Full chronological index of WanderingThoughts

This is a full index of all entries in WanderingThoughts in chronological order, most recent to oldest; you can also get an alphabetical index.

2019-11-14: TCP/IP and a consequence of reliable delivery guarantees
2019-11-13: How to make a rather obnoxiously bad web spider the easy way
My mistake in forgetting how Apache .htaccess files are checked
2019-11-11: An apparent hazard of removing Linux software RAID mirror devices
2019-11-10: Putting a footer on automated email that says what generated it
The problems with piping curl to a shell are system management ones
2019-11-08: I have to assume that people here can be successfully phished
2019-11-07: Some notes on getting email when your systemd timer services fail
Realizing that Go constants are always materialized into values
2019-11-06: Systemd needs official documentation on best practices
2019-11-04: Systemd timer units have the unfortunate practical effect of hiding errors
Many of our 'worklog' messages currently assume a lot of context
2019-11-02: Using personal ruleset recipes in uMatrix in Firefox
2019-11-01: The appeal of text templating systems for generating HTML
2019-10-31: Some thoughts on the pragmatics of classifying phish spam as malware
2019-10-30: Chrony has been working well for us (on Linux, where we use it)
2019-10-29: Netplan's interface naming and issues with it
2019-10-28: One of XHTML's practical problems was its implications for web page generation
2019-10-27: An interesting little glitch in how Firefox sometimes handles updates to addons
My common patterns in shell script verbosity (for sysadmin programs)
2019-10-26: An incorrect superstition about running commands in the Bourne shell
2019-10-24: Third party ClamAV signatures seem to include a lot of phish and other spam
2019-10-23: The DBus daemon and out of memory conditions (and systemd)
2019-10-22: Groups of processes are a frequent and fundamental thing in Unix
2019-10-21: Filesystem size limits and the complication of when errors are detected
2019-10-20: A small irritation with Go's crypto/tls package
2019-10-19: Ubuntu LTS is (probably) still the best Linux for us and many people
2019-10-18: My little irritation with Firefox's current handling of 'Do-Not-Track'
Remembering that Django template code is not quite your Django Python code
2019-10-16: Some magical weirdness in Django's HTML form classes
2019-10-15: The Ubuntu package roulette
2019-10-14: Googlebot is both quite fast and very determined to crawl your pages
2019-10-13: If you don't test it in your automated testers, it's broken
Magic is fine if it's all magic: why I've switched to use-package in GNU Emacs
2019-10-11: A YAML syntax surprise and trick in Prometheus Alertmanager configuration
2019-10-10: Some additional information on ZFS performance as you approach quota limits
2019-10-09: Limiting the size of things in a filesystem is harder than it looks
2019-10-08: How we implement reboot notifications when our machines reboot in Prometheus
2019-10-07: Why we generate alert notifications about our machines having rebooted
2019-10-06: Automating our 'bookable' compute servers with SLURM has created generic 'cattle' machines
2019-10-05: The wikitext problem with new HTML elements such as <details>
2019-10-04: Vim, its defaults, and the problem this presents sysadmins
2019-10-03: Making changes to multiple files at once in Vim
2019-10-02: It's useful to record changes that you tried and failed to do
2019-10-01: My interest in and disappointment about HTML5's new <details> element
2019-09-30: Using alerts as tests that guard against future errors
Link: The asymmetry of Internet identity
ZFS performance really does degrade as you approach quota limits
2019-09-29: Understanding when to use and not use the -F option for flock(1)
2019-09-27: Some field notes on imposing memory resource limits on users on Ubuntu 18.04
A file permissions and general deployment annoyance with Certbot
2019-09-25: It's always convenient when malware is clear about its nature (7z edition)
Our workaround for Ubuntu 16.04 and 18.04 failing to reliably reboot some of our servers
2019-09-24: How we implement per-user CPU and memory resource limits on Ubuntu
2019-09-22: The increasing mess of libreadline versions in Linux distributions
2019-09-21: Why chroot is a security feature for (anonymous) FTP
2019-09-20: Modernizing (a bit) some of our HTML form <input> elements
TLS server certificate verification has two parts (and some consequences)
2019-09-18: Firefox, DNS over HTTPS, and us
Converting a Go pointer to an integer doesn't quite do what it looks like
2019-09-17: Finding metrics that are missing labels in Prometheus (for alert metrics)
2019-09-16: The problem of 'triangular' Network Address Translation
2019-09-14: Some notes on the structure of Go binaries (primarily for ELF)
2019-09-13: Bidirectional NAT and split horizon DNS in our networking setup
2019-09-12: The mystery of why my Fedora 30 office workstation was booting fine
2019-09-11: Making your own changes to things that use Go modules
2019-09-10: Catching Control-C and a gotcha with shell scripts
2019-09-09: A safety note about using (or having) go.mod inside $GOPATH in Go 1.13
2019-09-08: Jumping backward and forward in GNU Emacs
2019-09-07: CentOS 7 and Python 3
2019-09-06: Programs that let you jump around should copy web browser navigation
Go modules and the problem of noticing updates to dependencies
2019-09-04: If you use the rarfile module, make sure you're using version 3.0 (or later)
Using Wireshark's Statistics menu to get per-host traffic volume
2019-09-02: Another way to do easy configuration for lots of Prometheus Blackbox checks
2019-09-01: Some limitations of wifi MAC address randomization
2019-08-31: The sorts of email attachments that we get these days have become boring
2019-08-30: ZFS is not a universal filesystem that is always good for all workloads
How I'm dealing with my Python indentation problem in GNU Emacs
2019-08-28: A wifi MAC address randomization surprise in a new Android gadget
Allowing some Alias directives to override global Redirects in Apache
2019-08-26: A lesson of (alert) scale we learned from a power failure
2019-08-25: Text UIs and the problem of discoverability
2019-08-24: Apache, Let's Encrypt, and site-wide reverse proxies and HTTP redirections
2019-08-23: What happens in ZFS when you have 4K sector disks in an ashift=9 vdev
Link: GNOME Terminal Cursor Blinking Saga
2019-08-22: Pruning deleted remote Git branches (manually or automatically)
2019-08-21: Making sense of OpenBSD 'pfctl -ss' output for firewall state tables
2019-08-20: Saying goodbye to Flash (in Firefox, and in my web experience)
2019-08-19: Go 2 Generics: contracts are now boring (and that's good)
2019-08-18: Early notes on using LSP-based editing in GNU Emacs for Python
2019-08-17: A situation where Python has undefined values
2019-08-16: A gotcha with Fedora 30's switch of Grub to BootLoaderSpec based configuration
Systemd and waiting until network interfaces or addresses are configured
2019-08-15: Getting LSP-based editing working for Go in GNU Emacs
2019-08-13: Changes to Go and the appearance of finality
2019-08-12: Linux can run out of memory without triggering the Out-Of-Memory killer
2019-08-11: Roughly when the Linux Out-Of-Memory killer triggers (as of mid-2019)
2019-08-10: One core problem with DNSSEC
2019-08-09: Turning off DNSSEC in my Unbound instances
Non-uniform caches are harder to make work well
2019-08-07: What has to happen with Unix virtual memory when you have no swap space
Rewriting my iptables rules using ipsets
2019-08-05: dup(2) and shared file descriptors
2019-08-04: Some notes on understanding how to use flock(1)
2019-08-03: Sharing file descriptors with child processes is a clever Unix decision
Link: ASCII table and history (Or, why does Ctrl+i insert a Tab in my terminal?)
