Wandering Thoughts archives

2009-12-31: Why free things are so attractive in universities
Look at your pull-based system for things that push
2009-12-30: Real world support periods are shorter than they look
2009-12-29: Solaris is not open source
2009-12-28: The annoying timing of future SSL certificate renewals
2009-12-27: Some OpenSSL and SSL certificate basics
2009-12-26: Things that limit the performance of hardware acceleration
2009-12-25: Linux's non-strict overcommit is the right default
2009-12-24: The advantages of open source software RAID
2009-12-23: Another demonstration of SSL Certification Authority (in)competence
2009-12-22: How not to set up your DNS (part 20)
Do you have a network layout diagram?
Using OpenID for local web application authentication
2009-12-20: Some things about getting useful output from time
Some thoughts on intercepting https traffic
2009-12-19: Local CAs and an interesting consequence of the SSL security model
2009-12-18: Secure or useful: pick one
2009-12-17: The good and bad of SQL
2009-12-16: How Linux software RAID is making me grumpy right now
2009-12-15: The high costs of true security paranoia in the face of compromises
2009-12-13: Sysadmin versus developer uses of version control systems
Mercurial versus git for sysadmins, or why we picked Mercurial
2009-12-12: You should always be able to get a program's version and basic usage
2009-12-11: A wish for KVM virtualization: simple bridged networking
2009-12-10: How not to copy a file to standard output in Python
2009-12-09: My views on inheritance versus interface
2009-12-08: Why I am not enthused about etckeeper and similar systems
2009-12-07: Why whitelists (and blacklists) are long-term poison for online systems
2009-12-05: Overcoming the drawbacks of preforking accept() servers
What version of Python is included in various current OSes
2009-12-04: Learning from Unicorn: the accept() thundering herd non-problem
2009-12-02: The problem with the OpenSolaris source repository
The mixed directory/unrelated files VCS problem
2009-11-30: Using content hashing to avoid the double post problem
Poking around the OpenSolaris codebase (for sysadmins)
2009-11-29: In security, you need to stop the root mistake
2009-11-28: 'Conditional restart' in init.d scripts can be dangerous
2009-11-27: Modern version control systems change your directory layouts
2009-11-26: Some notes for myself on git bisect
2009-11-25: Why I love Unix, number N (for some N)
2009-11-24: An important lesson for me on Fedora upgrades
2009-11-23: Converting a directory from RCS to Mercurial
My current unhappy thoughts on Fedora 12
2009-11-22: RCS versus modern version control systems
2009-11-21: An update on faulted ZFS spares
2009-11-20: Spam and the attraction of reach
2009-11-19: The corollary for effective anti-spam heuristics
2009-11-18: Universities are open environments
2009-11-17: Finally understanding the appeal of 'Interfaces'
2009-11-16: 'Is-a' versus 'is-a-descendant-of'
2009-11-15: A limitation of Python types from C extension modules
2009-11-14: How to defer things in Exim
2009-11-13: (Ab)using Exim routers for their full power
2009-11-12: What makes Exim work as a mailer construction kit
2009-11-11: For universities, the Internet world has fundamentally changed
2009-11-10: HTML5 may end up giving us real, working XHTML
2009-11-08: My problem with the obvious solution to my unexposed types problem
2009-11-07: Solving unexposed types and the limits of duck typing
A gotcha with Bash on Ubuntu 8.04
2009-11-06: A shell script thing that I have learned the hard way
2009-11-05: Why the NFS client is at fault in the multi-filesystem NFS problem
2009-11-04: The cause of the multi-filesystem NFS export problem
2009-11-02: Are security bugs always code bugs?
