Wandering Thoughts archives

2018-11-13: Our pragmatic attachment to OpenBSD PF for our firewall needs
2018-11-12: What Python 3 versions I can use (November 2018 edition)
2018-11-11: Easy configuration for lots of Prometheus Blackbox checks
The needs of Version Control Systems conflict with capturing all metadata
OpenSSH 7.9's new key revocation support is welcome but can't be a full fix
2018-11-10: Why Prometheus turns out not be our ideal alerting system
Character by character TTY input in Unix, then and now
2018-11-09: Getting CPU utilization breakdowns efficiently in Prometheus
2018-11-08: The future of our homedir-based mail server system design
2018-11-07: What email messages to not send autoreplies to (late 2018 edition)
2018-11-06: Our self-serve system for 'vacation' autoreplies and its surprising advantage
2018-11-05: rate() versus irate() in Prometheus (and Grafana)
2018-11-04: DKIM provides sender attribution (for both spam and not necessarily spam)
My view on Debian versus Ubuntu LTS for us today
2018-11-02: Metadata that you can't commit into a VCS is a mistake (for file based websites)
2018-11-01: In Linux, hitting a strict overcommit limit doesn't trigger the OOM killer
2018-10-31: Do I feel uncertain about CentOS's future now? Yes, a bit
OpenSSH has broader key revocation than I thought
2018-10-29: Shooting myself in the foot by cargo-culting Apache configuration bits
2018-10-28: How I'm visualizing health check history in Grafana
Link: HiDPI on dual 4K monitors with Linux
The obviousness of inheritance blinded me to the right solution
2018-10-26: What 'dependency' means in Unix init systems is underspecified
2018-10-25: I should always give my Python classes a __str__ method
2018-10-24: You can sort of use zdb as a substitute for a proper ZFS fsck
2018-10-23: ZFS scrubs check (much) less than you probably think they do
2018-10-22: Some DKIM usage statistics from our recent inbound email (October 2018 edition)
Using group_* vector matching in Prometheus for database lookups
2018-10-21: Some tradeoffs of having a Certificate Authority in your model
2018-10-20: The original Unix ed(1) didn't load files being edited into memory
2018-10-18: Some things on delays and timings for Prometheus alerts
Link: Vectorized Emulation [of CPUs and virtual machines]
Why you should be willing to believe that ed(1) is a good editor
2018-10-17: When metrics disappear on updates with Prometheus Pushgateway
2018-10-16: Quickly bashing together little utilities with Python is nice
2018-10-15: The external delivery delays we see on our central mail machine
Garbage collection and the underappreciated power of good enough
2018-10-13: Getting a CPU utilization breakdown in Prometheus's query language, PromQL
How Prometheus's query steps (aka query resolution) work
2018-10-12: My unusual use for Firefox's Private Browsing mode
2018-10-11: Some notes on Prometheus's Blackbox exporter
2018-10-10: Even systemd services and dependencies are not self-documenting
2018-10-09: Something systemd is missing for diagnosing oddly slow boots
2018-10-07: It's good to check systemd for new boot-time things every so often
2018-10-06: A deep dive into the OS memory use of a simple Go program
Go basically never frees heap memory back to the operating system
2018-10-05: My non-approach to password management tools
2018-10-03: Thinking about what we want to be alerted about
2018-10-02: Thinking about what we probably want for monitoring, metrics, etc
An irritating limitation or two of addons in Firefox Quantum
2018-09-30: My Firefox addons as of Firefox '64' (the current development version)
Why updating my Fedora kernels is a complicated multi-step affair
2018-09-28: Addressable values in Go (and unaddressable ones too)
Using a very old ZFS filesystem can give you a kernel panic on Linux
2018-09-27: Learning about Go's unaddressable values and slicing
2018-09-25: A problem with unmounting FUSE mount points that are on NFS filesystems
2018-09-24: Why I don't set master passwords in programs
Walking away from Google Chrome
2018-09-22: The ed(1) command in the Single Unix Specification (and the SVID)
Some differences between various versions of ed(1)
2018-09-21: Your databases always have a schema
Why I mostly don't use ed(1) for non-interactive edits in scripts
2018-09-20: Ubuntu pretty much is the 'universe' repository for us
2018-09-19: The Extended Validation TLS certificate endgame is here (to my surprise)
2018-09-17: Python 3 supports not churning memory on IO
The importance of explicitly and clearly specifying things
2018-09-16: CPython has a fairly strongly predictable runtime, which can be handy