2019-08-02: If you can, you should use flock(1) for shell script locking
Getting NetworkManager to probably verify TLS certificates for 802.1x networks
2019-08-01: How not to set up your DNS (part 24)
2019-07-31: How mountd and exportfs handle NFS export permissions on Linux
Link: A program to read AMD Ryzen RAPL information on Linux
2019-07-30: I think it's time to explicitly set Go's $GO111MODULE environment variable
2019-07-29: The practical difference between CPU TDP and observed power draw illustrated
2019-07-28: A note on using the Go Prometheus client package to exposed labeled metrics
What I want out of my window manager
2019-07-26: Some things on the GUID checksum in ZFS pool uberblocks
How 'zpool import' generates its view of a pool's configuration
2019-07-24: I think I like systemd's DynamicUser feature (under the right circumstances)
ZFS pool imports happen in two stages of pool configuration processing
2019-07-22: Why file and directory operations are synchronous in NFS
2019-07-21: Why we're going to be using Certbot as our new Let's Encrypt client
Wireless networks have names and thus identify themselves
2019-07-19: Some brief views on iOS clients for Mastodon (as of mid 2019)
2019-07-18: Switching Let's Encrypt clients is currently quite disruptive
2019-07-17: Django 1.11 has a bug that causes intermittent CSRF validation failures
2019-07-16: Go's proposed try() will be used and that will change how code is written
2019-07-15: ZFS on Linux still has annoying issues with ARC size
2019-07-14: We're going to be separating our redundant resolving DNS servers
2019-07-13: Our switches can wind up in weird states after a power failure
2019-07-12: Browers can't feasibly stop web pages from talking to private (local) IP addresses
Reflections on almost entirely stopping using my (work) Yubikey
2019-07-10: I brought our Django app up using Python 3 and it mostly just worked
2019-07-09: Systemd services that always restart should probably set a restart delay too
2019-07-08: SMART drive self-tests seem potentially useful, but not too much
2019-07-07: Straightforward web applications are now very likely to be stable in browsers
2019-07-06: Clearing disk errors (or SMART complaints) for Linux software RAID arrays
2019-07-05: My plan for two-stage usage of Certbot when installing web server hosts
2019-07-04: Django's goals are probably not our goals for our web application
2019-07-03: Converting a variable to a single-element slice in Go via unsafe
Finding out what 32-bit x86 Linux programs your users are running
2019-07-01: The power of option types is in what they do to the rest of the language
2019-06-30: Understanding why 'root window' X under Wayland may matter
2019-06-29: Being realistic about what we're going to do with our Django app
2019-06-28: Using Prometheus's statsd exporter to let scripts make metrics updates
2019-06-27: Our last OmniOS fileserver is now out of production (and service)
2019-06-26: The death watch for the X Window System (aka X11) has probably started
A hazard of our old version of OmniOS: sometimes powering off doesn't
2019-06-24: The convenience (for me) of people writing commands in Python
2019-06-23: What it takes to run a 32-bit x86 program on a 64-bit x86 Linux system
2019-06-22: Google Groups entirely ignores SMTP time rejections
We get a certain amount of SMTP MAIL FROM's in UTF-8 with odd characters
2019-06-21: One of the things a metrics system does is handle state for you
2019-06-19: How Bash decides it's being invoked through sshd and sources your .bashrc
A Let's Encrypt client feature I always want for easy standard deployment
2019-06-17: Sometimes, the problem is in a system's BIOS
My Mastodon remark about tiling window managers
2019-06-16: Firefox and my views on the tradeoffs of using DNS over HTTPS
2019-06-15: Some notes on Intel's CPUID and how to get it for your CPUs
2019-06-14: Intel's approach to naming Xeon CPUs is pretty annoying
Intel's MDS issues have now made some old servers almost completely useless to us
2019-06-12: My weird problem with the Fedora 29 version of Firefox 67
An interesting Fedora 29 DNF update loop with the createrepo package
2019-06-10: Keeping your past checklists doesn't help unless you can find them again
2019-06-09: Go recognizes and specially compiles some but not all infinite loops
2019-06-08: Hardware Security Modules are just boxes running opaque and probably flawed software
Our current approach for updating things like build instructions
2019-06-06: Feed readers and their interpretation of the Atom 'title' element
2019-06-05: The HTML <pre> element doesn't do very much
Go channels work best for unidirectional communication, not things with replies
2019-06-03: Almost all of our OmniOS machines are now out of production
2019-06-02: Exploring the start time of Prometheus alerts via ALERTS_FOR_STATE
I haven't customized my Vim setup and I'm not sure I should try to (yet)
2019-05-31: Some things on how ZFS dnode object IDs are allocated (which is not sequentially)
Some things about where icons for modern X applications come from
2019-05-30: Conditional expressions in any form are an attractive thing
2019-05-28: Distribution packaging of software needs to be informed (and useful)
An interesting report on newly used domain names and their usage in spam
2019-05-27: Something that Linux distributions should not do when packaging things
2019-05-26: Why I no longer have strong feelings about changes to Python
2019-05-25: Blocking JavaScript by default is not an easy path
2019-05-24: The problem of paying too much attention to our dashboards
2019-05-23: I will probably never give my shell dotfiles the major reform they could use
On programming languages belonging (or not) to their community
2019-05-22: Go is Google's language, not ours
2019-05-20: Understanding how to pull in labels from other metrics in Prometheus
2019-05-19: DKIM signed email as a signal (of something)
2019-05-18: Binding keys to actions in xterm, and my bindings as an example
2019-05-17: My new favorite tool for looking at TLS things is certigo
One of our costs of using OmniOS was not having 10G networking
2019-05-16: Go has no type for types in the language
2019-05-15: An infrequent odd kernel panic on our Ubuntu 18.04 fileservers
2019-05-13: Fixing Alpine to work over NFS on Ubuntu 18.04 (and probably other modern Linuxes)
2019-05-12: What we'll want in a new Let's Encrypt client
Committed address space versus active anonymous pages in Linux: a mystery
2019-05-10: Some thoughts on Red Hat Enterprise 8 including Python 2 and what it means
Firefox versus Chrome (my 2019 view)
2019-05-08: Some general things and views on DNS over HTTPS
A Linux machine with a strict overcommit limit can still trigger the OOM killer
2019-05-07: Some weird and dubious syndication feed fetching from SBL-listed IPs
2019-05-05: TLS certificate rollover outside of the web is complex and tangled
What usually identifies an intermediate or root TLS certificate
2019-05-03: In Go, unsafe type conversions are still garbage collection safe
Some implications of using offset instead of delta() in Prometheus
2019-05-01: One of my problems with YAML is its sheer complexity
2019-04-30: My problem with YAML's use of whitespace
2019-04-29: Notifications and interruptions, and my view on them
2019-04-28: A gotcha with stale metrics and *_over_time() in Prometheus
2019-04-27: Some useful features of (GNU) date for things like time conversion
2019-04-26: Brief notes on making Prometheus instant queries with curl
Various aspects of Python made debugging my tarfile problem unusual
2019-04-24: How we're making updated versions of a file rapidly visible on our Linux NFS clients
The appeal of using plain HTML pages
2019-04-22: Go 2 Generics: The usefulness of requiring minimal contracts
You might as well get an x86 CPU now, despite Meltdown and its friends
2019-04-21: My view on upgrading Prometheus (and Grafana) on an ongoing basis
2019-04-19: V7 Unix programs are often not written the way you would expect
Links: A Practitioner's Guide to System Dashboard Design (with a bonus)
2019-04-18: One reason ed(1) was a good editor back in the days of V7 Unix
A pattern for dealing with missing metrics in Prometheus in simple cases
2019-04-17: Private browsing mode versus a browser set to keep nothing on exit
2019-04-15: How Linux starts non-system software RAID arrays during boot under systemd
2019-04-14: A VPN for me but not you: a surprise when tethering to my phone
2019-04-13: Remembering that Prometheus expressions act as filters
WireGuard was pleasantly easy to get working behind a NAT (or several)
2019-04-12: Getting (and capturing) spam can sometimes be useful to see what's in it
2019-04-10: The tarfile module is too generous about what is considered a tar file
A Git tool that I'd like and how I probably use Git differently from most people
2019-04-08: An example of a situation where Go interfaces can't substitute for generics
2019-04-07: Why selecting times is still useful even for dashboards that are about right now
A ZFS resilver can be almost as good as a scrub, but not quite
2019-04-05: I won't be trying out ZFS's new TRIM support for a while
It's always DNS (a story of our circular dependency)
2019-04-03: A sign of people's fading belief in RSS syndication
NVMe and an interesting technology change
2019-04-01: Our plan for handling TRIM'ing our ZFS fileserver SSDs
2019-03-31: Our likely ZFS fileserver upgrade plans (as of March 2019)
Erasing SSDs with blkdiscard (on Linux)
2019-03-29: Our current approach for significantly upgrading or modifying servers
My NVMe versus SSD uncertainty (and hesitation)
2019-03-27: A new and exciting failure mode for Linux UEFI booting
2019-03-26: Drifting away from OmniOS (CE)
2019-03-25: The mystery of my desktop that locks up when it gets too cold
2019-03-24: Prometheus's delta() function can be inferior to subtraction with offset
Link: What has your microcode done for you lately?
A bit more on ZFS's per-pool performance statistics
2019-03-22: Sometimes the simplest version of a graph is a text table
2019-03-21: What sorts of good email attachments our users get (March 2019 edition)
2019-03-20: The types of attachments we see in malware email (March 2019 edition)
2019-03-19: ZFS Encryption is still under development (as of March 2019)
2019-03-18: Prometheus subqueries pick time points in a surprising way
2019-03-17: Going from a bound instance method to its class instance in Python
2019-03-16: Callable class instances versus closures in Python
