Wandering Thoughts archives

2024-07-15: People at universities travel widely and unpredictably
2024-07-14: The Firefox source code's 'StaticPrefs' system (as of Firefox 128)
2024-07-13: That software forges are often better than email is unfortunate
2024-07-12: Network switches aren't simple devices (not even basic switches)
2024-07-11: Brute force attackers seem to switch targets rapidly if you block them
2024-07-10: Fedora 40 probably doesn't work with software RAID 0.90 format superblocks
2024-07-09: Some (big) mail senders do use TLS SNI for SMTP even without DANE
2024-07-08: Using WireGuard as a router to get around reachability issues
2024-07-07: I think (GNU) Emacs bankruptcy is inevitable in the longer term
2024-07-06: "Out of band" network management is not trivial
2024-07-05: Gtk 4 has decided to blow up some people's world on HiDPI displays
2024-07-04: Structured log formats are not really "plaintext" logs
2024-07-03: Fedora 40 and a natural but less than ideal outcome with 'alternatives'
2024-07-02: Unix's fsync(), write ahead logs, and durability versus integrity
2024-07-01: Modifying and setting alarm times: a phone UI irritation
2024-06-30: The systemd journal doesn't force you to not have plain text logs
2024-06-29: Plaintext is not a great format for (system) logs
2024-06-28: I wish systemd didn't require two units for each socket service
2024-06-27: Is blocking outgoing traffic by default a good firewall choice now?
2024-06-26: The xinetd restart problem with binding ports that we run into
2024-06-25: Security is not really part of most people's jobs
2024-06-24: (GNU) Emacs wants personal customization in practice
2024-06-23: Some notes on ZFS's zstd compression kstats (on Linux)
2024-06-22: A Prometheus Blackbox gotcha: (UDP) DNS replies have a low size limit
2024-06-21: The IMAP LIST command as it interacts with client prefixes in Dovecot
2024-06-20: Where Thunderbird seems to get your default browser from on Linux
2024-06-19: It seems routine to see a bunch of browser User-Agents from the same IP
2024-06-18: Some things on how ZFS System Attributes are stored
2024-06-17: Go's 'range over functions' iterators and avoiding iteration errors
2024-06-16: Understanding a Python closure oddity
2024-06-15: We don't know what's happening on our networks
2024-06-14: Mixed content upgrades on the web in mid 2024
2024-06-13: Using prime numbers for our Prometheus scrape intervals
2024-06-12: The Linux kernel NFS server and reconnecting client NFS filehandles
2024-06-11: The size of our Prometheus setup as of June 2024
2024-06-10: The NFS server 'subtree' export problem
2024-06-09: OpenSSH can chose (or force) the 'shell' used for a specific SSH key
2024-06-08: Operating services versus operating an "adequate environment"
2024-06-07: Account recovery is still a hard problem in public key management
2024-06-06: Web applications should support being used behind a reverse proxy
2024-06-05: Maybe understanding uname(1)'s platform and machine fields
2024-06-04: Some history and limitations of uname(1) fields
2024-06-03: CVEs are not what I'll call security reports
2024-06-02: Stand-alone downloads of program assets has a security implication
2024-06-01: Phish tests and (not) getting people to report successful phish attacks
2024-05-31: Spammers do forge various noreply@<you> sender addresses
2024-05-30: Phish tests aren't like fire drills
2024-05-29: PyPy has been quietly working for me for several years now
2024-05-28: ZFS's transactional guarantees from a user perspective
2024-05-27: Some notes on Grafana Loki's new "structured metadata" (as of 3.0.x)
2024-05-26: Flaky alerts are telling you something
2024-05-25: Reasons to not expose Go's choice of default TLS ciphers
2024-05-24: The long-overdue problem coming for some people in Go 1.23
2024-05-23: There are multiple uses for metrics (and collecting metrics)
2024-05-22: The Prometheus host agent's 'perf' collector can be kind of expensive
2024-05-21: Go's old $GOPATH story for development and dependencies
2024-05-20: The power of using external authentication information in a web application
2024-05-19: My GNU Emacs MH mail folder completion in MH-E
2024-05-18: Realizing the hidden complexity of cloud server networking
2024-05-17: The trade-offs in not using WireGuard to talk to our cloud server
2024-05-16: Thoughts on (not) automating the setup of our first cloud server
2024-05-15: Turning off the X server's CapsLock modifier
2024-05-14: The X Window System and the curse of NumLock
2024-05-13: Some ideas on what Linux distributions can do about the new kernel situation
2024-05-12: The Linux kernel giving CVEs to all bugfixes is sort of predictable
2024-05-11: Where NS records show up in DNS replies depends on who you ask
2024-05-10: It's very difficult to tell if a Linux kernel bug is a security issue
2024-05-09: One of OCSP's problems is the dominance of Chrome
