Wandering Thoughts archives

2010-12-31: The only way to really be secure with SSL
One group that can sensibly use non-GPL'd Linux kernel modules
2010-12-30: Why you need select() even with communication channels
2010-12-29: Spam as a tax on public participation in open source projects
2010-12-28: A modest proposal for fixing your bug tracker
2010-12-27: Users don't care about security
2010-12-26: A lesson for myself: write tests. Really.
2010-12-25: Garbage-collected languages and memory allocation failures
2010-12-24: The jurisdiction problem with making SSL CAs liable for things
2010-12-23: More on the Unix interpreter startup problem
2010-12-22: The Unix interpreter problem(s)
2010-12-21: Why I want tests to be easy to write
2010-12-20: I don't understand how to test complex data structures
2010-12-19: A tale of memory allocation failure
2010-12-17: A Python (non-)idiom that I should really avoid
Sometimes bugs have very small edit distances
2010-12-16: The elements of a non-event
2010-12-15: Always remember that people make mistakes
2010-12-13: Fumbling towards understanding how to use DRBD
A program that I want to write: a 'sink' SMTP server
2010-12-12: One problem with the files-in-directory approach to configuration
2010-12-11: The danger of having system programmers around, illustrated
2010-12-10: How to get sysadmins to never use your software again
2010-12-09: A small request for C programmers: no static locals
2010-12-08: Exploring a limitation of the DTrace fbt provider (on x86)
2010-12-07: More on https as a necessary mistake
2010-12-06: What performance anomalies mean
2010-12-05: A log message format mistake that I've made
2010-12-03: Asking users questions never increases security
Why https was a mistake, but an inevitable one
2010-12-02: My view of OpenSolaris and Illumos
2010-11-30: A modest idea on how to get people to use Fedora Rawhide
2010-11-29: Why low quality encryption is not better than no encryption
Why 10G Ethernet is not a near-term issue for us
2010-11-28: Why I am harsh on Solaris Live Upgrade and similar tools
2010-11-27: Why I'm not really interested in Solaris's Live Upgrade stuff
2010-11-26: My view on Wayland replacing X in Linux
2010-11-25: An example of the progress of the modern web
2010-11-24: My oddly inconsistent caution (or paranoia) with email addresses
2010-11-22: Where to find the Illumos source repository
2010-11-21: Why I think some coding tricks are especially damaging
2010-11-20: Why I avoid DSA when I have a choice
More on those Python import oddities
2010-11-18: My current Apache SSL cipher settings
Thinking about how long our infrastructure will last
2010-11-16: When good ideas go bad: how not to do a file chooser dialog
2010-11-15: The language dilemma for production software
2010-11-14: Four reasons to have a firewall
The ordering of SSL chain certificates
2010-11-13: How os.path exposes some Python import weirdness
2010-11-11: The changing assumptions about viruses in email
Some yum tricks with distro-sync and --releasever
2010-11-09: Directory link counts and a find trick
2010-11-08: A find optimization and a piece of history, all in one
When Linux's rp_filter might make sense
2010-11-07: When you should care about security
2010-11-06: Modern versions of Apache and Redirect
2010-11-05: GNU sort and -k: a gotcha
2010-11-04: What we (currently) use virtualization for
2010-11-03: One reason that I call us a midsized environment
2010-11-01: Redirecting from HTTP to HTTPS is a bad security idea
2010-10-31: How I run two Firefoxes at once and still have remote control
How I set up my isolated testing Firefox environment
2010-10-30: A very convenient trick: having a testing browser
2010-10-29: What problems the Maildir mail storage format solves
2010-10-27: An extra problem with not documenting things in open source modules
A modern VCS mistake enabled by working on live trees
2010-10-26: Why Python's struct module isn't great for handling binary protocols
2010-10-24: Why we built our own ZFS spares handling system
Why I'm interested in Go
2010-10-23: My issues with Go's net package
2010-10-22: My theory on Unix's one chance to have a standard GUI
2010-10-21: The problems with testing for round-trip capable codecs
2010-10-20: Round-trip capable character encodings in Python