Staying away from Google Chrome after six months or so
2019-03-14: The plague of 'you've logged in to our site again' notification emails
2019-03-13: Peculiarities about Unix's statfs() or statvfs() API
2019-03-12: An easy optimization for restricted multi-metric queries in Prometheus
2019-03-11: Testing Prometheus alert conditions through subqueries
2019-03-10: What the default query step is for Prometheus subqueries
Turning something into a script encourages improving it
2019-03-08: Exploring how and why interior pointers in Go keep entire objects alive
2019-03-07: Exploring the mild oddity that Unix pipes are buffered
Our problem with Netplan and routes on Ubuntu 18.04
2019-03-06: Using Prometheus subqueries to look for spikes in rates
2019-03-04: A surprisingly arcane little Unix shell pipeline example
2019-03-03: Understanding a change often requires understanding how the code behaves
Really understanding diffs requires knowing their context too
2019-03-01: What you get when you do a DNS A record lookup for a CNAME'd name
2019-02-28: Taking advantage of the Linux kernel NFS server's group membership cache
2019-02-27: How to see and flush the Linux kernel NFS server's group membership cache
Using Prometheus subqueries to do calculations over time ranges
2019-02-25: ntpdate has a surprising restriction on what it will sync to
Link: Vim anti-patterns
2019-02-24: Process states from /proc/[pid]/stat versus /proc/stat's running and blocked numbers
The modern danger of locales when you combine sort and cron
2019-02-22: Using default function arguments to avoid creating a class
2019-02-21: An advantage of tablets and two-in-one devices over small laptops
2019-02-20: What /proc/[pid]/stat's process state means and where it comes from
The cliffs in the way of adding tests to our Django web app
2019-02-18: When cloning git repos, things go faster if you start from a good base
2019-02-17: Why I like middle mouse button paste in xterm so much
Some notes on heatmaps and histograms in Prometheus and Grafana
2019-02-15: Accumulating a separated list in the Bourne shell
2019-02-14: A pleasant surprise with a Thunderbolt 3 10G-T Ethernet adapter
2019-02-13: An unpleasant surprise with part of Apache's AllowOverride directive
2019-02-12: Using grep with /dev/null, an old Unix trick
2019-02-11: Thinking about the merits of 'universal' URL structures
2019-02-10: Open protocols can evolve fast if they're willing to break other people
2019-02-09: 'Scanned' versus 'issued' numbers for ZFS scrubs (and resilvers)
2019-02-08: Making more use of keyboard control over window position and size
2019-02-07: A touchpad is not a mouse, or at least not a good one
2019-02-06: Using a single git repo to compare things between two upstreams
2019-02-05: A problem with strict memory overcommit in practice
2019-02-04: Hand-building an updated upstream kernel module for your (Fedora) kernel
2019-02-03: My temptation of getting a personal laptop
2019-02-02: A little appreciation for Vim's 'g' command
2019-02-01: A bit of Sun's history that still lingers on in Illumos
2019-01-31: What getopt package I use for option handling in my Go programs
2019-01-30: ZFS On Linux's kernel modules issues are not like NVidia's
How having a metrics system centralized information and got me to check it
2019-01-28: Go 2 Generics: some features of contracts that I like
The potential risk to ZFS created by the shift in its userbase
2019-01-27: How to handle Unicode character decoding errors depends on your goals
2019-01-25: A piece of email malware that wanted to make sure we rejected it
The Linux kernel's pstore error log capturing system, and ACPI ERST
2019-01-23: Consider setting your Linux servers to reboot on kernel problems
A little surprise with Prometheus scrape intervals, timeouts, and alerts
2019-01-22: Things you can do to make your Linux servers reboot on kernel problems
2019-01-21: Two annoyances I have with Python's imaplib module
2019-01-20: A few notes on using SSL in Python 3 client programs
2019-01-19: A surprise potential gotcha with sharenfs in ZFS on Linux
2019-01-18: Linux CPU numbers are not necessarily contiguous
2019-01-17: Why C uninitialized global variables have an initial value of zero
2019-01-16: Perhaps you no longer want to force a server-preferred TLS cipher order on clients
2019-01-14: Why your fresh new memory pages are zero-filled
2019-01-13: Two views of ZFS's GPL-incompatibility and the Linux kernel
The risk that comes from ZFS on Linux not being GPL-compatible
Even thinking about spam makes me angry
2019-01-12: I have somewhat mixed feelings about Python 3's socket module errors
2019-01-11: A new drawback of using my custom-compiled Firefox
2019-01-10: Why I still have a custom-compiled Firefox (early 2019 edition)
2019-01-09: On right and wrong ways to harvest system-level performance stats
2019-01-08: Link: The IOCCC 2018 "Best of show" program
2019-01-07: Daemons and the pragmatics of unexpected error values from system calls
2019-01-06: accept(2)'s problem of trying to return two different sorts of errors
Linux network-scripts being deprecated is a problem for my home PPPoE link
2019-01-05: Some things on ZFS's per-pool performance statistics
2019-01-04: Planning ahead in documentation worked out for us
2019-01-02: You shouldn't allow Firefox to recommend things to you any more
How I get a copy of the Ubuntu kernel source code (as of Ubuntu 18.04)
2018-12-31: Our Linux ZFS fileservers work much like to our OmniOS ones
Thinking about DWiki's Python 3 Unicode issues
2018-12-30: Our third generation ZFS fileservers and their setup
2018-12-28: An odd MIME Content-Disposition or two
2018-12-27: Having metrics has taught me I didn't really know how our systems behave
The many return values of read() (plus some other cases)
2018-12-26: The problem of screenshots when you have a HiDPI display
2018-12-24: Some notes on ZFS prefetch related stats
Plaintext parts of email are fading away (in spam and non-spam)
2018-12-23: How I wound up finding a bug in GNU Tar
2018-12-21: Moving to Fedora 29 has not been one of the smooth upgrades for me
Working around an irritating recent XTerm change in behavior
2018-12-20: FreeBSD ZFS will be changing to be based on ZFS on Linux
2018-12-19: My unusual Linux setup of an untagged network and tagged VLANs on the same interface
2018-12-17: My current trick for keeping reasonably ready virtual machine images
Exploring casual questions with our new metrics system
2018-12-16: The Go 2 Error Handling proposal will likely lead to more use of error in return types
2018-12-15: Python 3's approach to filenames and arguments is pragmatically right
2018-12-14: Link: Everything you should know about certificates and PKI but are too afraid to ask
Why our Grafana URLs always require HTTP Basic Authentication
2018-12-13: Some new-to-me features in POSIX (or Single Unix Specification) Bourne shells
2018-12-12: One situation where you absolutely can't use irate() in Prometheus
2018-12-10: Why I'm usually unnerved when modern SSDs die on us
A spate of somewhat alarming flaky SMART errors on Crucial MX500 SSDs
2018-12-09: Firefox, WebExtensions, and Content Security Policies
2018-12-08: Link: HTTPS in the real world
2018-12-07: Why we like HTTP Basic Authentication in Apache so much
Modern Bourne shell arithmetic is pretty pleasant
2018-12-05: Some basic ZFS ARC statistics and prefetching
The brute force cron-based way of flexibly timed repeated alerts
2018-12-03: Wget is not welcome here any more (sort of)
Linux disk IO stats in Prometheus
2018-12-02: Checking to see if a process is alive (on Linux)
2018-11-30: Today I (re-)learned that top's output can be quietly system dependent
I've learned that sometimes the right way to show information is a simple one
2018-11-29: Go 2 Generics: Interfaces are not the right model for type constraints
2018-11-28: Go 2 Generics: A way to make contracts more readable for people (if not programs)
2018-11-26: (Open)SSH quiet connection disconnects in theory and in practice
2018-11-25: Firefox's middle-click behavior on HTML links on Linux
How we monitor our Prometheus setup itself
2018-11-23: Some Linux disk IO stats you can calculate from kernel information
Qualified praise for the Linux ss program
2018-11-21: Some views on more flexible (Illumos) kernel crash dumps
What I really miss when I don't have X across the network
2018-11-20: When Prometheus Alertmanager will tell you about resolved alerts
2018-11-18: Old zombie Linux distribution versions aren't really doing you any favours
Some notes about kernel crash dumps in Illumos
2018-11-16: Restisting the temptation to rely on Ubuntu for Django 1.11
Go 2 Generics: Contracts are too clever
2018-11-14: Linux iptables compared to OpenBSD PF (through a real example)
2018-11-13: Our pragmatic attachment to OpenBSD PF for our firewall needs
2018-11-12: What Python 3 versions I can use (November 2018 edition)
2018-11-11: Easy configuration for lots of Prometheus Blackbox checks
The needs of Version Control Systems conflict with capturing all metadata
OpenSSH 7.9's new key revocation support is welcome but can't be a full fix
2018-11-10: Why Prometheus turns out not be our ideal alerting system
Character by character TTY input in Unix, then and now
2018-11-09: Getting CPU utilization breakdowns efficiently in Prometheus
2018-11-08: The future of our homedir-based mail server system design
2018-11-07: What email messages to not send autoreplies to (late 2018 edition)
2018-11-06: Our self-serve system for 'vacation' autoreplies and its surprising advantage
2018-11-05: rate() versus irate() in Prometheus (and Grafana)
2018-11-04: DKIM provides sender attribution (for both spam and not necessarily spam)
My view on Debian versus Ubuntu LTS for us today
2018-11-02: Metadata that you can't commit into a VCS is a mistake (for file based websites)
2018-11-01: In Linux, hitting a strict overcommit limit doesn't trigger the OOM killer
2018-10-31: Do I feel uncertain about CentOS's future now? Yes, a bit
OpenSSH has broader key revocation than I thought
2018-10-29: Shooting myself in the foot by cargo-culting Apache configuration bits
2018-10-28: How I'm visualizing health check history in Grafana
Link: HiDPI on dual 4K monitors with Linux
The obviousness of inheritance blinded me to the right solution
2018-10-26: What 'dependency' means in Unix init systems is underspecified
2018-10-25: I should always give my Python classes a __str__ method
2018-10-24: You can sort of use zdb as a substitute for a proper ZFS fsck