2018-09-15: How to use uBlock Origin to block Javascript by default
2018-09-14: How you migrate ZFS filesystems matters
2018-09-13: I don't like getters and setters and prefer direct field access
2018-09-12: A surprise discovery about procmail (and wondering about what next)
2018-09-11: The Linux kernel's internals showing through in the specifics of an NFS bug
2018-09-09: Why I don't think browsers will ever standardize how 'Reader Mode' works
Cookie management models in Firefox Quantum in practice
2018-09-07: My view of the current state of Go's dependency management (as of Go 1.11)
I've slowly been improving my web experience by trusting uMatrix more
2018-09-06: Our future IPv6 access control problems due to non-DHCP6 machines
2018-09-04: Some views on the Go 2 Error Inspection early draft proposal
ZFS quietly discards all-zero blocks, but only sometimes
2018-09-02: Link: "The History of a Security Hole" (in various *BSD kernels)
An extravagant and dense piece of malware-laden email
If one phish spam doesn't succeed, maybe another will
NFS directory reading and directory file type information
2018-08-31: Link: A deep dive into the Go memory allocator
Configurations can quietly drift away from working over time, illustrated
Making Ubuntu bug reports seems to be useless (or pointless)
2018-08-29: Our problem with (Amanda) backups of many files, especially incrementals
How I recently used vendoring in Go
2018-08-28: An illustration of why it's hard to port outside code into the Linux kernel
2018-08-26: A little bit of the one-time MacOS version still lingers in ZFS
How ZFS maintains file type information in directories
2018-08-25: The history of file type information being available in Unix directories
2018-08-24: Incremental development in Python versus actual tests
2018-08-23: It's time for me to buckle down and add tests to our Django web app
2018-08-22: Why ed(1) is not a good editor today
2018-08-20: Explicit manipulation versus indirect manipulation UIs
It's worth testing that obvious things actually do work
2018-08-19: Why I'm mostly not interest in exploring new fonts (on Unix)
2018-08-17: Some malware apparently believes in covering its bases
Some Firefox addons I'm experimenting with (as of Firefox 62 or so)
2018-08-16: It matters where (or when) your programs ask questions
2018-08-14: Go's net package doesn't have opaque errors, just undocumented ones
Our problem with HTTPS and user-created content
2018-08-12: The evolution of our account creation script
A recent spate of ZIP attachments with everything
2018-08-10: Fetching really new Fedora packages with Bodhi
The benefits of driving automation through cron
One simple general pattern for making sure things are alive
2018-08-08: Systemd's DynamicUser feature is (currently) dangerous
A timesyncd total failure and systemd's complete lack of debugability
2018-08-06: Link: Where Vim Came From
Linux's /dev/disk/by-path names for disks change over time
2018-08-05: Some more notes on Firefox 63 and perhaps later media autoplay settings
Why email is often not as good as modern communication protocols
2018-08-03: Firefox now implements its remote control partly over D-Bus
How I want to use Go's versioned modules
2018-08-02: Ubuntu 18.04's problem with Amanda's amrecover
2018-07-31: The hidden danger of using rsync to copy files instead of cp
2018-07-30: My own configuration files don't have to be dotfiles in $HOME
Being reminded that an obvious problem isn't necessarily obvious
2018-07-29: Our ZFS fileservers aren't happy when you do NFS writes to a full filesystem
2018-07-28: Word-boundary regexp searches are what I usually want
2018-07-27: Today I saw a spammer parasite itself on another spammer (probably)
2018-07-25: One advantage of Go modules will be less mess in $HOME/go/src
2018-07-24: I doubt Chrome's new 'not secure' warning about HTTP sites will change much (at least right away)
2018-07-23: Some notes on lifting Python 2 code into Python 3 code
The irritatingly many executable formats of Windows
2018-07-22: The problem with some non-HiDPI aware applications (is that they're very small)
2018-07-21: How we're handling NFS exports for our ZFS on Linux systems
2018-07-20: Linux's NFS exports permissions model compared to Illumos's
2018-07-19: Sometimes it actually is a Linux kernel bug
2018-07-17: Some things on Illumos NFS export permissions
2018-07-16: Why people are probably going to keep using today's Unixes
2018-07-15: When I'll probably be able to use Python assignment expressions
Understanding ZFS System Attributes
2018-07-14: The challenge of storing file attributes on disk
2018-07-13: ZFS on Linux's sharenfs problem (of what you can and can't put in it)