2010-10-18: A module that I want in the standard library: Parsing
The cache eviction death spiral
2010-10-17: Read IO is generally synchronous (unlike write IO)
2010-10-16: The attraction of the milter protocol
2010-10-15: How big our fileserver environment is (part 2)
2010-10-13: How big our fileserver environment is (part 1)
Why visited links being visible is important for blog usability
2010-10-12: Why non-linear directories have not been popular in filesystems
2010-10-11: The Unix directory problem and the history of directories
2010-10-10: Fixing Upstart's coupling of startup script presence and activation
2010-10-09: An illustration of how careful and clever spammers are today
2010-10-08: Why I am unhappy with Upstart right now
2010-10-07: In universities, you often buy hardware when you can
2010-10-06: What is going on with Samba's POSIX locking on NFS on Linux
2010-10-05: Why people combine NFS with Samba servers
2010-10-04: Linux, Samba, NFS, and POSIX locking
2010-10-03: An API mistake Unix has made several times
2010-10-02: ZFS resilvers are a whole-pool activity
2010-09-30: Stopping kernel updates on Ubuntu
A lot of my bugs are conceptual oversights
2010-09-29: A surprise about random IO versus unnecessary IO
2010-09-27: Why there is no POSIX standard for a Unix GUI
Why Grub2 doesn't solve my Ubuntu kernel problem
2010-09-26: The problems with OpenSolaris
2010-09-25: How Usenet used to be a filesystem stress test
2010-09-24: Frames were never necessary for menus and tables of contents
2010-09-23: Why things should be in Python's standard library
2010-09-22: The mysteries of video cards for Linux
2010-09-20: Dear Solaris boot sequence: SHUT UP
2010-09-19: Your on the fly control system should not use toggles
Some notes on (dynamic) Bind 9 logging
2010-09-18: Another reason why I don't like Ubuntu kernel packaging
2010-09-17: More on the module selection problem
2010-09-15: Why I like modules to be in the Python standard library
An overview of the Debian and RPM source package formats
2010-09-14: A confession: I find third party modules awkward in Python
2010-09-13: Why you want a recursive-forwarding caching nameserver
2010-09-12: Keyword expansion: why RCS rewrites files when you commit them
One aspect of getting used to modern version control
2010-09-11: A simple thing that every package management system should have
2010-09-10: Go's network package and IPv6 (and my ideal version thereof)
2010-09-09: Go, IPv6, and single binding machines
2010-09-07: My new view of DomainKeys
2010-09-06: Sorting out DomainKeys and understanding its limits
2010-09-05: An observation from changing my password
A plan to deal with my feed reader problem
2010-09-04: The laziness of a programmer, illustrated
2010-09-03: Finally understanding the attraction of AJAX
2010-09-02: Why Python's global is necessary
2010-08-31: I don't understand how net.ipv4.conf.*.rp_filter can work
2010-08-30: My avoidance of Python global variables
2010-08-29: A Bourne shell irritation: no wildcard matching operator
How many uberblock copies ZFS writes on transaction group commits
2010-08-28: The different between an SMTP proxy and a SMTP relay
2010-08-27: My impressions of Google Chrome so far
2010-08-25: A Windows moment on my laptop
The limitation of templates for web design changes
2010-08-24: A design mistake in my comments form
2010-08-23: Why I hate the Solaris 10 version of /bin/sh
My (probably wrong) assumption about Flash on Fedora
2010-08-22: Another reason to hate $LANG and locales on Unix
2010-08-21: A sudden realization about Unix access time updates and disk mirrors
2010-08-20: A clever blog anti-usability trick
2010-08-19: Getting Flash to work on my upgraded 64-bit Fedora 13 machine
2010-08-18: Please, no automatic scrolling to the next item
2010-08-17: The two sorts of Referer spam that I see
2010-08-16: What OpenSolaris's death probably means for us
2010-08-15: Why I change font sizes
2010-08-14: What I want in a caching nameserver
2010-08-13: PPP over ssh: solving problems with indirection
2010-08-12: Many programs should provide an easy way to change font size
2010-08-11: You should have a way to purge history
2010-08-10: Upgrading to Fedora 13 with my first yum upgrade
2010-08-08: The joy of debugging other people's programs