2009-10-31: My thoughts on why invented standards succeed or fail
The risk continuum for standardization success
2009-10-30: Understanding hash length extension attacks
2009-10-29: Why per-process (or per-user) memory resource limits are hard
2009-10-28: Python modules should make visible their (fundamental) types
2009-10-27: A personal experience of web browsers making bad text editors
2009-10-26: What I think I understand about how standards get created
2009-10-25: Some thoughts on a 'modern' university email system
2009-10-24: Something I have realized about university services
2009-10-22: The limits of some anti-spam precautions
How to waste lots of CPU time checking for module updates
2009-10-21: Why you should be able to get a list of your local email addresses
2009-10-20: Simple mailing lists: an illustration of Exim's flexibility
2009-10-19: The case against backup MXes
2009-10-18: Backup MXes versus redundant MXes
2009-10-17: Automated web software should never fill in the Referer header
2009-10-16: A tale of network horror, or at least excitement
2009-10-15: One complexity of buffered IO on Unix
2009-10-14: Why 'invite-your-friends' features are spam from you, not your users
2009-10-13: There are two different uses of conditional GETs
2009-10-12: ZFS GUIDs vs device names
2009-10-11: Why security bugs aren't bugs
2009-10-10: You should delete obsolete data files
2009-10-09: A fun bug I once ran across
2009-10-08: What is going on with faulted ZFS spares
2009-10-07: A brief introduction to ZFS (disk) GUIDs
2009-10-06: The danger of software suspend on servers
2009-10-05: The problem with security bugs is that they aren't bugs
2009-10-04: Why Unix filesystems precreate lost+found directories
2009-10-03: One thing that top-posting is good for
2009-10-01: The rules for combining things with Bourne shell 'here documents'
2009-09-30: A little habit: cat >/dev/null
On (not) putting IP addresses in registration email
2009-09-28: Two ends of hardware acceleration
What I think about why graphics cards keep being successful
2009-09-27: Some suggestions for registration confirmation emails
Why you can no longer have an 'invite-your-friends' feature
2009-09-26: How our 'plug in and go' laptop network DHCP portal works
2009-09-25: How our DHCP registration portal redirections work
2009-09-24: SSL certificates require proper domain names
2009-09-23: A brief overview of the Solaris 10 nvpair library
2009-09-22: Some trivia about Python frame objects
2009-09-21: Exploring the frame object f_builtins member
2009-09-20: Why kernel packaging is so bad in Debian and Ubuntu
2009-09-19: Why I am not a fan of hardware acceleration
2009-09-18: Are you sure it's a C string?
2009-09-17: A trick to testing https setups on test machines
2009-09-16: Some kernel lockd NFS error messages explained
2009-09-14: Listing file locks on Solaris 10
Forwarding emails without false positives
2009-09-13: How modern CPUs are like (modern) disks
2009-09-12: My opinions on when you should let ZFS handle RAID stuff
2009-09-11: Why you should let ZFS handle the RAID stuff
2009-09-10: What I know about how ZFS actually handles spare disks
2009-09-09: Postfix versus Exim
2009-09-08: Some ways to avoid needing a public ticketing system
2009-09-07: A use for ticketing systems as your primary support method
2009-09-06: What typing ^D really does on Unix
2009-09-05: Why the Unix EINTR semantics (probably) exist
2009-09-03: An interesting issue with doing NFS over TCP (apparently)
Programming blindness and security
2009-09-02: Environment variables make bad switches
2009-08-31: How to deprecate bits of your program
The IO scheduler improvements I saw
2009-08-30: Some more thinking about requirements in specifications
2009-08-29: MUST versus SHOULD in your specifications
2009-08-28: ZFS changes filesystem device numbers on reboot
2009-08-26: What packages SystemTap requires on Ubuntu 8.04 (and others)
A frame object's f_locals isn't always the locals
2009-08-24: The problem with the CFQ IO scheduler and our iSCSI targets
Anti-spam content scanning systems need to scan more
2009-08-23: You should not use HTTP request parameters as filenames
2009-08-22: A gotcha with Python's new signal.siginterrupt()
2009-08-21: The danger of powerful generality, illustrated
2009-08-20: Python modules should not reinvent OSError
2009-08-19: Link: Using colour well in data visualization
Python, signal handlers, and EINTR
2009-08-18: Why user programs mapping page zero is so bad news on x86 hardware
