Wandering Thoughts: Recent Entries For 2009

Categories: links, linux, programming, python, snark, solaris, spam, sysadmin, tech, unix, web.

2009-12-31:	Why free things are so attractive in universities Look at your pull-based system for things that push
2009-12-30:	Real world support periods are shorter than they look
2009-12-29:	Solaris is not open source
2009-12-28:	The annoying timing of future SSL certificate renewals
2009-12-27:	Some OpenSSL and SSL certificate basics
2009-12-26:	Things that limit the performance of hardware acceleration
2009-12-25:	Linux's non-strict overcommit is the right default
2009-12-24:	The advantages of open source software RAID
2009-12-23:	Another demonstration of SSL Certification Authority (in)competence
2009-12-22:	How not to set up your DNS (part 20) Do you have a network layout diagram? Using OpenID for local web application authentication
2009-12-20:	Some things about getting useful output from `time` Some thoughts on intercepting https traffic
2009-12-19:	Local CAs and an interesting consequence of the SSL security model
2009-12-18:	Secure or useful: pick one
2009-12-17:	The good and bad of SQL
2009-12-16:	How Linux software RAID is making me grumpy right now
2009-12-15:	The high costs of true security paranoia in the face of compromises
2009-12-13:	Sysadmin versus developer uses of version control systems Mercurial versus git for sysadmins, or why we picked Mercurial
2009-12-12:	You should always be able to get a program's version and basic usage
2009-12-11:	A wish for KVM virtualization: simple bridged networking
2009-12-10:	How not to copy a file to standard output in Python
2009-12-09:	My views on inheritance versus interface
2009-12-08:	Why I am not enthused about etckeeper and similar systems
2009-12-07:	Why whitelists (and blacklists) are long-term poison for online systems
2009-12-05:	Overcoming the drawbacks of preforking `accept()` servers What version of Python is included in various current OSes
2009-12-04:	Learning from Unicorn: the `accept()` thundering herd non-problem
2009-12-02:	The problem with the OpenSolaris source repository The mixed directory/unrelated files VCS problem
2009-11-30:	Using content hashing to avoid the double post problem Poking around the OpenSolaris codebase (for sysadmins)
2009-11-29:	In security, you need to stop the root mistake
2009-11-28:	'Conditional restart' in init.d scripts can be dangerous
2009-11-27:	Modern version control systems change your directory layouts
2009-11-26:	Some notes for myself on `git bisect`
2009-11-25:	Why I love Unix, number N (for some N)
2009-11-24:	An important lesson for me on Fedora upgrades
2009-11-23:	Converting a directory from RCS to Mercurial My current unhappy thoughts on Fedora 12
2009-11-22:	RCS versus modern version control systems
2009-11-21:	An update on faulted ZFS spares
2009-11-20:	Spam and the attraction of reach
2009-11-19:	The corollary for effective anti-spam heuristics
2009-11-18:	Universities are open environments
2009-11-17:	Finally understanding the appeal of 'Interfaces'
2009-11-16:	'Is-a' versus 'is-a-descendant-of'
2009-11-15:	A limitation of Python types from C extension modules
2009-11-14:	How to defer things in Exim
2009-11-13:	(Ab)using Exim routers for their full power
2009-11-12:	What makes Exim work as a mailer construction kit
2009-11-11:	For universities, the Internet world has fundamentally changed
2009-11-10:	HTML5 may end up giving us real, working XHTML
2009-11-08:	My problem with the obvious solution to my unexposed types problem
2009-11-07:	Solving unexposed types and the limits of duck typing A gotcha with Bash on Ubuntu 8.04
2009-11-06:	A shell script thing that I have learned the hard way
2009-11-05:	Why the NFS client is at fault in the multi-filesystem NFS problem
2009-11-04:	The cause of the multi-filesystem NFS export problem
2009-11-02:	Are security bugs always code bugs? XHTML vs HTML5
2009-10-31:	My thoughts on why invented standards succeed or fail The risk continuum for standardization success
2009-10-30:	Understanding hash length extension attacks
2009-10-29:	Why per-process (or per-user) memory resource limits are hard
2009-10-28:	Python modules should make visible their (fundamental) types
2009-10-27:	A personal experience of web browsers making bad text editors
2009-10-26:	What I think I understand about how standards get created
2009-10-25:	Some thoughts on a 'modern' university email system
2009-10-24:	Something I have realized about university services