2024-05-08: All configuration files should support some form of file inclusion
2024-05-07: Some thoughts on when you can and can't lower OpenSSH's 'LoginGraceTime'
2024-05-06: What affects what server host key types OpenSSH will offer to you
2024-05-05: OpenSSH sshd's 'MaxStartups' setting and Internet-accessible machines
2024-05-04: We have our first significant batch of servers that only have UEFI booting
2024-05-03: UEFI, BIOS, and other confusing x86 PC (firmware) terms
2024-05-02: Thinking about filesystem space allocation policies and SSDs
2024-05-01: Having a machine room can mean having things in your machine room
2024-04-30: The state of Python in Ubuntu 24.04 LTS
2024-04-29: Our likely long term future (not) with Ubuntu (as of early 2024)
2024-04-28: How I (used to) handle keeping track of how I configured software
2024-04-27: Autoconf and configure features that people find valuable
2024-04-26: I wish projects would reliably use their release announcements mechanisms
2024-04-25: The importance of an ordinary space in a Unix shell command line
2024-04-24: Pruning some things out with (GNU) find options
2024-04-23: Libvirt's virt-viewer and (guest) screen blanking
2024-04-22: Making virtual machine network interfaces inactive in Linux libvirt
2024-04-21: Thoughts on potentially realistic temperature trip limit for hardware
2024-04-20: What the original 4.2 BSD csh hashed (which is not what I thought)
2024-04-19: Modern Linux mounts a lot of different types of virtual filesystems
2024-04-18: On the duration of self-signed TLS (website) certificates
2024-04-17: Limiting the maximum size of Amanda debug logs with a Linux tmpfs mount
2024-04-16: IPMI connections have privilege levels, not just IPMI users
2024-04-15: Having IPv6 for public servers is almost always merely nice, not essential
2024-04-14: (Probably) forcing Git to never prompt for authentication
2024-04-13: A corner case in Firefox's user interface for addon updates
2024-04-12: Please don't try to hot-reload changed Python files too often
2024-04-11: Getting the underlying disks of a Linux software RAID array
2024-04-10: It's far from clear how grub package updates work on Ubuntu
2024-04-09: Bash's sadly flawed smart (programmable) completion
2024-04-08: Don't require people to change 'source code' to configure your programs
2024-04-07: NAT'ing on the firewall versus host routes for public IPs
2024-04-06: GNU Autoconf is not replaceable in any practical sense
Solving the hairpin NAT problem with policy based routing and plain NAT
2024-04-05: Why I think you shouldn't digitally sign things casually
2024-04-03: GNU Emacs and the case of special space characters
2024-04-02: An issue with Alertmanager inhibitions and resolved alerts
What Prometheus Alertmanager's group_interval setting means
2024-04-01: The power of being able to query your servers for unpredictable things
2024-03-31: Some thoughts on switching daemons to be socket activated via systemd
2024-03-30: The Prometheus scrape interval mistake people keep making
2024-03-29: Some notes on Firefox's media autoplay settings in practice as of Firefox 124
2024-03-28: The effects of silences (et al) in Prometheus Alertmanager
2024-03-27: Some questions to ask about what silencing alerts means
2024-03-26: How I would automate monitoring DNS queries in basic Prometheus
2024-03-25: Options for diverting alerts in Prometheus
2024-03-24: Platform peculiarities and Python (with an example)
2024-03-23: The many possible results of turning an IP address into a 'hostname'
2024-03-22: The Linux kernel.task_delayacct sysctl and why you might care about it
2024-03-21: Reading the Linux cpufreq sysfs interface is (deliberately) slow
2024-03-20: When I reimplement one of my programs, I often wind up polishing it too
2024-03-19: About DRAM-less SSDs and whether that matters to us
2024-03-18: Sorting out PIDs, Tgids, and tasks on Linux
2024-03-17: Disk write buffering and its interactions with write flushes
2024-03-16: Some more notes on Linux's ionice and kernel IO priorities
2024-03-15: The problem of using basic Prometheus to monitor DNS query results
2024-03-14: You might want to think about if your system serial numbers are sensitive
2024-03-13: Restarting systemd-networkd normally clears your 'ip rules' routing policies
2024-03-12: What do we count as 'manual' management of TLS certificates
2024-03-11: Why we should care about usage data for our internal services
2024-03-10: Scheduling latency, IO latency, and their role in Linux responsiveness
2024-03-09: Some thoughts on usage data for your systems and services
2024-03-08: A realization about shell pipeline steps on multi-core machines
2024-03-07: Some notes about the Cloudflare eBPF Prometheus exporter for Linux
2024-03-06: Where and how Ubuntu kernels get their ZFS modules
2024-03-05: A peculiarity of the X Window System: Windows all the way down