2009-08-17: More accidental BitTorrent on our network
2009-08-16: Testing versus extensibility
2009-08-15: SSDs and the RAID resync problem
2009-08-14: Sorting out what 'passive ftp' is
2009-08-12: Undo is sometimes not good enough
One thing your mail-sending system should do
2009-08-11: The somewhat apocryphal history of comments in the Bourne shell
2009-08-10: The difference in the Bourne shell between : and #
2009-08-09: Building true ssh opportunistic connection sharing
2009-08-08: How I use ssh's connection sharing feature
2009-08-07: The basics of ssh's connection sharing feature
2009-08-06: A rule for Internet software
2009-08-05: A feature that I wish Linux package managers had
2009-08-04: A downside to syndication feed readers respecting permanent HTTP redirects
2009-08-02: Limitations on custom NFS mount authorization on Solaris
What you can't do before you drop setuid permissions
2009-07-31: Using SystemTap to trace the system calls of setuid programs on Linux
How fast various ssh ciphers are
2009-07-30: How we do custom NFS mount authorization on Solaris 10
2009-07-29: The shift-selection trick in X terminal programs
2009-07-28: Spammers are quite dedicated in their address scraping
2009-07-27: Why you should do code reviews for sysadmin scripts
2009-07-26: The anatomy of a hack to get around try:/finally: and generators
2009-07-25: When code in generators runs
2009-07-24: The usefulness of a syndication feed of your blog's comments
2009-07-22: Thinking like a security paranoid: an example
A peculiar change in Linux flock() and fcntl() behavior
2009-07-21: Packages should not contain both tools and policies
2009-07-20: Minimalistic spam, another annoyance to worry about
2009-07-19: The importance of making an issue visible
2009-07-18: Why NFS filehandles fail as access capabilities
2009-07-17: The hard problem of live major release upgrades
2009-07-16: Another reason to safely update files that are looked at over NFS
2009-07-15: A Bourne shell gotcha with ( ... ) command grouping
2009-07-13: Some stuff on NFS access restrictions
Shell scripts should not use absolute paths for programs
2009-07-12: A brief history of NFS server access restrictions
2009-07-11: What can go wrong in making NFS mounts
2009-07-10: An unpleasant surprise about ZFS scrubbing in Solaris 10 U6
2009-07-09: The high-level version of how mounting NFS filesystems works
2009-07-08: Fedora and workstations (on Linux distributions for desktops)
2009-07-07: Why and why not Fedora
2009-07-06: How you could do a shared root directory with NFS
2009-07-05: The coming Internet identity problem
2009-07-04: A side note on the cost of operations
2009-07-03: How software makes reverse proxying hard
2009-07-02: Finding out when a command in a pipeline fails
2009-06-30: A Unix irritation: pipeline status
More on why users keep mailing specific people
2009-06-29: A theory on why users keep mailing specific people
2009-06-28: How we solve the multiuser PHP problem
2009-06-27: Possible limits on our port multiplied ESATA performance
2009-06-26: How not to set up your DNS (part 19)
An advantage for hardware RAID over software RAID
2009-06-25: Patching systems versus patching appliances
2009-06-24: Another source of stickyness for social web sites
2009-06-22: Solaris 10 NFS server parameters that we change and why
Why GNU tools are sometimes not my favorite programs
2009-06-21: Email is intrusive, and why
2009-06-20: Using GRUB to figure out the mapping of BIOS drive numbers
2009-06-19: Fedora desperately needs a better upgrade system
2009-06-18: A kernel NFS error message explained
2009-06-17: The NFS 'reserved ports' option and why you care
2009-06-16: Maybe understanding blogrolls
2009-06-15: try:/finally: and generators
2009-06-14: How to set up your vacation messages to get thrown off mailing lists
2009-06-13: One of the reasons good alerting is tough
2009-06-12: What I know about Solaris 10 NFS server file lock limits
2009-06-11: There are two different purposes of monitoring systems
2009-06-10: Users are lazy
2009-06-08: Another way that generators are not lists: modifying them
Monitoring systems should be always be usefully informative
2009-06-07: It's important to get the real costs right
2009-06-06: User perceptions (and expectations) of backups
2009-06-05: How we're planning our backup storage capacity needs
2009-06-04: Another irritation with Gnome's gconf settings system
2009-06-03: The costs of development versus the costs of operation