2018-10-23: ZFS scrubs check (much) less than you probably think they do
2018-10-22: Some DKIM usage statistics from our recent inbound email (October 2018 edition)
Using group_* vector matching in Prometheus for database lookups
2018-10-21: Some tradeoffs of having a Certificate Authority in your model
2018-10-20: The original Unix ed(1) didn't load files being edited into memory
2018-10-18: Some things on delays and timings for Prometheus alerts
Link: Vectorized Emulation [of CPUs and virtual machines]
Why you should be willing to believe that ed(1) is a good editor
2018-10-17: When metrics disappear on updates with Prometheus Pushgateway
2018-10-16: Quickly bashing together little utilities with Python is nice
2018-10-15: The external delivery delays we see on our central mail machine
Garbage collection and the underappreciated power of good enough
2018-10-13: Getting a CPU utilization breakdown in Prometheus's query language, PromQL
How Prometheus's query steps (aka query resolution) work
2018-10-12: My unusual use for Firefox's Private Browsing mode
2018-10-11: Some notes on Prometheus's Blackbox exporter
2018-10-10: Even systemd services and dependencies are not self-documenting
2018-10-09: Something systemd is missing for diagnosing oddly slow boots
2018-10-07: It's good to check systemd for new boot-time things every so often
2018-10-06: A deep dive into the OS memory use of a simple Go program
Go basically never frees heap memory back to the operating system
2018-10-05: My non-approach to password management tools
2018-10-03: Thinking about what we want to be alerted about
2018-10-02: Thinking about what we probably want for monitoring, metrics, etc
An irritating limitation or two of addons in Firefox Quantum
2018-09-30: My Firefox addons as of Firefox '64' (the current development version)
Why updating my Fedora kernels is a complicated multi-step affair
2018-09-28: Addressable values in Go (and unaddressable ones too)
Using a very old ZFS filesystem can give you a kernel panic on Linux
2018-09-27: Learning about Go's unaddressable values and slicing
2018-09-25: A problem with unmounting FUSE mount points that are on NFS filesystems
2018-09-24: Why I don't set master passwords in programs
Walking away from Google Chrome
2018-09-22: The ed(1) command in the Single Unix Specification (and the SVID)
Some differences between various versions of ed(1)
2018-09-21: Your databases always have a schema
Why I mostly don't use ed(1) for non-interactive edits in scripts
2018-09-20: Ubuntu pretty much is the 'universe' repository for us
2018-09-19: The Extended Validation TLS certificate endgame is here (to my surprise)
2018-09-17: Python 3 supports not churning memory on IO
The importance of explicitly and clearly specifying things
2018-09-16: CPython has a fairly strongly predictable runtime, which can be handy
2018-09-15: How to use uBlock Origin to block Javascript by default
2018-09-14: How you migrate ZFS filesystems matters
2018-09-13: I don't like getters and setters and prefer direct field access
2018-09-12: A surprise discovery about procmail (and wondering about what next)
2018-09-11: The Linux kernel's internals showing through in the specifics of an NFS bug
2018-09-09: Why I don't think browsers will ever standardize how 'Reader Mode' works
Cookie management models in Firefox Quantum in practice
2018-09-07: My view of the current state of Go's dependency management (as of Go 1.11)
I've slowly been improving my web experience by trusting uMatrix more
2018-09-06: Our future IPv6 access control problems due to non-DHCP6 machines
2018-09-04: Some views on the Go 2 Error Inspection early draft proposal
ZFS quietly discards all-zero blocks, but only sometimes
2018-09-02: Link: "The History of a Security Hole" (in various *BSD kernels)
An extravagant and dense piece of malware-laden email
If one phish spam doesn't succeed, maybe another will
NFS directory reading and directory file type information
2018-08-31: Link: A deep dive into the Go memory allocator
Configurations can quietly drift away from working over time, illustrated
Making Ubuntu bug reports seems to be useless (or pointless)
2018-08-29: Our problem with (Amanda) backups of many files, especially incrementals
How I recently used vendoring in Go
2018-08-28: An illustration of why it's hard to port outside code into the Linux kernel
2018-08-26: A little bit of the one-time MacOS version still lingers in ZFS
How ZFS maintains file type information in directories
2018-08-25: The history of file type information being available in Unix directories
2018-08-24: Incremental development in Python versus actual tests
2018-08-23: It's time for me to buckle down and add tests to our Django web app
2018-08-22: Why ed(1) is not a good editor today
2018-08-20: Explicit manipulation versus indirect manipulation UIs
It's worth testing that obvious things actually do work
2018-08-19: Why I'm mostly not interest in exploring new fonts (on Unix)
2018-08-17: Some malware apparently believes in covering its bases
Some Firefox addons I'm experimenting with (as of Firefox 62 or so)
2018-08-16: It matters where (or when) your programs ask questions
2018-08-14: Go's net package doesn't have opaque errors, just undocumented ones
Our problem with HTTPS and user-created content
2018-08-12: The evolution of our account creation script
A recent spate of ZIP attachments with everything
2018-08-10: Fetching really new Fedora packages with Bodhi
The benefits of driving automation through cron
One simple general pattern for making sure things are alive
2018-08-08: Systemd's DynamicUser feature is (currently) dangerous
A timesyncd total failure and systemd's complete lack of debugability
2018-08-06: Link: Where Vim Came From
Linux's /dev/disk/by-path names for disks change over time
2018-08-05: Some more notes on Firefox 63 and perhaps later media autoplay settings
Why email is often not as good as modern communication protocols
2018-08-03: Firefox now implements its remote control partly over D-Bus
How I want to use Go's versioned modules
2018-08-02: Ubuntu 18.04's problem with Amanda's amrecover
2018-07-31: The hidden danger of using rsync to copy files instead of cp
2018-07-30: My own configuration files don't have to be dotfiles in $HOME
Being reminded that an obvious problem isn't necessarily obvious
2018-07-29: Our ZFS fileservers aren't happy when you do NFS writes to a full filesystem
2018-07-28: Word-boundary regexp searches are what I usually want
2018-07-27: Today I saw a spammer parasite itself on another spammer (probably)
2018-07-25: One advantage of Go modules will be less mess in $HOME/go/src
2018-07-24: I doubt Chrome's new 'not secure' warning about HTTP sites will change much (at least right away)
2018-07-23: Some notes on lifting Python 2 code into Python 3 code
The irritatingly many executable formats of Windows
2018-07-22: The problem with some non-HiDPI aware applications (is that they're very small)
2018-07-21: How we're handling NFS exports for our ZFS on Linux systems
2018-07-20: Linux's NFS exports permissions model compared to Illumos's
2018-07-19: Sometimes it actually is a Linux kernel bug
2018-07-17: Some things on Illumos NFS export permissions
2018-07-16: Why people are probably going to keep using today's Unixes
2018-07-15: When I'll probably be able to use Python assignment expressions
Understanding ZFS System Attributes
2018-07-14: The challenge of storing file attributes on disk
2018-07-13: ZFS on Linux's sharenfs problem (of what you can and can't put in it)
2018-07-11: You should probably write down what your math actually means
2018-07-10: Some thoughts on performance shifts in moving from an iSCSI SAN to local SSDs
Remembering that Python lists can use tuples as the sort keys
2018-07-08: TLS Certificate Authorities and 'trust'
We've decided to write our future Python tools in Python 3
2018-07-06: Having your SSH server on an alternate port provides no extra security today
I'm seeing occasional mysterious POST requests without Content-Types
2018-07-04: How and why we sell storage to people here
The hardware and basic setup for our third generation of ZFS fileservers
2018-07-03: The history of our custom NFS mount authorization system (or some of it)
2018-07-01: Understanding the first imperative of a commercial Certificate Authority
2018-06-30: My interesting experience with rapid repeated PID rollover on Linux
2018-06-29: What 'PID rollover' is on Unix systems
How ZFS makes things like 'zfs diff' report filenames efficiently
2018-06-27: My Ryzen-based Linux office machine appears to finally be stable
I think it's still reasonable to run personal servers on the Internet
2018-06-25: Twitter probably isn't for you or me any more
2018-06-24: What ZFS block pointers are and what's in them
A broad overview of how ZFS is structured on disk
2018-06-22: When you make changes, ZFS updates much less stuff than I thought
Running servers (and services) well is not trivial
2018-06-20: Revising my view on Python 3 for new code again: you should use it
The time to be compatible with both Python 2 and Python 3 is past
2018-06-18: Getting Xorg to let you terminate the X server with Ctrl + Alt + Backspace
2018-06-17: The history of terminating the X server with Ctrl + Alt + Backspace
A broad overview of how modern Linux systems boot
2018-06-16: The 'on premise' versus 'off premise' approach to environments
2018-06-15: Default X resources are host specific (which I forgot today)
2018-06-14: Clearing cached HTTP redirections or HSTS status in Firefox
2018-06-13: Link: A Child’s Garden of Inter-Service Authentication Schemes
Link: About the memory management in the Bourne shell
The mess Ubuntu 18.04 LTS has made of libreadline
2018-06-11: A website's design shows its actual priorities
2018-06-10: People receiving email don't feel it should be their job to stop spam
2018-06-09: What ZFS messages about 'permanent errors in <0x95>:<0x0>' mean
How to run a mail sending service that will probably never send spam
2018-06-08: Networks form through usage and must be maintained through it
2018-06-07: The history of Unix's confusing set of low-level ways to allocate memory
2018-06-06: The downsides of processing files using too large a buffer size
2018-06-04: The superficial versus deep appeal of ZFS
What I use Github for and how I feel about it
2018-06-03: Why I believe that HTTPS-only JavaScript APIs make sense
2018-06-02: Intel versus AMD for me (in 2018)
2018-05-31: What is the long term future for Extended Validation TLS certificates?