A personal view of the Fedora versus Ubuntu issue
2010-08-07: Why buying a Linux machine is not such a simple thing
2010-08-06: A thing I miss in the modern X world: command line arguments
2010-08-05: Doing unsigned 32-bit integer math in Python
2010-08-04: Good Solaris news from Oracle for once
2010-08-02: How OpenBSD's pf source-hash maps internal IPs to NAT pool IPs
2010-08-01: The consequence of Oracle's Solaris decisions
2010-07-31: The other peculiar effects of grant funding at universities
It's the indirect failure modes that will get you
2010-07-30: A little modern Unix twitch
2010-07-29: Some brief notes on OpenSSH's known_hosts hashing
2010-07-28: My Fedora 8 problem: upgrading
2010-07-27: What I would now do differently in a file based blog engine
2010-07-25: Why sysadmins almost never replace distribution packages
iSCSI versus NFS
2010-07-24: Thinking about the implications of your program being successful
2010-07-23: A realization about why my inbox keeps being my to-do tracker
2010-07-22: Why keeping /etc under version control doesn't entirely help
2010-07-21: The easy way to do fast OS upgrades
2010-07-20: The sysadmin view of messages from programs
2010-07-19: Why blog calendar widgets are bad
2010-07-18: How I solve the configure memory problem
2010-07-17: More building blocks of my environment: tkrxterm, tkssh, and pyhosts
2010-07-16: Realistic blog usability
2010-07-14: Making the Linux kernel shut up about segfaulting user programs
The challenges of shared spares in RAID arrays
2010-07-13: Sun Support's habit of publicizing private bug reports
Single-level list flattening in Python
2010-07-12: On (not) logging calculated statistics
2010-07-11: When is using SQL the right answer?
2010-07-10: People forget exceptions
2010-07-08: Unix programs should avoid exiting non-zero for clever reasons
2010-07-07: A gotcha with the Bourne shell's set -e and &&
2010-07-06: How zpool status reports on ZFS scrubs and resilvers
ZFS scrubs and resilvers are not sequential IO
2010-07-05: A thesis: noisy email addresses are dead
2010-07-03: /u, one of our long-standing Unix customizations
Returning to the era of 'duplicated' Ethernet addresses
2010-07-02: A gotcha with Python's socket.htonl() and ntohl()
A corollary to the limits of anti-spam precautions
2010-06-30: An update on comment spammer behavior here on WanderingThoughts
2010-06-29: Converting between IPv4 addresses and 32-bit integers in Python
There is such a thing as too much SQL (a reminder to myself)
2010-06-28: The great irritation of hidden access controls
2010-06-27: How we propagate password information in our fileserver infrastructure
2010-06-26: The Unix system UID and login name problem
2010-06-25: Python class definitions can be nested
2010-06-24: The elements of fileserver infrastructure
2010-06-23: The advantages of separate machines for separate things
2010-06-22: Why feed readers are not good for skimming things
2010-06-21: Applying low distraction design to alerting systems
2010-06-20: How my mail notifier avoids interrupting me
2010-06-19: Don't make your 'I am processing' animation too complex
2010-06-18: ZFS and multi-pool shared spares
2010-06-17: One reason why I prefer browser windows to browser tabs
2010-06-16: The problem of testing firewall rules changes
2010-06-14: The practicalities of non-GPL'd Linux kernel modules
A thought on feed readers versus the social web
2010-06-13: A (surprising) missing Unix tool program
2010-06-12: iSCSI Enterprise Target and disk write caches (and ZFS)
2010-06-11: What I know about ZFS and disk write caches
2010-06-10: What an iSCSI Enterprise Target kernel message really means
2010-06-09: The challenge of analyzing NFS packet traces
2010-06-08: Focusing on what you actually need in a program
2010-06-07: One problem with testing system changes
2010-06-06: The quiet death of postmaster@anywhere
2010-06-04: How to set up your module exceptions to be useful
How disk write caches can corrupt filesystem metadata
2010-06-02: A ZFS feature wish: rewriting read errors
2010-06-01: My sad little irritation with Twitter
2010-05-31: Another building block of my environment: sshterm
2010-05-30: The end of university-provided email is probably nigh
2010-05-29: UPSes: defense against problems, or sources of them?