2009-06-02: Sometimes brute force is the answer (on Unix)
2009-05-31: A thought on giving custom redundant storage systems some history
The better way to install Sun's Java
2009-05-30: The program energy efficiency optimist's view
2009-05-29: The cost of program energy efficiency
2009-05-28: Encapsulation may be in the eye of the beholder
2009-05-27: Hosted servers, cloud computing, and backups
2009-05-25: Backups versus redundancy
2009-05-24: An interesting bit of ssh and sshd behavior
What modern email is good for
2009-05-23: The drawback of using a language with a good interface to the OS
2009-05-22: How CPython handles (and delays) Unix signals
2009-05-21: Solving the Python SIGCHLD problem
2009-05-20: Why directory URLs have to have trailing slashes
2009-05-19: Some notes on rewrites in Apache .htaccess files
2009-05-17: One reason for Unix's permission checking timing
The crucial difference between online and offline backups
2009-05-16: Autoresponders in the modern email world
2009-05-15: Why df on an NFS-mounted ZFS filesystem can give odd results
2009-05-14: Fixing your system after hitting the RAID growth gotcha
2009-05-13: Booting a Linux system without a root mirror
2009-05-12: A serious gotcha with growing software RAID devices
2009-05-10: What affects how fast you can restore backups
Another advantage of disk-based backup systems
2009-05-09: Our disk-based backup system
2009-05-08: The problem with tapes (for backup)
2009-05-07: How to set up your xorg.conf for RandR-based dual-headed systems
2009-05-06: An irritation with Linux's 'mount -t nfs' output
2009-05-05: How we periodically scrub our ZFS pools
2009-05-03: An inexplicable omission in bash's sourcing of .bashrc
2009-05-02: Why version control systems should support 'rewriting history'
Convenient ssh in Gnome, or 'my sshmenu wish comes true'
2009-04-30: My standard Gnome customizations
Why I would still like MC/S in Linux
2009-04-29: Pragmatic issues with hash verifiers for email messages
2009-04-27: One of my TDD weaknesses: mock objects for complex objects
The problems of over-documenting things
2009-04-26: A Bourne shell irritation: piping just stderr
Lighttpd, CGIs, and standard error
2009-04-25: On digital signatures and client security issues
2009-04-24: The difference between Web 1.0 and Web 2.0
2009-04-23: A Gnome irritation
2009-04-21: Why your ticketing system should not be accessible to users
2009-04-20: Some ways to add versioning to pickled objects
Why pickle is not a good way to save your data
2009-04-19: Sometimes you don't want behavior with your data
2009-04-18: What users see as benefits from sysadmins
2009-04-17: Git and 'rewriting history'
2009-04-16: What causes the ZFS file deletion problem with snapshots
2009-04-15: The problem with Solaris 10 update 6's ZFS failmode setting
2009-04-13: How I went wrong in thinking about /boot mirroring
Your ticketing system should be optional
2009-04-12: A hairshirt too far: on always avoiding CSS
2009-04-11: The advantage of having an (XML) sitemap
2009-04-10: Why 'sender stores message' is easier for spammers than real mail servers
2009-04-09: Why ssh needs to verify host keys
2009-04-07: Handling ssh to generic hostnames
The technical problems with 'sender stores messages' schemes
2009-04-06: An interesting hardware mystery
2009-04-05: Why I don't expect ARM-based netbooks to be a success
2009-04-03: The (or a) problem with Unix manpages
How to use Vixie cron to schedule at regular odd times
2009-04-02: System status announcements and where your users are
2009-03-31: The SSD boom and the theoretical multicore revolution
A sysadmin use for Twitter
2009-03-30: There are three entry states for feed readers
2009-03-29: Why I wrote my own bulk IO performance measurement tool
2009-03-28: Make your web application's interface elements obvious
2009-03-27: The theoretical advantage of a separate /boot filesystem
2009-03-26: An important difference
The git version control system as a creation of the modern age
2009-03-24: Using fully mirrored system disks on Linux
How not to improve your CD player application
Frustration for a sysadmin (well, for me)
2009-03-23: How libraries should handle internal warning messages
2009-03-22: An outline of a possibly easier IPv4 to IPv6 transition
2009-03-21: Why the ideal IPv4 to IPv6 transition is impossible
2009-03-19: Why 'sender stores message' schemes won't cure phish spams
2009-03-18: An obvious thing about dealing with web spider misbehavior