Extended Validation TLS certificates are basically invisible
2018-05-30: Taking over program names in Linux is generally hard
2018-05-28: An incomplete list of reasons why I force-quit iOS apps
2018-05-27: ZFS pushes file renamings and other metadata changes to disk quite promptly
Most modern web spiders are parasites
2018-05-25: Some notes on Go's runtime.KeepAlive() function
There's real reasons for Linux to replace ifconfig, netstat, et al
2018-05-24: Registering for things on the Internet is dangerous these days
2018-05-23: Almost no one wants to run their own infrastructure
2018-05-21: Bad versions of packages in the context of minimal version selection
2018-05-20: 'Minimal version selection' accepts that semantic versioning is fallible
Modern CPU power usage varies unpredictably based on what you're doing
2018-05-18: ZFS spare-N spare vdevs in your pool are mirror vdevs
How I usually divide up NFS (operation) metrics
2018-05-17: I'm worried about Wayland but there's not much I can do about it
2018-05-16: How you run out of inodes on an extN filesystem (on Linux)
2018-05-15: I have a boring desktop and I think I'm okay with that
2018-05-13: My GDPR pessimism
2018-05-12: ZFS on Linux's development version now has much better pool recovery for damaged pools
Sorting out some of my current views on operator overloading in general
2018-05-11: Notice to web spiders: an email address in your user-agent isn't good enough
2018-05-10: Python modules use operator overloading in two different ways
2018-05-09: Yubico fails to care that people give you email addresses for specific purposes
2018-05-08: How we're going to be doing custom NFS mount authorization on Linux
2018-05-07: One reason why Python doesn't let you overload the boolean AND and OR operations
2018-05-06: Firefox turns out to need some degree of 'autoplay' support
2018-05-05: Modern Unix GUIs now need to talk to at least one C library
2018-05-04: Why you can't put zero bytes in Unix command line arguments
2018-05-03: Using grep to hunt around for null bytes in text files
2018-05-02: An interaction of low ZFS recordsize, compression, and advanced format disks
2018-04-30: You probably need to think about how to handle core dumps on modern Linux servers
Microsoft's Bingbot crawler is on a relative rampage here
2018-04-29: My new 4K HiDPI display really does make a visible difference
2018-04-28: What sorts of good email attachments our users get (April 2018 edition)
2018-04-27: Some notes on Firefox's current media autoplay settings
2018-04-26: The shifting goals of our custom NFS mount authorization system
2018-04-25: An implementation difference in NSS netgroups between Linux and Solaris
2018-04-24: What the core practical problems with HiDPI seem to be on Linux
2018-04-23: ZFS's recordsize as an honest way of keeping checksum overhead down
2018-04-22: Thinking about why ZFS only does IO in recordsize blocks, even random IO
2018-04-20: The increasingly surprising limits to the speed of our Amanda backups
Spam from Yahoo Groups has quietly disappeared
2018-04-18: The sensible way to use Bourne shell 'here documents' in pipelines
A CPU's TDP is a misleading headline number
2018-04-17: Link: Parsing: a timeline
Go and the pragmatic problems of having a Python-like with statement
2018-04-16: Some notes and issues from trying out urxvt as an xterm replacement
2018-04-15: The unfortunate configuration choice Grub2 makes in UEFI configurations
2018-04-13: For the first time, my home PC has no expansion cards
A learning experience about the performance of our IMAP server
2018-04-12: I'm hoping that RHEL 8's decision on Python 2 isn't Ubuntu 20.04's decision
2018-04-10: Our real problem with a removal of Python 2 is likely to be our users
2018-04-09: Power consumption numbers for my 2018 home and work machines
2018-04-08: The interesting question of whether Ubuntu 20.04 LTS will include Python 2
A learning experience with iOS's fingerprint recognition
2018-04-07: Some numbers for how well various compressors do with our /var/mail backup
2018-04-06: Using Go finalizers can be a better option than not using them
2018-04-05: Switching over to Firefox Quantum was relatively painless
2018-04-04: Today's learning experience is that gzip is not fast
2018-04-03: Sorting out my systemd mistake with a script-based service unit
2018-04-02: Link: Closing the Loop: The Importance of External Engagement in Computer Science Research
I've retired my filtering HTTP proxy
2018-03-31: Using a local database to get consistent device names is a bad idea
My new Linux home machine for 2018
2018-03-30: My current set of Firefox Quantum (57+) addons
Sometimes, not trying to reject some sort of spam is the right answer
2018-03-29: The problem with Linux's 'predictable network interface names'
2018-03-28: The correlation between Spamhaus Zen listings and attachment types (March 2018 edition)
2018-03-27: My uncertainties around X drivers for modern Intel integrated graphics
2018-03-26: xprt: data for NFS mounts in /proc/self/mountstats is per-fileserver, not per-mount
2018-03-25: Our revised Dovecot IMAP configuration migration plans (and processes)
2018-03-24: Our current ugly hacks to Dovecot to help mitigate our IMAP problems
2018-03-23: Some things about Dovecot, its index files, and the IMAP LIST command
2018-03-22: Why seeing what current attributes a Python object has is hard
2018-03-21: You probably don't want to run Firefox Nightly any more
2018-03-20: Python and the 'bags of unstructured data' approach
2018-03-19: Some exciting ZFS features that are in OmniOS CE's (near) future
2018-03-18: Why I use Facebook (a story of web development)
2018-03-17: Much better ZFS pool recovery is coming (in open source ZFS)
2018-03-16: Wrestling with metrics to get meaningful, useful ones
2018-03-14: What I think I want out of a hypothetical nfsiotop for Linux
Why Let's Encrypt's short certificate lifetimes are a great thing
2018-03-12: A spammer misses a glorious opportunity
Linux is good at exposing the truth of how motherboards are wired
2018-03-11: A bad web scraper operating out of OVH IP address space
2018-03-09: In Fedora, your initramfs contains a copy of your sysctl settings
Some questions I have about DDR4 RAM speed and latency in underclocked memory
2018-03-07: Some things I mean when I talk about 'forged HTTP referers'
The lie in Ubuntu source packages (and probably Debian ones as well)
2018-03-05: Getting chrony to not try to use IPv6 time sources on Fedora
2018-03-04: The value locked up in the Unix API makes it pretty durable
The practical Unix API is more than system calls (or POSIX)
2018-03-02: Frequent versus infrequent developers (in languages and so on)
A sysadmin's perspective on Go vendoring and vgo
2018-02-28: egrep's -o argument is great for extracting unusual fields
Using Python 3 for example code here on Wandering Thoughts
2018-02-26: Meltdown and Spectre have made this a bad time to get a new x86 CPU
It feels good to have a fallback option for home computing
2018-02-25: What Python does when you subclass a __slots__ class is the right answer
2018-02-24: The question of what will be sending email spam over IPv6
2018-02-23: Github and publishing Git repositories
2018-02-21: Sorting out what exec does in Bourne shell pipelines
2018-02-20: How switching to uMatrix for JavaScript blocking has improved my web experience
I've now received my first spam email over IPv6
2018-02-19: Some consumer SSDs are moving to a 4k 'advance format' physical block size
2018-02-18: Memories of MGR
2018-02-17: Using lsblk to get extremely useful information about disks
2018-02-16: How I tend to label bad hardware
2018-02-15: DTrace being GPL (and thrown into a Linux kernel) is just the start
2018-02-14: Some things about ZFS block allocation and ZFS (file) record sizes
2018-02-12: Writing my first addon for Firefox wasn't too hard or annoying
2018-02-11: Sending emails to your inbox is a dangerous default
Access control security requires the ability to do revocation
2018-02-10: The interesting error codes from Linux program segfault kernel messages
2018-02-09: My failure to migrate my workstation from MBR booting to UEFI
2018-02-08: What the Linux kernel's messages about segfaulting programs mean on 64-bit x86
2018-02-07: Consumer SSDs and their nominal physical block sizes, now and in the future
2018-02-05: I should remember that sometimes C is a perfectly good option
2018-02-04: A surprise in how ZFS grows a file's record size (at least for me)
More notes on using uMatrix in Firefox 56 (in place of NoScript)
2018-02-02: Some practical tradeoffs involved in using HTTPS instead of HTTP
X's network transparency was basically free at the time
2018-01-31: Mozilla's Looking Glass 'retrospective' is unfortunately inadequate
How the IPs sending us malware break down (January 2018 edition)
2018-01-30: Reverse engineering some settings for Google Search
2018-01-28: Adding 'view page in no style' to the WebExtensions API in Firefox Quantum
Adding 'view page in no style' to Firefox Quantum's context menu
The limitations of Firefox's Reader mode
2018-01-26: A misbehaving SMTP sender can fool me about malware volume
X's network transparency has wound up mostly being a failure
2018-01-24: What the Linux rcu_nocbs kernel argument does (and my Ryzen issues again)
Some early notes on using uMatrix to replace NoScript in Firefox 56
2018-01-22: The addons that I would likely use with Firefox Quantum (57+)
Doing something when a Cinnamon-based laptop suspends or hibernates
2018-01-21: The temptation of Firefox Quantum for me
2018-01-19: I'm one of those people who never log out from their desktop
2018-01-18: Why Go cares about the difference between unsafe.Pointer and uintptr
A recent performance surprise with X on my Fedora Linux desktop
2018-01-17: My new Ryzen desktop is causing Linux to hang (and it's frustrating)
2018-01-16: You could say that Linux is AT&T's fault
2018-01-15: Meltdown and the temptation of switching to Ryzen for my new home machine
2018-01-14: Our small tools for running commands on multiple machines
2018-01-13: Some plans for migrating my workstation from MBR booting to UEFI
2018-01-12: Open source software licenses matter
2018-01-10: Linux's glibc monoculture is not a bad thing
Glibc and the Linux API
2018-01-09: Differences between keywords and constants in Python
2018-01-08: Link: Some fascinating details of cellular data transmission
2018-01-07: The challenges of having true constants in Python
Link: The Python decorators they won't tell you about
2018-01-06: What's happening when you change True and False in Python 2
What ZFS gang blocks are and why they exist
2018-01-05: Confirming the behavior of file block sizes in ZFS
2018-01-04: The goals and problems of our Dovecot IMAP configuration migration
2018-01-03: A brief review of the Dell XPS 13 as a Fedora laptop
2018-01-02: Some notes on relative imports and vendor/ in Go
2017-12-31: Is the C runtime and library a legitimate part of the Unix API?
