Wandering Thoughts archives

2020-07-08: "Interface smuggling", a Go design pattern for expanding APIs
2020-07-07: Some thoughts on Fedora moving to btrfs as the default desktop file system
I now think that blog 'per day' pages with articles are a mistake
2020-07-05: A Go lesson learned: sometimes I don't want to use goroutines if possible
2020-07-04: How you get multiple TLS certificate chains from a server certificate
What a TLS self signed certificate is at a mechanical level
2020-07-02: The work that's not being done from home is slowly accumulating for us
Link: Code Only Says What it Does
2020-07-01: In ZFS, your filesystem layout needs to reflect some of your administrative structure
2020-06-30: The unfortunate limitation in ZFS filesystem quotas and refquota
2020-06-29: How Prometheus Blackbox's TLS certificate metrics would have reacted to AddTrust's root expiry
Adapting our Django web app to changing requirements by not doing much
2020-06-28: Understanding why Django's goals are not our goals for our web application
2020-06-26: NetworkManager and (not) dealing with conflicting network connections
2020-06-25: What Prometheus Blackbox's TLS certificate expiry metrics are checking
2020-06-24: Unix's design issue of device numbers being in stat() results for files
2020-06-23: Sometimes it takes other people to show you some of your site's design flaws
2020-06-22: Today I learned that HTML <abbr> may not do much on mobile browsers
2020-06-21: In Go, the compiler needs to know the types of things when copying values
2020-06-20: The additional complications in DNS updates that secondary DNS servers add
2020-06-19: Removing unmaintained packages from your Fedora machine should require explicitly opting in
People's efficiency expectations for generics in 'Go 2' and patterns of use
2020-06-17: How applications autostart on modern Linux desktops
A scrolling puzzle involving GTK+, XInput, and alternate desktops (on Fedora)
2020-06-15: Input events on X have an old world and a new world
2020-06-14: Product code and utility code
2020-06-13: An interesting combination of flaws in some /etc/mailcap handling
2020-06-12: The safety of GMail's POP server TLS certificate verification (or lack of it)
Dual displays contrasting with virtual screens (aka multiple desktops)
2020-06-10: A dual display setup creates a natural split between things
2020-06-09: The practical people problem with instance diversity in the Fediverse
My mixed feelings about 'swap on zram' for Linux
2020-06-07: A Go time package gotcha with parsing time strings that use named time zones
2020-06-06: Why sysadmins don't like changing things, illustrated
2020-06-05: Why we put alert start and end times in our Prometheus alert messages
2020-06-04: Formatting alert start and end times in Prometheus Alertmanager messages
2020-06-03: In theory you (we) should have SPF records for HELO hostnames too
2020-06-02: A subtle trap when formatting Go time.Time values
2020-06-01: Watching the recent AddTrust root CA certificate expiry has been humbling
2020-05-31: Mail forwarding is slowly dying (probably)
2020-05-30: How we're likely to DKIM sign some of our email messages
2020-05-29: What sort of SSH keys our users use or have listed in their authorized keys files
2020-05-28: The surprising persistence of RSA keys in SSH
2020-05-27: What I think OpenSSH 8.2+'s work toward deprecating 'ssh-rsa' means
My various settings in X to get programs working on my HiDPI display
2020-05-25: My failure with Xpra (probably because what I want is almost impossible)
2020-05-24: A cheatsheet for Python's pip for how I use it
Security questions and warnings are effectively confirmation requests
2020-05-22: Mixed feelings about Firefox Addons' new non-Recommended extensions warning
Working out how frequently your ICMP pings fail in Prometheus
2020-05-20: How I work on Python 2 and Python 3 with the Python Language Server (in GNU Emacs)
Switching to the new in-kernel WireGuard module was easy (on Fedora 31)
2020-05-18: Reading the POSIX standard for Unix functions is not straightforward
2020-05-17: Syndication feeds (RSS) and social media can be complementary
Some views on having your system timezone set to UTC
2020-05-15: Why we use city names when configuring system timezones
2020-05-14: Exploring munmap() on page zero and on unmapped address space
2020-05-13: Getting my head around what things aren't comparable in Go
The modern HTTPS world has no place for old web servers
2020-05-11: Why we have several hundred NFS filesystems in our environment
2020-05-10: How we guarantee there's always some free space in our ZFS pools
2020-05-09: How big our fileserver environment is (as of May 2020)
2020-05-08: Revisiting what the ZFS recordsize is and what it does
Linux software RAID resync speed limits are too low for SSDs
2020-05-06: Modern versions of systemd can cause an unmount storm during shutdowns
How to set up an Ubuntu 20.04 ISO image to auto-install a server
2020-05-04: Notes on the autoinstall configuration file format for Ubuntu 20.04
The Go compiler has real improvements in new versions (and why)