Principles of email in the modern age
2009-03-16: An important gotcha with iSCSI multipathing in Solaris 10
Complex data structures and the two sorts of languages
2009-03-15: A realization: planet aggregators have a natural size limit
2009-03-14: Why I don't trust seteuid() and friends
2009-03-12: The problem with /var today
The not so secret history of /var
2009-03-11: Checklists versus procedures
2009-03-10: Why checklists work
2009-03-09: What list methods don't make sense for heterogeneous lists
2009-03-08: Python's theoretically missing core data type
2009-03-07: What past problems of mine the collections module solves
2009-03-06: What can keep a ZFS pool busy and prevent it from exporting
2009-03-05: What seems to use power on a Dell Mini 12
2009-03-04: The ASUS Eee PC versus the Dell Mini 12
2009-03-03: Rollbacks versus downgrades
2009-03-02: Some gotchas with ZFS in Solaris 10 update 6
2009-02-28: What it would take for me to use Fedora Rawhide
The potential problems with distribution downgrades
2009-02-27: The peculiar case of the conference spammers
2009-02-26: What I learned from Google Mail's recent outage
2009-02-25: Don't log usernames for bad logins
2009-02-24: A core principle of error and warning messages
2009-02-23: A problem with microtransactions
2009-02-22: Internet scale security: the impact of cheapness
2009-02-21: How to turn off gnome-terminal's cursor blinking
2009-02-20: An attraction of planet-style blog aggregators as your feed reader
2009-02-19: Appearances are deceptive in the (anti-)spam world
2009-02-18: My theory on why people wind up using common passwords
2009-02-17: Design versus construction
2009-02-16: My approach to website passwords (and why it is the right one)
2009-02-15: How CPython optimizes allocations for some built-in types
2009-02-14: Some of my assumptions about Python object allocation
2009-02-13: The accumulator mini-pattern and .setdefault()
2009-02-12: Recognizing non-interactive shells and 'shell levels'
2009-02-11: True point in time restores may be hard
2009-02-09: Backups and archives
I hate flaky systems, Fedora 10 and/or hardware edition
2009-02-08: When bash sources your .bashrc
2009-02-07: An illustration of one reason that documentation is hard
2009-02-06: Our SunFire X2100 nVidia Ethernet experiences
2009-02-04: An alarming ZFS status message and what is usually going on with it
Why btrfs was inevitable: a corollary to (not) getting ZFS in Linux
2009-02-02: A grumpy remark about Solaris's scalability
2009-02-01: Understanding ZFS cachefiles in Solaris 10 update 6
2009-01-31: Why social mudding works
When can you assume UTF-8 filenames?
2009-01-30: A surprising lack on Linux: browsers for camera RAW photos
2009-01-29: An RPM packaging utter FAIL
2009-01-28: The (or an) attraction of Twitter
2009-01-27: My wishes for Sun's online documentation
2009-01-26: My reaction to Solaris 10 update 6's ZFS changes
How LiveJournal is sticky
2009-01-25: Thinking about what you do with undo
2009-01-24: Towards a better undo
2009-01-23: The HTML tax (in Python, and in general)
2009-01-22: The NFS re-export problem
2009-01-20: Why high availability NFS requires shared storage
The inner life of NFS filehandles
2009-01-19: Using iptables to get around the policy based routing limitation
2009-01-18: The basic implementation of relatively high-availability NFS
2009-01-17: Practical issues with getting ZFS on Linux
2009-01-16: A lament about modern NFS development
2009-01-15: Why templating systems are the wrong answer for simple HTML generation
2009-01-14: Documenting the kernel.sem sysctl
2009-01-12: A surprising lack in Python's standard library
What I want out of NFS security, at least at the moment
2009-01-11: The problems I see with multi-signed SSL in practice
2009-01-10: You cannot ask users to manage their own security
2009-01-09: A Unix shell glob trick
2009-01-08: The ufsdump block size doesn't seem to matter much
2009-01-07: Two suggestions for improving Fedora's PreUpgrade experience
2009-01-06: The problem of forcing users to make choices (in security)
2009-01-05: Why 'email marketing' winds up as spam
2009-01-04: 'Email marketing' versus outright email spam
2009-01-03: How to help programmers (parts 2 and 3): os.environ and sys.argv
2009-01-02: Why SSL needs certificate authorities, or at least trust roots
2009-01-01: Flaws in the 'web of trust' approach to trust issues

Page tools: See As Normal.
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.