Some comments on spam scoring and anti-spam tools in general
2010-05-28: Why I am really unhappy with ZFS right now: a ZFS import failure
2010-05-27: One benefit of relying on third-party (anti-)spam filtering
2010-05-25: Watch out for quietly degrading SATA disks
2010-05-24: Give your personal scripts good error messages
2010-05-23: Replacing modules for testing (and fun)
2010-05-22: How I fixed Google's search results redesign
Why I'm wrong about what sort of APIs C's stdargs allows
2010-05-21: An example of an API that you can't do with C stdargs
2010-05-20: The limitations of C's varargs support
2010-05-19: Why RPM's .rpmnew files don't work in practice
2010-05-18: An illustrated example of how not to do package updates
2010-05-16: You should also document why you didn't do attractive things
A theory about our jumbo frame switch firmware bug
2010-05-15: Why we don't use jumbo frames for iSCSI: a cautionary tale on testing
2010-05-14: A sysadmin mistake: shooting your virtual foot off
2010-05-13: Python exceptions for C programmers
2010-05-12: 'Borrowing' IPv4 netblocks to get around address space exhaustion
2010-05-11: Retrospectives are uncommon
2010-05-10: A little vi twitch
2010-05-09: Why diskless Unix machines lost out
2010-05-08: SSL certificate vendors are selling a commodity
2010-05-06: Oracle's future for Sun's hardware and OS business is now clear
The right way and the wrong way to disable init.d services
2010-05-05: The right way to fix ZFS disk glitches (at least for us)
2010-05-04: Dear software packagers, startup scripts edition
2010-05-03: Keeping track of filesystem consistency
2010-05-02: A brief history of fsck
2010-04-30: A rule of thumb: Automate where you can make mistakes
Never kill the screen locker
2010-04-29: How you access an object can be important in Python
2010-04-28: Altering a Python function's local variables with a trace function
2010-04-27: Evolving our mail system step 1: adding an external mail gateway
2010-04-26: How we moved from a black-box mailer configuration to a white-box one
2010-04-25: An observation about Twitter (and Google)
2010-04-24: Evolving our mail system: the overview and our goals
2010-04-23: What per-partition disk IO stats you get from the Linux kernel
2010-04-22: The latest Solaris licensing and support rumbles
2010-04-21: The advantage of garbage collection for APIs
2010-04-20: Standard format Unix errors in Python programs
2010-04-19: Why you don't want to host your MTA machine in the cloud
2010-04-18: I think it's time to turn off automatic periodic ext3 fscks
2010-04-17: The 30 second elevator pitch on HTML 4.01 (vs XHTML)
2010-04-16: How to write to stderr so people will like you
2010-04-15: The standard format Unix error messages
2010-04-14: The myth of a completely shared knowledge base across sysadmins
2010-04-13: The impact of single-disk slow writes on mirrors (and other RAID arrays)
2010-04-12: The importance of figuring out low-level symptoms of problems
2010-04-11: The comedy potential inherent in people reusing your address space
2010-04-10: Why commands can never afford to get it wrong in a version
2010-04-09: The processing flow of a network copying program
2010-04-08: A little script: sshup
2010-04-07: Our current mail system's configuration
2010-04-06: How not to set up IP aliases on Ubuntu (and probably Debian)
2010-04-05: An important thing about how ZFS handles spares
2010-04-04: The problem with header and footer overlays on web pages
2010-04-03: A DVCS advantage for open source development
2010-04-02: Notes on the compatibility of crypted passwords on various Unixes
2010-03-31: Looking back at a year of our disk-based backup system
Remote applications and Gnome settings: an irritation
2010-03-30: One possible future for Solaris
2010-03-29: More signs of Oracle's view of Solaris
My theory on why our worklogs work for us
2010-03-28: The evolution of checklists in my work
2010-03-27: Testing in the face of popen()
2010-03-26: Tkinter sometimes has a busy-wait main loop (more or less)
2010-03-25: The problem with overly verbose package installation
2010-03-24: One reason why 'zpool status' can hang
2010-03-23: No DSL is 'human-readable' as such
2010-03-22: Why I exploit Python to shim modules for testing purposes
2010-03-21: The power of 'I like this' in social applications
2010-03-20: Web analytics versus GET parameter security
2010-03-19: The problem with general purpose languages as configuration languages
2010-03-17: How Solaris 10's mountd works
Another building block of my environment: rxterm