Understanding IMAP path prefixes in clients and servers
2017-12-30: Some details of ZFS DVAs and what some of their fields store
2017-12-29: To get much faster, an implementation of Python must do less work
2017-12-28: How our IMAP server wound up running out of inodes
2017-12-27: When you have fileservers, they naturally become the center of the world
2017-12-26: I continue to have strong confidence in ZFS On Linux
2017-12-25: There were Unix machines with real DirectColor graphics hardware
2017-12-24: The interestingly different display colour models of X10 and X11
2017-12-23: Our next generation of fileservers will not be based on Illumos
2017-12-22: Our next generation of fileservers will not use any sort of SAN
2017-12-21: Checking RAM DIMM information from inside Linux
2017-12-20: I feel that Firefox forks that would be useful to me are doomed
2017-12-19: Attachment types that we see in email from Zen-listed IP addresses
2017-12-18: What file types we see inside ZIP archives with only a single file in email
2017-12-17: Some questions someone should ask Mozilla
2017-12-15: Mozilla betrays Firefox users and its nominal principles
How we automate acmetool
2017-12-14: How Python makes it hard to write well structured little utilities
2017-12-13: Our Apache file serving problem on our general purpose web server
2017-12-12: Some notes on systemd-resolved, the systemd DNS resolver
2017-12-11: Some things about booting with UEFI that are different from MBR booting
2017-12-10: Let's Encrypt and a TLS monoculture
2017-12-09: You don't have to authorize a machine for Let's Encrypt from the machine
We've switched over to using Let's Encrypt as much as possible
2017-12-08: Some thoughts on what StartCom's shutdown means in general
2017-12-06: My upgrade to Fedora 27, Secure Boot, and a mistake made somewhere
In practice, Go's slices are two different data structures in one
2017-12-04: Some notes on using Go to check and verify SSH host keys
2017-12-03: Some notes and considerations on SSH host key verification
My new Linux office workstation for fall 2017
2017-12-01: I'm basically giving up on syslog priorities
2017-11-30: We're broadly switching to synchronizing time with systemd's timesyncd
The cost of memory access across a NUMA machine can (probably) matter
2017-11-29: Sometimes the right thing to do about a spate of spam is nothing (probably)
2017-11-27: Code stability in my one Django web application
The dig program now needs some additional options for useful DNS server testing
2017-11-26: One way of capturing debugging state information in a systemd-based system
2017-11-25: Sequential scrubs and resilvers are coming for (open-source) ZFS
2017-11-24: Shooting myself in the foot by using exec in a shell script
2017-11-23: Understanding a tricky case of Bourne shell redirection and command parsing
2017-11-22: Delays on SMTP replies discourage apparently SMTP AUTH scanners
2017-11-20: Major version changes are often partly a signal about support
2017-11-19: StartCom gives up on its Certificate Authority business
Getting some information about the NUMA memory hierarchy of your server
2017-11-18: AMD Ryzens, their memory speed peculiarities, and ECC
2017-11-17: When you should run an NTP daemon on your servers
2017-11-16: I think you should mostly not run NTP daemons on your machines
2017-11-15: I've switched from ntpd to chrony as my NTP daemon
2017-11-14: We may have reached a point where (new) ARM servers will just work for Linux
2017-11-13: X11 PseudoColor displays could have multiple hardware colormaps
2017-11-12: The fun of X11 PseudoColor displays and window managers
2017-11-11: What X11's TrueColor means (with some history)
2017-11-10: A systemd mistake with a script-based service unit I recently made
2017-11-09: Why I'm not enthused about live patching kernels and systems
2017-11-08: What it means to support ECC RAM (especially for AMD Ryzen)
2017-11-07: Link: Citation Needed [on array indexing in programming languages]
My new Linux machine for fall 2017 (planned)
2017-11-05: How collections.defaultdict is good for your memory usage
Some early notes on WireGuard
2017-11-04: Why I've switched from GRE-over-IPSec to using WireGuard
2017-11-03: Illumos mountd caches netgroup lookups (relatively briefly)
2017-11-02: I think Certificate Transparency is better for the web than HTTP Key Pinning
2017-10-31: We've now seen malware in a tar archive
2017-10-30: There are two sorts of TLS certificate mis-issuing
The Illumos NFS server's caching of filesystem access permissions
2017-10-29: There are several ways to misread specifications
2017-10-28: Why I plan to pick a relatively high-end desktop CPU for my next PC
2017-10-27: HD usage can be limited by things other than cost per TB
2017-10-26: The 'standard set' of Unix programs is something that evolves over time
2017-10-25: Having different commands on different systems does matter
2017-10-24: Our frustrations with OmniOS's 'KYSTY' minimalism
2017-10-23: I've now seen something doing SMTP probing of IPv6 addresses
2017-10-22: Understanding what our wireless password protects
2017-10-21: Multi-Unix environments are less and less common now
2017-10-20: Ext4, SSDs, and RAID stripe parameters
2017-10-18: Using Shellcheck is good for me
I still like Python and often reach for it by default
2017-10-17: My current grumpy view on key generation for hardware crypto keys
2017-10-16: Getting ssh-agent working in Fedora 26's Cinnamon desktop environment
2017-10-15: Unbalanced reads from SSDs in software RAID mirrors in Linux
2017-10-14: A surprise about which of our machines has the highest disk write volume
2017-10-13: Working to understand PCI Express and how it interacts with modern CPUs
2017-10-12: I'm looking forward to using systemd's new IP access control features
2017-10-11: Understanding M.2 SSDs in practice and how this relates to NVMe
2017-10-10: An interesting way to leak memory with Go slices
2017-10-09: JavaScript as the extension language of the future
2017-10-08: Thinking about whether I'll upgrade my next PC partway through its life
2017-10-07: I'm trying out smooth scrolling in my browsers
2017-10-06: Spam issues need to be considered from the start
2017-10-05: Google is objectively running a spammer mailing list service
2017-10-04: My new worry about Firefox 56 and the addons that I care about
2017-10-03: Some thoughts on having both Python 2 and 3 programs
2017-10-02: My experience with using Fedora 26's standard font rendering (and fonts)
2017-09-30: The origin of POSIX as I learned the story (or mythology)
2017-09-29: Shell builtin versions of standard commands have drawbacks
More on systemd on Ubuntu 16.04 failing to reliably reboot some of our servers
2017-09-27: Putting cron jobs into systemd user slices doesn't always work (on Ubuntu 16.04)
ZFS's recordsize, holes in files, and partial blocks
2017-09-26: Using zdb to peer into how ZFS stores files on disk
2017-09-25: What I use printf for when hacking changes into programs
2017-09-24: Reading code and seeing what you're biased to see, illustrated
2017-09-23: A clever way of killing groups of processes
2017-09-22: Using a watchdog timer in system shutdown with systemd (on Ubuntu 16.04)
2017-09-21: My potential qualms about using Python 3 in projects
2017-09-20: Wireless is now critical (network) infrastructure
2017-09-18: Looking back at my mixed and complicated feelings about Solaris
Sorting out the world of modern USB (at least a bit)
2017-09-17: Why I didn't use the attrs module in a recent Python project
2017-09-15: Ignoring the domain when authenticating your Dovecot users
Firefox 57 and the state of old pre-WebExtensions addons
2017-09-14: Sorting out systemd's system.conf, user.conf, and logind.conf
2017-09-13: System shutdown is complicated and involves policy decisions
2017-09-12: The different contexts of stopping a Unix daemon or service
2017-09-11: Giving users what they want and expect, IMAP edition
2017-09-10: I failed to notice when my network performance became terrible
2017-09-09: Letting go of having an optical drive in my machine
2017-09-08: My view of the problem with Extended Validation TLS certificates
2017-09-07: Systemd, NFS mounts, and shutting down your system
2017-09-06: Systemd on Ubuntu 16.04 can't (or won't) reliably reboot your server
2017-09-05: If spam false positives are inevitable, should we handle them better?
2017-09-04: The idea of 'spam levels' may be a copout
2017-09-03: A fundamental limitation of systemd's per-user fair share scheduling
2017-09-02: Putting cron jobs into systemd user slices
2017-08-31: With git, it's useful to pick the right approach to your problem
People probably aren't going to tell you when your anti-spam systems are working
2017-08-30: We've wound up using the spam scores from some other mail systems
2017-08-28: OpenSSH has an annoyingly misleading sshd error log message
The types of attachments we see for malware-laden email
2017-08-27: Is bootstrapping Go from source faster using Go 1.9 or Go 1.8?
2017-08-25: The probable coming explosion of Firefox 57
Fedora 26 and a font rendering dilemma for me
2017-08-23: Why Go changes its minimum version requirements for OSes (and hardware)
An unexpected risk of using Go is it ending support for older OS versions
2017-08-22: Understanding rainbow tables
2017-08-21: Hashed Ethernet addresses are not anonymous identifiers
2017-08-20: The surprising longevity of Unix manpage formatting
2017-08-19: Subnets and early Unix implementations of TCP/IP networking
2017-08-18: How ZFS on Linux names disks in ZFS pools
2017-08-16: The three different names ZFS stores for each vdev disk (on Illumos)
Things I do and don't know about how ZFS brings pools up during boot
2017-08-15: How to get per-user fair share scheduling on Ubuntu 16.04 (with systemd)
2017-08-14: Chrome extensions are becoming a reason not to use Chrome
2017-08-13: Sorting out slice mutability in Go
2017-08-12: Notes on cgroups and systemd's interaction with them as of Ubuntu 16.04
2017-08-11: Some notes from my brief experience with the Grumpy transpiler for Python
Link: Linux Load Averages: Solving the Mystery
2017-08-10: On the Internet, merely blocking eavesdropping is a big practical win
2017-08-09: How encryption without authentication would still be useful on the web
2017-08-08: We care more about long term security updates than full long term support
2017-08-07: There will be no LTS release of the OmniOS Community Edition
2017-08-06: Our decision to restrict what we use for developing internal tools
2017-08-05: I've been hit by the startup overhead of small programs in Python
2017-08-04: The problem with distributed authentication systems for big sites
2017-08-03: Imposing temporary CPU and memory resource limits on a user on Ubuntu 16.04
2017-08-02: Why I'll never pick the 'sign in with a Facebook or Google account' option
2017-07-31: Using policy based routing to isolate a testing interface on Linux
Link: How does "the" X11 clipboard work?