2020-05-03: What OSes we use here (as of May 2020)
2020-05-01: What problems Snaps and Flatpaks are solving
2020-04-30: The afterlife of Python 2
2020-04-29: The problem of Ubuntu 20.04, Snaps, and where your home directory is
Dealing with my worries about Django and HTTP Basic Authentication
2020-04-27: I think you should generally be using the latest version of Go
My views on SystemTap as compared to eBPF for Linux kernel instrumentation
2020-04-26: Looking back at DTrace from a Linux eBPF world (some thoughts)
2020-04-25: Some notes on Firefox's interstitial warning for old TLS versions
2020-04-24: Accepting TLS certificate hostnames based on IP address checks is not safe
2020-04-23: The Unix divide over who gets to chown things, and (disk space) quotas
2020-04-22: More on chown in combination with symlinks
2020-04-20: An important safety note about chown and symlinks (also chmod and chgrp)
2020-04-19: Verifying the server hostname for a TLS certificate has two purposes
GMail, POP, and TLS server certificate verification
2020-04-17: We've disabled eBPF for normal users on our Linux machines
Some bits of grep usage are where I disagree with Shellcheck
2020-04-15: Some ways that servers make their disks not hot-swappable
We're (temporarily) moving to three way mirrored disks on our servers
2020-04-13: If you use GNU Grep on text files, use the -a (--text) option
2020-04-12: The appeal of doing exact string comparisons with Apache's RewriteCond
ZFS on Linux has now become the OpenZFS ZFS implementation
2020-04-10: 'Deduplicated' ZFS send streams are now deprecated and on the way out
Why my commit messages for configuration files describe my changes
2020-04-08: Why you want a Linux bootloader even on UEFI systems
There can be differences in what malware variants anti-spam systems distinguish
2020-04-06: Fedora 31 fumbles DNF modules, package updates edition
2020-04-05: My normal process for upgrading from one Fedora version to another
Why it's very bad for applications to start themselves automatically
2020-04-03: Microsoft Teams' bad arrogance on (Fedora) Linux
2020-04-02: We may face some issues with the timing of Ubuntu 20.04 and its effects
2020-04-01: Why Linux bootloaders wind up being complicated
2020-03-31: My home DSL link really is fast enough to make remote X acceptable
2020-03-30: It's worth documenting the obvious (before it stops being obvious)
Notes on Grafana 'value groups' for dashboard variables
2020-03-29: I set up Python program options and arguments in a separate function
2020-03-28: The Prometheus host agent's CPU utilization metrics can be a bit weird
2020-03-27: OpenBSD's 'spinning' CPU time category
2020-03-26: Any KVM over IP systems need to be on secure networks
2020-03-25: The problem of your (our) external mail gateway using internal DNS views
2020-03-23: How we set up our ZFS filesystem hierarchy in our ZFS pools
Why we use 1U servers, and the two sides of them
2020-03-22: Avoiding the 'dangling else' language problem with mandatory block markers
2020-03-20: Wishing for a remote resilient server environment (now that it's too late)
2020-03-19: Make sure to keep useful labels in your Prometheus alert rules
Sorting out Go's 'for ... = range ..' and when it copies things
2020-03-18: Understanding X mouse cursors (and their several layers of history)
2020-03-17: A problem I'm having with my HiDPI display, remote X, and (X) cursors
2020-03-16: How Firefox could support automatically using local DNS over HTTPS servers
2020-03-15: Why the choice of DNS over HTTPS server needs to be automatic (a sysadmin view)
2020-03-14: The two meanings of 'DNS over HTTPS' today
2020-03-13: Sensible heuristics for when to use DNS over HTTPS can't work for us
2020-03-12: TLS increasingly exists in three different worlds
2020-03-11: Some notes on the state of DNS over HTTPS in Firefox (as of March 2020)
2020-03-09: Logging out of HTTP Basic Authentication in Firefox
What makes our Ubuntu updates driver program complicated
2020-03-08: How we sort of automate updating system packages across our Ubuntu machines
2020-03-07: Linux's iowait statistic and multi-CPU machines
2020-03-05: The problem of Unix iowait and multi-CPU machines
2020-03-04: Unix's iowait% is a narrow and limited measure that can be misleading
2020-03-03: One impact of the dropping of Python 2 from Linux distributions
2020-03-02: More or less what versions of Go support what OpenBSD releases (as of March 2020)
2020-03-01: The situation with Go on OpenBSD
2020-02-29: OpenBSD versus Prometheus (and Go)
2020-02-28: One reason for Go to prefer providing indexes in for ... range loops
2020-02-27: Some alert inhibition rules we use in Prometheus Alertmanager
2020-02-26: The magic settings to make a bar graph in Grafana
The browsers are probably running the TLS show now
2020-02-25: The basics of /etc/mailcap on Ubuntu (and Debian)
2020-02-23: Webmail providers (and others) hiding user IPs was the right decision
Our (unusual) freedom to use alerts as notifications
2020-02-22: Will common motherboards ever have very many NVMe drive slots?