2009-10-22:	The limits of some anti-spam precautions How to waste lots of CPU time checking for module updates
2009-10-21:	Why you should be able to get a list of your local email addresses
2009-10-20:	Simple mailing lists: an illustration of Exim's flexibility
2009-10-19:	The case against backup MXes
2009-10-18:	Backup MXes versus redundant MXes
2009-10-17:	Automated web software should never fill in the `Referer` header
2009-10-16:	A tale of network horror, or at least excitement
2009-10-15:	One complexity of buffered IO on Unix
2009-10-14:	Why 'invite-your-friends' features are spam from you, not your users
2009-10-13:	There are two different uses of conditional GETs
2009-10-12:	ZFS GUIDs vs device names
2009-10-11:	Why security bugs aren't bugs
2009-10-10:	You should delete obsolete data files
2009-10-09:	A fun bug I once ran across
2009-10-08:	What is going on with faulted ZFS spares
2009-10-07:	A brief introduction to ZFS (disk) GUIDs
2009-10-06:	The danger of software suspend on servers
2009-10-05:	The problem with security bugs is that they aren't bugs
2009-10-04:	Why Unix filesystems precreate `lost+found` directories
2009-10-03:	One thing that top-posting is good for
2009-10-01:	The rules for combining things with Bourne shell 'here documents'
2009-09-30:	A little habit: `cat >/dev/null` On (not) putting IP addresses in registration email
2009-09-28:	Two ends of hardware acceleration What I think about why graphics cards keep being successful
2009-09-27:	Some suggestions for registration confirmation emails Why you can no longer have an 'invite-your-friends' feature
2009-09-26:	How our 'plug in and go' laptop network DHCP portal works
2009-09-25:	How our DHCP registration portal redirections work
2009-09-24:	SSL certificates require proper domain names
2009-09-23:	A brief overview of the Solaris 10 nvpair library
2009-09-22:	Some trivia about Python frame objects
2009-09-21:	Exploring the frame object `f_builtins` member
2009-09-20:	Why kernel packaging is so bad in Debian and Ubuntu
2009-09-19:	Why I am not a fan of hardware acceleration
2009-09-18:	Are you sure it's a C string?
2009-09-17:	A trick to testing `https` setups on test machines
2009-09-16:	Some kernel lockd NFS error messages explained
2009-09-14:	Listing file locks on Solaris 10 Forwarding emails without false positives
2009-09-13:	How modern CPUs are like (modern) disks
2009-09-12:	My opinions on when you should let ZFS handle RAID stuff
2009-09-11:	Why you should let ZFS handle the RAID stuff
2009-09-10:	What I know about how ZFS actually handles spare disks
2009-09-09:	Postfix versus Exim
2009-09-08:	Some ways to avoid needing a public ticketing system
2009-09-07:	A use for ticketing systems as your primary support method
2009-09-06:	What typing ^D really does on Unix
2009-09-05:	Why the Unix `EINTR` semantics (probably) exist
2009-09-03:	An interesting issue with doing NFS over TCP (apparently) Programming blindness and security
2009-09-02:	Environment variables make bad switches
2009-08-31:	How to deprecate bits of your program The IO scheduler improvements I saw
2009-08-30:	Some more thinking about requirements in specifications
2009-08-29:	MUST versus SHOULD in your specifications
2009-08-28:	ZFS changes filesystem device numbers on reboot
2009-08-26:	What packages SystemTap requires on Ubuntu 8.04 (and others) A frame object's `f_locals` isn't always the locals
2009-08-24:	The problem with the CFQ IO scheduler and our iSCSI targets Anti-spam content scanning systems need to scan more
2009-08-23:	You should not use HTTP request parameters as filenames
2009-08-22:	A gotcha with Python's new `signal.siginterrupt()`
2009-08-21:	The danger of powerful generality, illustrated
2009-08-20:	Python modules should not reinvent `OSError`
2009-08-19:	Link: Using colour well in data visualization Python, signal handlers, and `EINTR`
2009-08-18:	Why user programs mapping page zero is so bad news on x86 hardware
2009-08-17:	More accidental BitTorrent on our network
2009-08-16:	Testing versus extensibility
2009-08-15:	SSDs and the RAID resync problem
2009-08-14:	Sorting out what 'passive ftp' is
2009-08-12:	Undo is sometimes not good enough One thing your mail-sending system should do
2009-08-11:	The somewhat apocryphal history of comments in the Bourne shell
2009-08-10:	The difference in the Bourne shell between `:` and `#`
2009-08-09:	Building true ssh opportunistic connection sharing