2018-07-11: You should probably write down what your math actually means
2018-07-10: Some thoughts on performance shifts in moving from an iSCSI SAN to local SSDs
Remembering that Python lists can use tuples as the sort keys
2018-07-08: TLS Certificate Authorities and 'trust'
We've decided to write our future Python tools in Python 3
2018-07-06: Having your SSH server on an alternate port provides no extra security today
I'm seeing occasional mysterious POST requests without Content-Types
2018-07-04: How and why we sell storage to people here
The hardware and basic setup for our third generation of ZFS fileservers
2018-07-03: The history of our custom NFS mount authorization system (or some of it)
2018-07-01: Understanding the first imperative of a commercial Certificate Authority
2018-06-30: My interesting experience with rapid repeated PID rollover on Linux
2018-06-29: What 'PID rollover' is on Unix systems
How ZFS makes things like 'zfs diff' report filenames efficiently
2018-06-27: My Ryzen-based Linux office machine appears to finally be stable
I think it's still reasonable to run personal servers on the Internet
2018-06-25: Twitter probably isn't for you or me any more
2018-06-24: What ZFS block pointers are and what's in them
A broad overview of how ZFS is structured on disk
2018-06-22: When you make changes, ZFS updates much less stuff than I thought
Running servers (and services) well is not trivial
2018-06-20: Revising my view on Python 3 for new code again: you should use it
The time to be compatible with both Python 2 and Python 3 is past
2018-06-18: Getting Xorg to let you terminate the X server with Ctrl + Alt + Backspace
2018-06-17: The history of terminating the X server with Ctrl + Alt + Backspace
A broad overview of how modern Linux systems boot
2018-06-16: The 'on premise' versus 'off premise' approach to environments
2018-06-15: Default X resources are host specific (which I forgot today)
2018-06-14: Clearing cached HTTP redirections or HSTS status in Firefox
2018-06-13: Link: A Child’s Garden of Inter-Service Authentication Schemes
Link: About the memory management in the Bourne shell
The mess Ubuntu 18.04 LTS has made of libreadline
2018-06-11: A website's design shows its actual priorities
2018-06-10: People receiving email don't feel it should be their job to stop spam
2018-06-09: What ZFS messages about 'permanent errors in <0x95>:<0x0>' mean
How to run a mail sending service that will probably never send spam
2018-06-08: Networks form through usage and must be maintained through it
2018-06-07: The history of Unix's confusing set of low-level ways to allocate memory
2018-06-06: The downsides of processing files using too large a buffer size
2018-06-04: The superficial versus deep appeal of ZFS
What I use Github for and how I feel about it
2018-06-03: Why I believe that HTTPS-only JavaScript APIs make sense
2018-06-02: Intel versus AMD for me (in 2018)
2018-05-31: What is the long term future for Extended Validation TLS certificates?
Extended Validation TLS certificates are basically invisible
2018-05-30: Taking over program names in Linux is generally hard
2018-05-28: An incomplete list of reasons why I force-quit iOS apps
2018-05-27: ZFS pushes file renamings and other metadata changes to disk quite promptly
Most modern web spiders are parasites
2018-05-25: Some notes on Go's runtime.KeepAlive() function
There's real reasons for Linux to replace ifconfig, netstat, et al
2018-05-24: Registering for things on the Internet is dangerous these days
2018-05-23: Almost no one wants to run their own infrastructure
2018-05-21: Bad versions of packages in the context of minimal version selection
2018-05-20: 'Minimal version selection' accepts that semantic versioning is fallible
Modern CPU power usage varies unpredictably based on what you're doing
2018-05-18: ZFS spare-N spare vdevs in your pool are mirror vdevs
How I usually divide up NFS (operation) metrics
2018-05-17: I'm worried about Wayland but there's not much I can do about it
2018-05-16: How you run out of inodes on an extN filesystem (on Linux)
2018-05-15: I have a boring desktop and I think I'm okay with that
2018-05-13: My GDPR pessimism
2018-05-12: ZFS on Linux's development version now has much better pool recovery for damaged pools
Sorting out some of my current views on operator overloading in general
2018-05-11: Notice to web spiders: an email address in your user-agent isn't good enough
2018-05-10: Python modules use operator overloading in two different ways
2018-05-09: Yubico fails to care that people give you email addresses for specific purposes
2018-05-08: How we're going to be doing custom NFS mount authorization on Linux