Modern web page design and superstition
2017-07-30: Some terrible article page design elements on the modern web
2017-07-29: The differences between how SFTP and scp work in OpenSSH
2017-07-28: Our (Unix) staff groups problem
2017-07-26: The continuity of broad systems or environments in system administration
Why I care about Apache's mod_wsgi so much
2017-07-25: If you're going to use PyPy, I think you need servers
2017-07-24: Trying to understand the ZFS l2arc_noprefetch tunable
2017-07-23: Understanding a bit about the SSH connection protocol
2017-07-21: When the SSH protocol does and doesn't do user authentication
2017-07-20: I'm cautiously optimistic about the new OmniOS Community Edition
HTTPS is a legacy protocol
2017-07-19: I've become resigned to Firefox slowly leaking memory
2017-07-18: Python's complicating concept of a callable
2017-07-17: Link: NASA DASHlink - Real System Failures
Why I think Emacs readline bindings work better than Vi ones
2017-07-16: Why upstreams can't document their program's behavior for us
2017-07-14: Some people feel that all permanent SMTP failures are actually temporary
Link: ZFS Storage Overhead
SELinux's problem of keeping up with general Linux development
2017-07-12: Understanding the .io TLD's DNS configuration vulnerability
Recursive DNS servers send the whole original query to authoritative servers
2017-07-11: The BSD r* commands and the history of privileged TCP ports
2017-07-10: Ubuntu's 'Daily Build' images aren't for us
2017-07-09: Why we're not currently interested in PXE-based Linux installs
2017-07-08: I wish you could easily update the packages on Ubuntu ISO images
2017-07-07: Programming Bourne shell scripts is tricky, with dim corners
2017-07-06: Link: Survey of [floating point] Rounding Implementations in Go
My current views on Shellcheck
2017-07-05: How I shot my foot because the Bourne shell is different
2017-07-04: LinkedIn is still trying to send me email despite years of rejections
2017-07-02: Re-applying CPU thermal paste fixed my CPU throttling issues
Moving to smaller fileservers for us probably means no more iSCSI SAN
2017-06-30: Our current generation fileservers have turned out to be too big
Why big Exim queues are a problem for us in practice
2017-06-29: The TLDs of sender addresses for a week of our spam (June 2017 edition)
2017-06-28: I don't think you should increase ZFS on Linux's write buffering
2017-06-26: Our MTAs should probably be able to create backpressure
2017-06-25: Thinking through issues a mail client may have with SMTP-time rejections
One tradeoff in email system design is who holds problematic email
2017-06-23: In praise of uBlock Origin's new 'element zapper' feature
Links: Git remote branches and Git's missing terminology (and more)
My situation with Twitter and my Firefox setup (in which I blame pseudo-XHTML)
2017-06-22: Why we're not running the current version of Django
2017-06-21: The oddity of CVE-2014-9940 and the problem of recognizing kernel security patches
2017-06-19: Plan for manual emergency blocks for your overall mail system
How I'm currently handling the mailing lists I read
2017-06-17: One reason you have a mysterious Unix file called 2 (or 1)
2017-06-16: Go interfaces and automatically generated functions
The (current) state of Firefox Nightly and old extensions
2017-06-15: Why I am not installing your app on my phone
2017-06-14: The difference between ZFS scrubs and resilvers
2017-06-12: Resilvering multiple disks at once in a ZFS pool adds no real extra overhead
2017-06-11: Why filing away mailing lists for a while has improved my life
How to see raw USB events on Linux via usbmon
2017-06-10: One downside of the traditional style of writing Unix manpages
2017-06-09: My .procmailrc has quietly sort of turned into a swamp
2017-06-08: In practice, putting SSDs into 3.5" drive bays is a big hassle
2017-06-06: A humbling experience of misreading some simple (Go) code
The IPv6 address lookup problem (and brute force solution)
2017-06-05: Another case of someone being too clever in their User-Agent field
2017-06-04: Link: The evolution of Unix's overall architecture
Why the popen() API works but more complex versions blow up
2017-06-03: The Python Gilectomy project's performance problem
2017-06-02: My views on the JSON Feed syndication feed format
2017-05-31: How a lot of specifications are often read
Why one git fetch default configuration bit is probably okay
2017-05-29: Configuring Git worktrees to limit what's fetched on pulls
2017-05-28: My thoughts on git worktrees for me (and some notes on things I tried)
Specifications are ultimately defined by their implementations
2017-05-26: Why globally unique IDs are useful for syndication feed entries
2017-05-25: Using Linux's Magic Sysrq on modern keyboards without a dedicated Syrq key
URLs are terrible permanent identifiers for things
2017-05-24: Exploiting Python's Global Interpreter Lock for atomic operations is fun
2017-05-22: Safely using Python's Global Interpreter Lock is quite tricky and subtle
2017-05-21: We use jQuery and I've stopped feeling ashamed about it
A 'null MX' is also useful for blocking forged senders from non-email domains
2017-05-20: We now have an officially standardized 'null MX' record
2017-05-19: I'm not sure what I feel about this web spider's User-Agent value
2017-05-18: A shift in the proper sizes of images on web pages
2017-05-17: Unfortunately I don't feel personally passionate about OmniOS
2017-05-15: Thinking about how much asynchronous disk write buffering you want
How we failed at making all our servers have SSD system disks
2017-05-14: People don't like changes (in computer stuff)
2017-05-13: People don't patch systems and that's all there is to it
2017-05-12: Where bootstrapping Go with a modern version of Go has gotten faster
2017-05-11: The challenges of recovering when unpacking archives with damage
2017-05-10: Building the Go compiler from source from scratch (on Unix)
2017-05-08: Some things I've decided to do to improve my breaks and vacations
2017-05-07: ZFS's zfs receive has no error recovery and what that implies
A mistake I made when setting up my ZFS SSD pool on my home machine
2017-05-05: The temptation of a Ryzen-based machine for my next office workstation
Digging into BSD's choice of Unix group for new directories and files
2017-05-04: My views on using LVM for your system disk and root filesystem
2017-05-03: Sometimes, chmod can fail for interesting reasons
2017-05-01: When a TLS client's certificate is offered to the TLS server
2017-04-30: Some more feelings on nondeterministic garbage collection
Do we want to standardize the size of our root filesystems on servers?
2017-04-29: Some versions of sort can easily sort IPv4 addresses into natural order
2017-04-28: Hardware RAID and the problem of (not) observing disk IO
2017-04-27: Understanding Git's model versus understanding its magic
2017-04-26: Coming to a better understanding of what git rebase does
2017-04-24: What we need from an Illumos-based distribution
Corebird and coming to a healthier relationship with Twitter
2017-04-23: How I rebased changes on top of other rebased changes in Git
2017-04-21: OmniOS's (suddenly) changed future and us
Link: Rob Landley's Linux Memory Management Frequently Asked Questions
A surprising reason grep may think a file is a binary file
2017-04-20: The big motivation for a separate /boot partition
2017-04-19: Some things on how PCs boot the old fashioned BIOS way
For me Chrome clearly wins over Firefox on Javascript-heavy websites
2017-04-17: Shrinking the partitions of a software RAID-1 swap partition
Link: Introduction to Certificate Transparency for Server Operators
What I mostly care about for speeding up our Python programs
2017-04-16: Migrating a separate /boot filesystem into the root filesystem
2017-04-14: Planning out a disk shuffle for my office workstation
Sometimes laziness doesn't pay off
2017-04-12: On today's web, a local Certificate Authority is fairly dangerous
Generating good modern self-signed TLS certificates in today's world
2017-04-10: How TLS certificates specify the hosts they're for
2017-04-09: A single .jar recognized as several types of malware at once
2017-04-08: Doing things the clever way in Exim ACLs by exploiting ACL message variables
Wayland is now the future of Unix graphics and GUIs
2017-04-07: Spammers probably aren't paying any particular attention to you
2017-04-05: Making your SMTP rejection messages be useful for you
Why the modern chown command uses a colon to separate the user and group
2017-04-03: Some DNSBL developments I've just heard about
Why modules raising core exceptions mostly hurts, not helps, your users
2017-04-02: The Spamhaus CSS includes more than dedicated spam ranges
2017-03-31: I quite like the simplification of having OpenSSH canonicalize hostnames
What I know about process virtual size versus RSS on Linux
2017-03-30: What top's SHR field means in quite modern Linux kernels
2017-03-29: The work of safely raising our local /etc/group line length limit
2017-03-28: What affects automatically removing old kernels on Ubuntu
2017-03-27: Link: The Unix Heritage Society now has the 8th, 9th, and 10th editions of Research Unix
We're probably going to upgrade our OmniOS servers by reinstalling them
2017-03-26: Your exposure from retaining Let's Encrypt account keys
2017-03-24: An odd and persistent year old phish spammer
2017-03-23: ARM servers had better just work if vendors want to sell very many
2017-03-22: Setting the root login's 'full name' to identify the machine that sent email
Making sure you can identify what machine sent you a status email
2017-03-20: Modern Linux kernel memory allocation rules for higher-order page requests
My theory on why Go's gofmt has wound up being accepted
2017-03-19: Using Firefox's userContent.css for website-specific fixes
2017-03-18: Part of why Python 3.5's await and async have some odd usage restrictions
2017-03-17: Overcommitting virtual memory is perfectly sensible
2017-03-16: How we can use yield from to implement coroutines
2017-03-15: Sorting out Python generator functions and yield from in my head
2017-03-13: OpenSSH's IdentityFile directive only ever adds identity files (as of 7.4)
What should it mean for a system call to time out?
2017-03-12: CSS, <pre>, and trailing whitespace lead to browser layout weirdness
2017-03-11: Your live web server probably has features you don't know about
2017-03-10: Malware is sometimes sent through organized, purchased infrastructure
2017-03-09: I wish you could whitelist kernel modules, instead of blacklisting them
2017-03-08: An AMD Ryzen is unlikely to be my next desktop's CPU
2017-03-06: Modern X Windows can be a very complicated environment
2017-03-05: Why I (as a sysadmin) reflexively dislike various remote file access tools for editors
2017-03-04: Should you add MX entries for hosts in your (public) DNS?
2017-03-03: Why exposing only blocking APIs are ultimately a bad idea
Some notes on ZFS per-user quotas and their interactions with NFS
2017-03-01: Cheap concurrency is an illusion (at least on Unix)
2017-02-28: Using Certificate Transparency to monitor your organization's TLS activity
2017-02-27: The conflict between wildcard TLS certificates and Certificate Transparency
2017-02-26: In Python, strings are infinitely recursively iterable
How recursively flattening a list raises a Python type question
2017-02-25: A single email message with quite a lot of different malware
2017-02-24: What an actual assessment of Ubuntu kernel security updates looks like
How ZFS bookmarks can work their magic with reasonable efficiency
2017-02-22: ZFS bookmarks and what they're good for
Sometimes it can be hard to tell one cause of failure from another
2017-02-20: Some notes on moving a software RAID-1 root filesystem around (to SSDs)
Some views on the Corebird Twitter client
2017-02-19: Using pup to deal with Twitter's increasing demand for Javascript
2017-02-17: robots.txt is a hint and a social contract between sites and web spiders
Sometimes, firmware updates can be a good thing to do
2017-02-16: Waiting for a specific wall-clock time in Unix
2017-02-15: Another risk of hardware RAID controllers is the manufacturer vanishing
2017-02-14: Does CR LF as a line ending cause extra problems with buffers?