2009-08-08:	How I use ssh's connection sharing feature
2009-08-07:	The basics of ssh's connection sharing feature
2009-08-06:	A rule for Internet software
2009-08-05:	A feature that I wish Linux package managers had
2009-08-04:	A downside to syndication feed readers respecting permanent HTTP redirects
2009-08-02:	Limitations on custom NFS mount authorization on Solaris What you can't do before you drop setuid permissions
2009-07-31:	Using SystemTap to trace the system calls of setuid programs on Linux How fast various ssh ciphers are
2009-07-30:	How we do custom NFS mount authorization on Solaris 10
2009-07-29:	The shift-selection trick in X terminal programs
2009-07-28:	Spammers are quite dedicated in their address scraping
2009-07-27:	Why you should do code reviews for sysadmin scripts
2009-07-26:	The anatomy of a hack to get around `try:`/`finally:` and generators
2009-07-25:	When code in generators runs
2009-07-24:	The usefulness of a syndication feed of your blog's comments
2009-07-22:	Thinking like a security paranoid: an example A peculiar change in Linux `flock()` and `fcntl()` behavior
2009-07-21:	Packages should not contain both tools and policies
2009-07-20:	Minimalistic spam, another annoyance to worry about
2009-07-19:	The importance of making an issue visible
2009-07-18:	Why NFS filehandles fail as access capabilities
2009-07-17:	The hard problem of live major release upgrades
2009-07-16:	Another reason to safely update files that are looked at over NFS
2009-07-15:	A Bourne shell gotcha with `( ... )` command grouping
2009-07-13:	Some stuff on NFS access restrictions Shell scripts should not use absolute paths for programs
2009-07-12:	A brief history of NFS server access restrictions
2009-07-11:	What can go wrong in making NFS mounts
2009-07-10:	An unpleasant surprise about ZFS scrubbing in Solaris 10 U6
2009-07-09:	The high-level version of how mounting NFS filesystems works
2009-07-08:	Fedora and workstations (on Linux distributions for desktops)
2009-07-07:	Why and why not Fedora
2009-07-06:	How you could do a shared root directory with NFS
2009-07-05:	The coming Internet identity problem
2009-07-04:	A side note on the cost of operations
2009-07-03:	How software makes reverse proxying hard
2009-07-02:	Finding out when a command in a pipeline fails
2009-06-30:	A Unix irritation: pipeline status More on why users keep mailing specific people
2009-06-29:	A theory on why users keep mailing specific people
2009-06-28:	How we solve the multiuser PHP problem
2009-06-27:	Possible limits on our port multiplied ESATA performance
2009-06-26:	How not to set up your DNS (part 19) An advantage for hardware RAID over software RAID
2009-06-25:	Patching systems versus patching appliances
2009-06-24:	Another source of stickyness for social web sites
2009-06-22:	Solaris 10 NFS server parameters that we change and why Why GNU tools are sometimes not my favorite programs
2009-06-21:	Email is intrusive, and why
2009-06-20:	Using GRUB to figure out the mapping of BIOS drive numbers
2009-06-19:	Fedora desperately needs a better upgrade system
2009-06-18:	A kernel NFS error message explained
2009-06-17:	The NFS 'reserved ports' option and why you care
2009-06-16:	Maybe understanding blogrolls
2009-06-15:	`try:/finally:` and generators
2009-06-14:	How to set up your vacation messages to get thrown off mailing lists
2009-06-13:	One of the reasons good alerting is tough
2009-06-12:	What I know about Solaris 10 NFS server file lock limits
2009-06-11:	There are two different purposes of monitoring systems
2009-06-10:	Users are lazy
2009-06-08:	Another way that generators are not lists: modifying them Monitoring systems should be always be usefully informative
2009-06-07:	It's important to get the real costs right
2009-06-06:	User perceptions (and expectations) of backups
2009-06-05:	How we're planning our backup storage capacity needs
2009-06-04:	Another irritation with Gnome's gconf settings system
2009-06-03:	The costs of development versus the costs of operation
2009-06-02:	Sometimes brute force is the answer (on Unix)
2009-05-31:	A thought on giving custom redundant storage systems some history The better way to install Sun's Java
2009-05-30:	The program energy efficiency optimist's view
2009-05-29:	The cost of program energy efficiency
2009-05-28:	Encapsulation may be in the eye of the beholder
2009-05-27:	Hosted servers, cloud computing, and backups
2009-05-25:	Backups versus redundancy