2024-03-04: An illustration of how much X cares about memory usage
2024-03-03: X graphics rendering as contrasted to Wayland rendering
2024-03-02: Something I don't know: How server core count interacts with RAM latency
2024-03-01: Options for your Grafana panels when your metrics change names
2024-02-29: The speed of improvement in servers may have slowed down
2024-02-28: Detecting absent Prometheus metrics without knowing their labels
2024-02-27: Our probably-typical (lack of) machine inventory situation
2024-02-26: How to make your GNU Emacs commands 'relevant' for M-X
2024-02-25: Open source culture and the valorization of public work
2024-02-24: The Go 'range over functions' proposal and user-written container types
2024-02-23: Fixing my problem of a stuck 'dnf updateinfo info' on Fedora Linux
2024-02-22: A recent abrupt change in Internet SSH brute force attacks against us
2024-02-21: What ZIL metrics are exposed by (Open)ZFS on Linux
2024-02-20: NetworkManager won't share network interfaces, which is a problem
2024-02-19: The flow of activity in the ZFS Intent Log (as I understand it)
2024-02-18: Even big websites may still be manually managing TLS certificates (or close)
2024-02-17: We outsource our public web presence and that's fine
2024-02-16: Options for genuine ECC RAM on the desktop in (early) 2024
2024-02-15: (Some) X window managers deliberately use off-screen windows
2024-02-14: Understanding a recent optimization to Go's reflect.TypeFor
2024-02-13: What is in (Open)ZFS's per-pool "txgs" /proc file on Linux
2024-02-12: Linux kernel boot messages and seeing if your AMD system has ECC
2024-02-11: Go 1.22's go/types Alias type shows the challenge of API compatibility
2024-02-10: My plan for backups of my home machine (as of early 2024)
2024-02-09: Compatibility lingers long after it's needed (until it gets noticed)
2024-02-08: Accidentally making windows vanish in my old-fashioned Unix X environment
2024-02-07: What I'd like in a hypothetical new desktop machine in 2024
2024-02-06: What the max_connect Linux NFS v4 mount parameter seems to do
2024-02-05: We might want to regularly keep track of how important each server is
2024-02-04: I switched to explicit imports of things in our Django application
2024-02-03: Solving one of our Django problems in a sideways, brute force way
2024-02-02: One of my MH-E customizations: 'narrow-to-pending' (refiles and deletes)
2024-02-01: Our Django application is now using Python 3 and a modern Django
2024-01-31: Using IPv6 has quietly become reliable (for me)
2024-01-30: Putting a Python executable in venvs is probably a necessary thing
2024-01-29: What I think goes wrong periodically with our Grafana Loki on restarts
Servers are (probably) starting to drop serial ports
2024-01-27: Getting the Python LSP server working with venvs the brute force way
2024-01-26: Histogram data is most useful when they also provide true totals
2024-01-25: In Go, I'm going to avoid using 'any' as an actual type
2024-01-24: The cooling advantage that CPU integrated graphics has
2024-01-23: CGI programs have an attractive one step deployment model
2024-01-22: Desktop PC motherboards and the costs of extra features
2024-01-21: The expected size of a gap in a Prometheus range vector (sometimes)
2024-01-20: An example of how Prometheus's delta() function will extrapolate time ranges
2024-01-19: A Django gotcha with Python 3 and the encoding of CharFields
2024-01-18: Notes on the Linux kernel's 'irq' pressure stall information and meaning
2024-01-17: Some interesting metrics you can get from cgroup V2 systems
2024-01-16: What Prometheus exporters we use (as of the end of 2023)
2024-01-15: How we monitor that our wireless network is still there in places
2024-01-14: Git branches as a social construct
2024-01-13: Indexed archive formats and selective restores
2024-01-12: What we use ZFS on Linux's ZED 'zedlets' for
2024-01-11: An old Unix mistake you could make when signaling init (PID 1)
2024-01-10: MFA today is both 'simple' and non-trivial work
2024-01-09: How far back we want our metrics to go depends on what they're for
2024-01-08: One of the things limiting the evolution of WebPKI is web servers
2024-01-07: TLS certificate expiry times are fundamentally a hack
2024-01-06: Some ballpark numbers for fun on filling filesystem cache with NFS traffic
2024-01-05: Having a virtual machine host server has been quite useful
2024-01-04: 'Unmaintained' (open source) code represents a huge amount of value
2024-01-03: Ten years isn't long enough for maximum age settings
2024-01-02: Why Unix's lseek() has that name instead of 'seek()'
2024-01-01: Alerting on our NTP servers having a high NTP stratum hasn't been useful
By month for 2024: Jan Feb Mar Apr May Jun Jul; before 2024.

Page tools: See As Normal.
Search:
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.