introducing random four-hour delays in my e-mail. This is very annoying since I was trying to test a box to see if it had SMTP access, by e-mailing myself, and the mails didn't appear to get through. So I assumed it was broken and spent ages trying to work out why. Then, hours later, the original test messages arrived.... <sigh>. I'm thinking of moving to Port995 (the company, not the POP3/SSL port... and not free) - anyone used them? They use Linux, so hopefully they should be stable at least. And Squirrelmail, my favourite Webmail program.
  • Revise for my Physics exam shortly after I return to school... :-(

There's probably something else, but I'm too tired to remember it right now. Goodnight.

thom: thanks for the hint about module-init-utils; I've now installed the package by that name on Gentoo, but I haven't had the chance to reboot into the other kernel to try it. (Really need to look into usermode linux sometime...)

Gentoo's warnings were slightly scary - they implied that module-init-tools only worked with 2.5.x kernels, not 2.4.x, so I'd have to have two versions of insmod/modprobe etc. floating around. However, based on a bit of experimenting, the new module-init-tools appear to work fine with the older kernels. Please tell me if you know otherwise... :-)

At last. Finally, a holiday. A lot has happened in the past two months since I last wrote here, but unforunately not much of that is what I'd call interesting.

Well, let's see... at school, my form teacher / maths teacher has vanished. For about a month everyone claimed not to know why, but recently it's been revealed that he was suspended. Although for what, no-one will tell us...

University admissions... finally, no more interviews!! I've got offers from four out of six choices so far, with news on the other two expected within a month. The last interview was last week - and that was Cambridge, the important one. I think it went quite well, especially the subject-specific (computer science) interview. The problems they asked weren't too bad, and I seemed to have a common interest in electronics with one interviewer.

Programming - the Intranet Menu I mentioned a couple of months ago is getting considerably bigger than I expected. It's getting all sorts of nifty features, like the ability to have Roaming Users (it usually bases a menu item on your IP address, but as a roaming user, you can make the system display the menu for your usual IP address even if you're not actually at that address at the moment), and others. Yes, it's GPLed, but the source isn't on the net at the moment (because I haven't got round to removing all the branding). Even so, it's probably fairly specialised, so I doubt many people will want to use it.

Linux - tried the 2.5.51 kernel this morning (just before 2.5.52 came out... aargh, another long download beckons) and found that it refuses even to load modules (modprobe complains "Feature not implemented"). Strange. I'll have to upgrade and see if it was a minor blip. I can't see anything wrong with my config.

Er, oops. This morning I typed 'halt' into the wrong window, and brought down my server :-P My uptime! Noooo!

Well, you know you haven't rebooted in a while if your bootup scripts don't actually work any more. It took a fair amount of hacking and two further reboots before the thing came back up again. Apparently, mount doesn't like me running

mount / -o remount,rw

any more, no idea why (no, I haven't deleted the root fs from my fstab!). But this works (or at least, it seems to):

mount /dev/root / -o remount,rw

Ah well...

Ten days?! Is it really ten days since I last posted here? Seems like only yesterday! Oh well...

Let's see now... what's happened within the last 10 days...

  • MyAddressBook v0.1.1 - this is a security release, which mainly fixes some HTML quoting (i.e. it does some now!) plus a couple of other big-ish bugs. No new features; they're waiting for 0.2.0 . On the slight chance that someone downloaded 0.1.0, though, you're very much recommended to upgrade to 0.1.1 (or the latest CVS version).
     
  • Intranet Menu - wrote a MySQL-and-PHP-based intranet menu system for our favourite supermarket company (i.e. my Dad's work). It does some IP address / subnet checking, so machines only get menu items relevant to them (i.e. on machines in stores with 'Existing Web Based App X', that will get displayed on their menu). Now if this was for me, I probably wouldn't bother with writing an admin site, and I'd do it all via phpMyAdmin. But in this case, it's got to be User Friendly (or at least, Non-Unixey, Non-MySQLey IT Admin Friendly) so I had to write an extensive admin interface. The admin interface is probably about 20-30 times the size of the front-end :-)

    This is hardly a large project - I wrote it in odd half-hours here and there, in evenings and at lunch-times - but it marks another conversion to Linux. It looks like my menu system is set to roll out across their WAN within the next few months, served from a Linux server centrally - and this will be this company's first on-site Linux server. Yes, really. (Incidentally, they had two off-site servers at a local ISP, hosting their web site (before they moved to a Managed Service, and NT.... grrr....) - and I set up one (the firewall), and knew root's password and performed routine administration (and on one case, emergency administration) on both. They really should start paying me for this.)
     
  • 486-based Debian box - it turns out that that box might be useful after all, since The Powers That Be were persuaded that it probably was a good idea to turn on IMAP, otherwise they'd have to buy thousands of new machines just to run their snazzy Java-based iNotes client.
     
  • University admissions - just like buses, I wait ages for acknowledgement of my application, then three arrive at once :-) At least something's happening... although I've got to wait till next January before I find out where I'm going. And, for the record, I'm the 4020th person in England to send in their application this year. It pays to be before the rush...

27 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!