2009-05-24:	An interesting bit of ssh and sshd behavior What modern email is good for
2009-05-23:	The drawback of using a language with a good interface to the OS
2009-05-22:	How CPython handles (and delays) Unix signals
2009-05-21:	Solving the Python `SIGCHLD` problem
2009-05-20:	Why directory URLs have to have trailing slashes
2009-05-19:	Some notes on rewrites in Apache `.htaccess` files
2009-05-17:	One reason for Unix's permission checking timing The crucial difference between online and offline backups
2009-05-16:	Autoresponders in the modern email world
2009-05-15:	Why `df` on an NFS-mounted ZFS filesystem can give odd results
2009-05-14:	Fixing your system after hitting the RAID growth gotcha
2009-05-13:	Booting a Linux system without a root mirror
2009-05-12:	A serious gotcha with growing software RAID devices
2009-05-10:	What affects how fast you can restore backups Another advantage of disk-based backup systems
2009-05-09:	Our disk-based backup system
2009-05-08:	The problem with tapes (for backup)
2009-05-07:	How to set up your `xorg.conf` for RandR-based dual-headed systems
2009-05-06:	An irritation with Linux's '`mount -t nfs`' output
2009-05-05:	How we periodically scrub our ZFS pools
2009-05-03:	An inexplicable omission in bash's sourcing of `.bashrc`
2009-05-02:	Why version control systems should support 'rewriting history' Convenient ssh in Gnome, or 'my sshmenu wish comes true'
2009-04-30:	My standard Gnome customizations Why I would still like MC/S in Linux
2009-04-29:	Pragmatic issues with hash verifiers for email messages
2009-04-27:	One of my TDD weaknesses: mock objects for complex objects The problems of over-documenting things
2009-04-26:	A Bourne shell irritation: piping just stderr Lighttpd, CGIs, and standard error
2009-04-25:	On digital signatures and client security issues
2009-04-24:	The difference between Web 1.0 and Web 2.0
2009-04-23:	A Gnome irritation
2009-04-21:	Why your ticketing system should not be accessible to users
2009-04-20:	Some ways to add versioning to pickled objects Why pickle is not a good way to save your data
2009-04-19:	Sometimes you don't want behavior with your data
2009-04-18:	What users see as benefits from sysadmins
2009-04-17:	Git and 'rewriting history'
2009-04-16:	What causes the ZFS file deletion problem with snapshots
2009-04-15:	The problem with Solaris 10 update 6's ZFS `failmode` setting
2009-04-13:	How I went wrong in thinking about `/boot` mirroring Your ticketing system should be optional
2009-04-12:	A hairshirt too far: on always avoiding CSS
2009-04-11:	The advantage of having an (XML) sitemap
2009-04-10:	Why 'sender stores message' is easier for spammers than real mail servers
2009-04-09:	Why ssh needs to verify host keys
2009-04-07:	Handling ssh to generic hostnames The technical problems with 'sender stores messages' schemes
2009-04-06:	An interesting hardware mystery
2009-04-05:	Why I don't expect ARM-based netbooks to be a success
2009-04-03:	The (or a) problem with Unix manpages How to use Vixie cron to schedule at regular odd times
2009-04-02:	System status announcements and where your users are
2009-03-31:	The SSD boom and the theoretical multicore revolution A sysadmin use for Twitter
2009-03-30:	There are three entry states for feed readers
2009-03-29:	Why I wrote my own bulk IO performance measurement tool
2009-03-28:	Make your web application's interface elements obvious
2009-03-27:	The theoretical advantage of a separate `/boot` filesystem
2009-03-26:	An important difference The `git` version control system as a creation of the modern age
2009-03-24:	Using fully mirrored system disks on Linux How not to improve your CD player application Frustration for a sysadmin (well, for me)
2009-03-23:	How libraries should handle internal warning messages
2009-03-22:	An outline of a possibly easier IPv4 to IPv6 transition
2009-03-21:	Why the ideal IPv4 to IPv6 transition is impossible
2009-03-19:	Why 'sender stores message' schemes won't cure phish spams
2009-03-18:	An obvious thing about dealing with web spider misbehavior Principles of email in the modern age
2009-03-16:	An important gotcha with iSCSI multipathing in Solaris 10 Complex data structures and the two sorts of languages
2009-03-15:	A realization: planet aggregators have a natural size limit
2009-03-14:	Why I don't trust `seteuid()` and friends
2009-03-12:	The problem with `/var` today The not so secret history of `/var`
2009-03-11:	Checklists versus procedures
2009-03-10:	Why checklists work