2010-03-16: The Solaris 10 NFS server's caching of filesystem access permissions
2010-03-15: How to create pointless error reports (and how not to)
2010-03-14: Space and content
2010-03-13: A surprising lack: milter clients
2010-03-12: End results versus what's inside the black box
2010-03-11: Why the pam_mail PAM module is not my friend
2010-03-10: Mythology about Unix workstations
2010-03-09: How not to design an API (in C): the enum ordering mistake
2010-03-08: Exceptions versus error return values
2010-03-07: Why I don't expect third-party support for OpenSolaris
2010-03-06: Pushing code changes upstream is hard work
2010-03-05: PCs are (or can be) Unix workstations
2010-03-04: You want to do spam forwarding on a separate machine
2010-03-03: All syndication formats use XML
2010-03-02: A building block of my environment: rxexec
2010-02-28: Why XML is terrible for configuration files
The dividing line between supporting code and forking it
2010-02-27: An 'email marketing' wish
2010-02-26: The remaining Unixes (and their manpages)
2010-02-25: Reading the Oracle tea leaves for Solaris
2010-02-24: How to listen on a socket in the modern IPv6-enabled world
2010-02-23: What Linux's getaddrinfo() is doing with IPv6 (on some versions)
2010-02-22: Unix portability and scripting language versions
2010-02-21: It's sinking in that Sun is gone
2010-02-20: Viral marketing versus word of mouth marketing
2010-02-19: Using socket.getaddrinfo to look up IP addresses
2010-02-18: Some notes on using socket.getaddrinfo()
2010-02-17: The purpose of configuration files
2010-02-16: A Linux gotcha about daemons and bindv6only
2010-02-15: IPv6 with Lighttpd on Linux
2010-02-14: Brief notes on IPv6 support in some Linux programs
2010-02-13: Some stuff on dual-bound IPv6 sockets on Linux
2010-02-12: The many IPv6 addresses of an IPv4 machine
2010-02-11: Forcing your webpage content to scroll is generally a bad idea
2010-02-10: Beware of using Linux's hostname -s switch
Some thoughts about 6to4
2010-02-09: Why your program should have an actual configuration file
2010-02-08: A thought on deliberately slow disaster recovery
2010-02-07: The problem with blog footnotes
2010-02-06: Why a laptop is not likely to be my primary machine any time soon
2010-02-05: Emergency procedures checklists need check steps
2010-02-03: Outdated documentation is especially risky for sysadmins
Link: Pollution in
How to destroy people's interest in updating documentation
2010-02-02: What charging credit cards doesn't prove
2010-01-31: More vim options it turns out that I want
Thinking about syndication feeds and spoilers
2010-01-30: I'm puzzled about DNS glue records in the modern world
2010-01-29: A theory about Apple's new iPad
2010-01-28: Always sign exactly what you are authenticating
2010-01-27: AT&T's mad unbundling and the damage it did to Unix
2010-01-26: Why the modern age is great
2010-01-25: You can only really expire cookies on the server
2010-01-24: How I should have done password crypto for DWiki
2010-01-23: A Python safety tip: Do notice that things can throw exceptions
2010-01-22: Three ways to get tracebacks in your CGI Python application
2010-01-20: The argument for not managing systems via packages
One of the things that killed network computers (aka thin clients)
2010-01-19: OpenSolaris versus Solaris
2010-01-18: More on mismatched sectors on Linux software RAID mirrors
2010-01-17: I do not like Unix's fossilization
2010-01-16: Different visions of what packaging systems are for
2010-01-15: Packaging systems should support overlays
2010-01-14: Packaging systems should be comprehensive
2010-01-13: One reason why you should not let people register other people
2010-01-12: How systems get created in the real world
2010-01-11: In praise of crash (and kernel source)
2010-01-10: Why the Solaris packaging system is bad
2010-01-09: Patch management is part of package management
2010-01-08: A brief and jaundiced history of Unix packaging systems
Interesting things can happen when you scale things up
2010-01-06: A theory on why most browsers control their own list of CA roots
The department's model for providing computing support
2010-01-04: Some thoughts on battery backup for RAID controller cards
Turning synchronous channels asynchronous
2010-01-03: Go interfaces are not my sort of interfaces
2010-01-02: Proper disclosure, or how not to be a comment spammer
2010-01-01: Brief bits from the evolving ipsCA failure

Page tools: See As Normal.
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.