2020-02-21: An appreciation for Cinnamon's workspace flipping keyboard shortcuts
2020-02-20: Link: Stop Using Encrypted Email
2020-02-19: Load average is now generally only a secondary problem indicator
How and why we regularly capture information about running processes
2020-02-17: The uncertainty of an elevated load average on our Linux IMAP server
The case of mysterious load average spikes on our Linux login server
2020-02-16: With sudo, complex argument validation is best in cover scripts
2020-02-14: Unix's /usr split and standards (and practice)
The /bin versus /usr split and diskless workstations
2020-02-12: You can't delegate a ZFS administration permission to delete only snapshots
Some git aliases that I use
2020-02-10: Doing frequent ZFS scrubs lets you discover problems close to when they happened
2020-02-09: I'm likely giving up on trying to read Fedora package update information
Code dependencies and operational dependencies
2020-02-08: Ways that I have lost the source code for installed programs
2020-02-07: I frequently use dependencies because they enable my programs to exist
2020-02-05: The drawback of having a dynamic site with a lot of URLs on today's web
2020-02-04: What 'is' translates to in CPython bytecode
The place of the 'is' syntax in Python
2020-02-02: What we do to enable us to grow our ZFS pools over time
Some unusual and puzzling bad requests for my CSS stylesheet
2020-01-31: Finding out what directories exist with only basic shell builtins (a Unix shell trick)
2020-01-30: Some notes on Python's email.header.decode_header()
2020-01-29: Some effects of the ZFS DVA format on data layout and growing ZFS pools
Why ZFS is not good at growing and reshaping pools (or shrinking them)
2020-01-28: More badly encoded MIME Content-Disposition headers
2020-01-26: The real world is mutable (and consequences for system design)
How big our Prometheus setup is (as of January 2020)
2020-01-25: A network interface losing and regaining signal can have additional effects (in Linux)
2020-01-24: Go compared to Python for small scale system administration scripts and tools
2020-01-23: What we've written in Go at work and how it came about (as of January 2020)
2020-01-22: Why I've come to like that Go's type inference is limited
2020-01-20: The value of automation having ways to shut it off (a small story)
2020-01-19: Python 2, Apache's mod_wsgi, and its future in Linux distributions
Why a network connection becoming writable when it succeeds makes sense
2020-01-18: CUPS's page log, its use of SNMP, and (probably) why CUPS PPDs turn that off
2020-01-17: The question of how long Python 2 will be available in Linux distributions
2020-01-15: How Go's net.DialContext() stops things when the context is cancelled
Stopping udev from renaming your VLAN interfaces to bad names
2020-01-13: We may not want to use OCSP stapling in our web servers
Link: Mercurial's Journey to and Reflections on Python 3
2020-01-12: Sorting out the dates of Python 2's 'end of life'
How I now think you want to configure Apache for OCSP stapling
2020-01-10: OCSP stapling and what web servers and browsers do in the face of errors
Fedora 31 has decided to allow (and have) giant process IDs (PIDs)
2020-01-08: Why I use both uBlock Origin and uMatrix
My Firefox addons as of Firefox '74' (the current development version)
2020-01-07: eBPF based tools are still a work in progress on common Linuxes
2020-01-06: How I move files between iOS devices and Unix machines (using SSH)
2020-01-05: Why I prefer the script exporter for exposing script metrics to Prometheus
2020-01-04: Three ways to expose script-created metrics in Prometheus
2020-01-03: How job control made the SIGCHLD signal useful for (BSD) Unix
2020-01-01: The good and bad of errno in a traditional Unix environment
By month for 2020: Jan Feb Mar Apr May Jun Jul; before 2020.

Page tools: See As Normal.
Search:
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.