2018-05-07: One reason why Python doesn't let you overload the boolean AND and OR operations
2018-05-06: Firefox turns out to need some degree of 'autoplay' support
2018-05-05: Modern Unix GUIs now need to talk to at least one C library
2018-05-04: Why you can't put zero bytes in Unix command line arguments
2018-05-03: Using grep to hunt around for null bytes in text files
2018-05-02: An interaction of low ZFS recordsize, compression, and advanced format disks
2018-04-30: You probably need to think about how to handle core dumps on modern Linux servers
Microsoft's Bingbot crawler is on a relative rampage here
2018-04-29: My new 4K HiDPI display really does make a visible difference
2018-04-28: What sorts of good email attachments our users get (April 2018 edition)
2018-04-27: Some notes on Firefox's current media autoplay settings
2018-04-26: The shifting goals of our custom NFS mount authorization system
2018-04-25: An implementation difference in NSS netgroups between Linux and Solaris
2018-04-24: What the core practical problems with HiDPI seem to be on Linux
2018-04-23: ZFS's recordsize as an honest way of keeping checksum overhead down
2018-04-22: Thinking about why ZFS only does IO in recordsize blocks, even random IO
2018-04-20: The increasingly surprising limits to the speed of our Amanda backups
Spam from Yahoo Groups has quietly disappeared
2018-04-18: The sensible way to use Bourne shell 'here documents' in pipelines
A CPU's TDP is a misleading headline number
2018-04-17: Link: Parsing: a timeline
Go and the pragmatic problems of having a Python-like with statement
2018-04-16: Some notes and issues from trying out urxvt as an xterm replacement
2018-04-15: The unfortunate configuration choice Grub2 makes in UEFI configurations
2018-04-13: For the first time, my home PC has no expansion cards
A learning experience about the performance of our IMAP server
2018-04-12: I'm hoping that RHEL 8's decision on Python 2 isn't Ubuntu 20.04's decision
2018-04-10: Our real problem with a removal of Python 2 is likely to be our users
2018-04-09: Power consumption numbers for my 2018 home and work machines
2018-04-08: The interesting question of whether Ubuntu 20.04 LTS will include Python 2
A learning experience with iOS's fingerprint recognition
2018-04-07: Some numbers for how well various compressors do with our /var/mail backup
2018-04-06: Using Go finalizers can be a better option than not using them
2018-04-05: Switching over to Firefox Quantum was relatively painless
2018-04-04: Today's learning experience is that gzip is not fast
2018-04-03: Sorting out my systemd mistake with a script-based service unit
2018-04-02: Link: Closing the Loop: The Importance of External Engagement in Computer Science Research
I've retired my filtering HTTP proxy
2018-03-31: Using a local database to get consistent device names is a bad idea
My new Linux home machine for 2018
2018-03-30: My current set of Firefox Quantum (57+) addons
Sometimes, not trying to reject some sort of spam is the right answer
2018-03-29: The problem with Linux's 'predictable network interface names'
2018-03-28: The correlation between Spamhaus Zen listings and attachment types (March 2018 edition)
2018-03-27: My uncertainties around X drivers for modern Intel integrated graphics
2018-03-26: xprt: data for NFS mounts in /proc/self/mountstats is per-fileserver, not per-mount
2018-03-25: Our revised Dovecot IMAP configuration migration plans (and processes)
2018-03-24: Our current ugly hacks to Dovecot to help mitigate our IMAP problems
2018-03-23: Some things about Dovecot, its index files, and the IMAP LIST command
2018-03-22: Why seeing what current attributes a Python object has is hard
2018-03-21: You probably don't want to run Firefox Nightly any more
2018-03-20: Python and the 'bags of unstructured data' approach
2018-03-19: Some exciting ZFS features that are in OmniOS CE's (near) future
2018-03-18: Why I use Facebook (a story of web development)
2018-03-17: Much better ZFS pool recovery is coming (in open source ZFS)
2018-03-16: Wrestling with metrics to get meaningful, useful ones
2018-03-14: What I think I want out of a hypothetical nfsiotop for Linux
Why Let's Encrypt's short certificate lifetimes are a great thing
2018-03-12: A spammer misses a glorious opportunity
Linux is good at exposing the truth of how motherboards are wired
2018-03-11: A bad web scraper operating out of OVH IP address space
2018-03-09: In Fedora, your initramfs contains a copy of your sysctl settings
Some questions I have about DDR4 RAM speed and latency in underclocked memory
2018-03-07: Some things I mean when I talk about 'forged HTTP referers'