2009-03-09:	What list methods don't make sense for heterogeneous lists
2009-03-08:	Python's theoretically missing core data type
2009-03-07:	What past problems of mine the collections module solves
2009-03-06:	What can keep a ZFS pool busy and prevent it from exporting
2009-03-05:	What seems to use power on a Dell Mini 12
2009-03-04:	The ASUS Eee PC versus the Dell Mini 12
2009-03-03:	Rollbacks versus downgrades
2009-03-02:	Some gotchas with ZFS in Solaris 10 update 6
2009-02-28:	What it would take for me to use Fedora Rawhide The potential problems with distribution downgrades
2009-02-27:	The peculiar case of the conference spammers
2009-02-26:	What I learned from Google Mail's recent outage
2009-02-25:	Don't log usernames for bad logins
2009-02-24:	A core principle of error and warning messages
2009-02-23:	A problem with microtransactions
2009-02-22:	Internet scale security: the impact of cheapness
2009-02-21:	How to turn off `gnome-terminal`'s cursor blinking
2009-02-20:	An attraction of planet-style blog aggregators as your feed reader
2009-02-19:	Appearances are deceptive in the (anti-)spam world
2009-02-18:	My theory on why people wind up using common passwords
2009-02-17:	Design versus construction
2009-02-16:	My approach to website passwords (and why it is the right one)
2009-02-15:	How CPython optimizes allocations for some built-in types
2009-02-14:	Some of my assumptions about Python object allocation
2009-02-13:	The accumulator mini-pattern and `.setdefault()`
2009-02-12:	Recognizing non-interactive shells and 'shell levels'
2009-02-11:	True point in time restores may be hard
2009-02-09:	Backups and archives I hate flaky systems, Fedora 10 and/or hardware edition
2009-02-08:	When bash sources your `.bashrc`
2009-02-07:	An illustration of one reason that documentation is hard
2009-02-06:	Our SunFire X2100 nVidia Ethernet experiences
2009-02-04:	An alarming ZFS status message and what is usually going on with it Why btrfs was inevitable: a corollary to (not) getting ZFS in Linux
2009-02-02:	A grumpy remark about Solaris's scalability
2009-02-01:	Understanding ZFS cachefiles in Solaris 10 update 6
2009-01-31:	Why social mudding works When can you assume UTF-8 filenames?
2009-01-30:	A surprising lack on Linux: browsers for camera RAW photos
2009-01-29:	An RPM packaging utter FAIL
2009-01-28:	The (or an) attraction of Twitter
2009-01-27:	My wishes for Sun's online documentation
2009-01-26:	My reaction to Solaris 10 update 6's ZFS changes How LiveJournal is sticky
2009-01-25:	Thinking about what you do with undo
2009-01-24:	Towards a better undo
2009-01-23:	The HTML tax (in Python, and in general)
2009-01-22:	The NFS re-export problem
2009-01-20:	Why high availability NFS requires shared storage The inner life of NFS filehandles
2009-01-19:	Using iptables to get around the policy based routing limitation
2009-01-18:	The basic implementation of relatively high-availability NFS
2009-01-17:	Practical issues with getting ZFS on Linux
2009-01-16:	A lament about modern NFS development
2009-01-15:	Why templating systems are the wrong answer for simple HTML generation
2009-01-14:	Documenting the `kernel.sem` sysctl
2009-01-12:	A surprising lack in Python's standard library What I want out of NFS security, at least at the moment
2009-01-11:	The problems I see with multi-signed SSL in practice
2009-01-10:	You cannot ask users to manage their own security
2009-01-09:	A Unix shell glob trick
2009-01-08:	The `ufsdump` block size doesn't seem to matter much
2009-01-07:	Two suggestions for improving Fedora's PreUpgrade experience
2009-01-06:	The problem of forcing users to make choices (in security)
2009-01-05:	Why 'email marketing' winds up as spam
2009-01-04:	'Email marketing' versus outright email spam
2009-01-03:	How to help programmers (parts 2 and 3): `os.environ` and `sys.argv`
2009-01-02:	Why SSL needs certificate authorities, or at least trust roots
2009-01-01:	Flaws in the 'web of trust' approach to trust issues

These are my WanderingThoughts
(About the blog)

GettingAround
Full index of entries
Recent comments

This is part of CSpace, and is written by ChrisSiebenmann.
Twitter: @thatcks

* * *

Atom feeds are available; see the bottom of most pages.

This is a DWiki.
(Help)

Categories: links, linux, programming, python, snark, solaris, spam, sysadmin, tech, unix, web

(Previous year | Next year)

By month for 2009: Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec; before 2009; after 2009.