The lie in Ubuntu source packages (and probably Debian ones as well)
2018-03-05: Getting chrony to not try to use IPv6 time sources on Fedora
2018-03-04: The value locked up in the Unix API makes it pretty durable
The practical Unix API is more than system calls (or POSIX)
2018-03-02: Frequent versus infrequent developers (in languages and so on)
A sysadmin's perspective on Go vendoring and vgo
2018-02-28: egrep's -o argument is great for extracting unusual fields
Using Python 3 for example code here on Wandering Thoughts
2018-02-26: Meltdown and Spectre have made this a bad time to get a new x86 CPU
It feels good to have a fallback option for home computing
2018-02-25: What Python does when you subclass a __slots__ class is the right answer
2018-02-24: The question of what will be sending email spam over IPv6
2018-02-23: Github and publishing Git repositories
2018-02-21: Sorting out what exec does in Bourne shell pipelines
2018-02-20: How switching to uMatrix for JavaScript blocking has improved my web experience
I've now received my first spam email over IPv6
2018-02-19: Some consumer SSDs are moving to a 4k 'advance format' physical block size
2018-02-18: Memories of MGR
2018-02-17: Using lsblk to get extremely useful information about disks
2018-02-16: How I tend to label bad hardware
2018-02-15: DTrace being GPL (and thrown into a Linux kernel) is just the start
2018-02-14: Some things about ZFS block allocation and ZFS (file) record sizes
2018-02-12: Writing my first addon for Firefox wasn't too hard or annoying
2018-02-11: Sending emails to your inbox is a dangerous default
Access control security requires the ability to do revocation
2018-02-10: The interesting error codes from Linux program segfault kernel messages
2018-02-09: My failure to migrate my workstation from MBR booting to UEFI
2018-02-08: What the Linux kernel's messages about segfaulting programs mean on 64-bit x86
2018-02-07: Consumer SSDs and their nominal physical block sizes, now and in the future
2018-02-05: I should remember that sometimes C is a perfectly good option
2018-02-04: A surprise in how ZFS grows a file's record size (at least for me)
More notes on using uMatrix in Firefox 56 (in place of NoScript)
2018-02-02: Some practical tradeoffs involved in using HTTPS instead of HTTP
X's network transparency was basically free at the time
2018-01-31: Mozilla's Looking Glass 'retrospective' is unfortunately inadequate
How the IPs sending us malware break down (January 2018 edition)
2018-01-30: Reverse engineering some settings for Google Search
2018-01-28: Adding 'view page in no style' to the WebExtensions API in Firefox Quantum
Adding 'view page in no style' to Firefox Quantum's context menu
The limitations of Firefox's Reader mode
2018-01-26: A misbehaving SMTP sender can fool me about malware volume
X's network transparency has wound up mostly being a failure
2018-01-24: What the Linux rcu_nocbs kernel argument does (and my Ryzen issues again)
Some early notes on using uMatrix to replace NoScript in Firefox 56
2018-01-22: The addons that I would likely use with Firefox Quantum (57+)
Doing something when a Cinnamon-based laptop suspends or hibernates
2018-01-21: The temptation of Firefox Quantum for me
2018-01-19: I'm one of those people who never log out from their desktop
2018-01-18: Why Go cares about the difference between unsafe.Pointer and uintptr
A recent performance surprise with X on my Fedora Linux desktop
2018-01-17: My new Ryzen desktop is causing Linux to hang (and it's frustrating)
2018-01-16: You could say that Linux is AT&T's fault
2018-01-15: Meltdown and the temptation of switching to Ryzen for my new home machine
2018-01-14: Our small tools for running commands on multiple machines
2018-01-13: Some plans for migrating my workstation from MBR booting to UEFI
2018-01-12: Open source software licenses matter
2018-01-10: Linux's glibc monoculture is not a bad thing
Glibc and the Linux API
2018-01-09: Differences between keywords and constants in Python
2018-01-08: Link: Some fascinating details of cellular data transmission
2018-01-07: The challenges of having true constants in Python
Link: The Python decorators they won't tell you about
2018-01-06: What's happening when you change True and False in Python 2
What ZFS gang blocks are and why they exist
2018-01-05: Confirming the behavior of file block sizes in ZFS
2018-01-04: The goals and problems of our Dovecot IMAP configuration migration
2018-01-03: A brief review of the Dell XPS 13 as a Fedora laptop
2018-01-02: Some notes on relative imports and vendor/ in Go

Page tools: See As Normal.
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.