2017-02-13: What file types we see inside singleton nested zipfiles in email
2017-02-12: I'm too much of a perfectionist about contributing to open source projects
2017-02-11: Different ways you can initialize a RAID-[567+] array
2017-02-10: Python won't (and can't) import native modules from zip archives
2017-02-09: Malware strains may go away sometimes, but they generally come back
2017-02-08: How to see and flush the Linux kernel NFS server's authentication cache
2017-02-06: Systemd's slowly but steadily increased idealism about the world
Our advantage in reliable backups is that we get restore requests
2017-02-05: Systemd should be better than it is, but it is still our best init system
2017-02-04: My views on X (Windows)
2017-02-03: What it's sensible to use a bunch of Unix swap space for
2017-02-02: Link: Four Column ASCII
Sometimes you get lucky and apparently dead disks come back to life
2017-01-31: Email attachments of singleton nested zipfiles are suspicious
2017-01-30: Why having CR LF as your line ending is a mistake
How you can abruptly lose your filesystem on a software RAID mirror
2017-01-29: How Unix erases things when you type a backspace while entering text
2017-01-28: What we still use ASCII CR for today (on Unix)
2017-01-27: Conversations, conversational units, and Twitter
2017-01-26: Things that make Go channels expensive to implement
2017-01-25: I think docstrings in Python are for everything, not just public things
2017-01-23: Linux desktops and pre-packaged machines from big vendors
My still-mixed feelings about Python's docstrings
2017-01-22: An Ubuntu default Bash setup that irritates me, especially for root
2017-01-20: Why tiling window managers are not really for me (on the desktop)
Spam and virus filtering on email is a risk (although likely not a big one)
2017-01-19: Thinking about how to add some SSDs on my home machine
2017-01-18: Exim, IPv6, and hosts that MX to localhost
2017-01-17: Making my machine stay responsive when writing to USB drives
2017-01-16: Linux is terrible at handling IO to USB drives on my machine
2017-01-15: Link: Let's Stop Ascribing Meaning to Code Points
Some notes on 4K monitors and connecting to them
2017-01-14: My picks for mind-blowing Git features
2017-01-13: The ZFS pool history log that's used by 'zpool history' has a size limit
2017-01-12: Modern ad networks are why adblockers are so effective
2017-01-11: ZFS's potentially very useful 'zpool history -i' option
2017-01-10: Picking FreeType CJK fonts for xterm on a modern Linux system
2017-01-09: Making modern FreeType-using versions of xterm display CJK characters
2017-01-08: One downside of a queued IO model is memory consumption for idle connections
2017-01-07: How ready my Firefox extensions are for Firefox Electrolysis
2017-01-06: Web adblockers and the potential for recreating the Usenet killfile problem
2017-01-05: Mail submission by users versus by your machines
2017-01-04: Make sure that (system) email works on every machine
2017-01-02: Software should support configuring overall time limits
ZFS may panic your system if you have an exceptionally slow IO
2016-12-31: I wish new editors thought about their overall ecology too
Ubuntu's AppArmor system is reasonably and pleasantly non-obnoxious
2016-12-30: A few useful standard readline bindings
2016-12-29: One reason why Go's increment and decrement statements are good to have
2016-12-28: The HTML IMG attributes and styling that I think I want
2016-12-26: A perhaps surprising consequence of Requires dependencies in systemd
Some new-to-me Vim motion commands that I want to try to remember
2016-12-25: What can be going on with your custom management commands in Django 1.10
2016-12-24: I should stop reading some mailing lists during breaks and vacations
2016-12-23: Why the gosimple program is great
2016-12-22: Malware is definitely out there and it's targeting us specifically
2016-12-21: An important little detail of our ZFS spares setup
2016-12-20: In praise of zpool history
2016-12-19: Don't assume you can renew TLS certificates whenever you want to
The great thing about using Let's Encrypt is the automation
2016-12-18: People may be accepting that security questions are a bad idea
2016-12-17: Some conference spammers mutate to show they're definitely spammers
2016-12-15: I now think you should have lots of Let's Encrypt accounts
Understanding the Let's Encrypt authorization process
2016-12-14: Vi, movement commands, efficiency, and me
2016-12-12: Some of my views on Naftali Harris's 'Python 2.8'
Realizing that I'm not actively attracted to FreeBSD for my desktop
2016-12-11: Fedora has become something you can't run if security matters much
2016-12-10: My view of using a docked laptop as my main machine
2016-12-09: It's a good idea to test your spare disks every so often
2016-12-08: Trailing text, a subtle gotcha with Go's fmt.Sscanf
2016-12-07: One reason why user namespaces keep enabling Linux kernel security issues
2016-12-05: My RPM build setup no longer works on Fedora for some packages
One advantage of 'self-hosted' languages
2016-12-04: Terminals are not enough (personal edition)
2016-12-03: One reason why rogue wireless access points are a bigger risk at universities
2016-12-02: IPv6, point to point links, and subnet lengths
2016-11-30: I suspect that lots of IPv6 hosts won't have reverse DNS
Terminals are not enough (sysadmin version)
2016-11-28: Some thoughts about options for light Unix laptops
Some impressions after a brief exposure to a Dell Chromebook 13
2016-11-27: The Chromebook login problem
2016-11-26: What I did to set up IPv6 on my wireless network so it really worked
2016-11-25: Why we don't and can't use the pam_exec PAM module
2016-11-23: Sometimes a little change winds up setting off a large cascade of things
We may have seen a ZFS checksum error be an early signal for later disk failure
2016-11-21: Link: RFC 6919: Further Key Words for Use in RFCs to Indicate Requirement Levels
What I'd like in Illumos/OmniOS: progressive crash dumps
I've wound up feeling tentatively enthusiastic about Python 3
2016-11-20: Is it time to not have platform-dependent integer types in languages?
2016-11-19: Why I don't think subscription-based charging gets you stability
2016-11-18: Unix shells and the problem of too-smart autocompletion
2016-11-17: Link: Twice the bits, twice the trouble: vulnerabilities induced by migrating to 64-bit platforms
The somewhat odd subject of Django versus Python
2016-11-16: Go's arbitrary-precision constants and cross compilation
2016-11-14: Open source and the problem of pure maintenance
2016-11-13: Why I believe native apps are not doomed by progressive web apps
Modern shells and running shell scripts while seteuid
2016-11-11: My view on accepting bounces and replies to your email
Yahoo Groups slides further down the spam source slope
2016-11-09: Getting a Yubikey 4 working on Ubuntu 14.04 LTS and other older Linuxes (in PIV mode)
I assume that it's always possible to compromise our security somehow
2016-11-08: Security often involves not doing things
2016-11-07: Why we have multiple wireless networks around here
The other reason why I've wound up not interested in firewall managers
2016-11-06: Admitting that I have have a non-simple firewall setup
2016-11-05: Web pages versus APIs, or my views on handling 'bad' requests
2016-11-04: Caution is a mistake in modern web servers and apps
2016-11-03: I suspect that browsers are not fully prepared for bad CAs
2016-11-01: Encouragingly, browsers have not backed down over WoSign
2016-10-31: DKMS kind of has a problem with its error messages
Link: Linux containers in 500 lines of code
Why I'm interested in nftables, the theoretical Linux iptables replacement
2016-10-30: How modern SSH key exchange provides (strong) protection against attacks
2016-10-29: More on SSH, public key authentication, and 'man in the middle' attacks
2016-10-28: How I set up a DHCP client for my backup Internet connection
2016-10-26: Why I'm unhappy with how Debian builds from source packages right now
What I'm doing to use a Yubikey in Fedora 24's Cinnamon desktop environment
2016-10-24: On classifying phish spam as malware, an update
How I've wound up being one of the people who don't update IoT firmware
2016-10-23: I should keep a released version of the Go compiler suite
2016-10-22: The shutdown program on a modern systemd-based Linux system
2016-10-21: The shutdown command is a relic of BSD's historical origins
2016-10-20: I like the Python 3 string .translate() method
2016-10-19: Writing in Python 3 has been a positive experience so far
2016-10-17: Making my Yubikey work reasonably with my X screen locking
2016-10-16: Why we care about long uptimes
How I managed to shoot myself in the foot with my local DNS resolver
2016-10-15: ZFS's 'panic on on-disk corruption' behavior is a serious flaw
2016-10-14: Watch out for web server configurations that 'cross over' between sites
2016-10-13: How I've set up SSH keys on my Yubikey 4 (so far)
2016-10-12: I have yet to start using any smartphone two-factor authentication
2016-10-10: How and why the new iptables -w option is such a terrible fumble
The modern web is an unpredictable and strange place to develop for
2016-10-09: What I think I want out of CPU performance in a new PC
2016-10-08: I have a blind spot where it comes to using chmod's symbolic modes
2016-10-07: Why OmniOS boot environments don't solve our upgrade issues
2016-10-06: How we could update our iSCSI backends and why we probably won't
2016-10-05: Linux can be really stable under the right circumstances
2016-10-03: My take on Git rebasing versus cherry-picking
2016-10-02: Why I've put a Twitter client on my smartphone
The MyDoom worm is still out there
2016-09-30: Some git repository manipulations that I don't know how to do well
In search of modest scale structured syslog analysis
2016-09-29: Making systemd-networkd really skip trying IPv6 on your networks
2016-09-28: Why I switched to the rc shell
2016-09-27: Why we're going to switch from SunSSH to OpenSSH on our fileservers
2016-09-25: How I live without shell job control
A surprising benefit of command/program completion in my shell
2016-09-23: You probably want to start using the -w option with iptables
Git's selective commits plus Magit are a killer feature for me
2016-09-22: Why we've wound up without ZFS ZILs or L2ARCs on our pools
2016-09-20: Today I learned that you want to use strace -fp
2016-09-19: A surprise with switching to holding keys in ssh-agent
My view on spam and potential denial of service attacks on anti-spam systems
2016-09-18: A little shift in malware packaging that I got to watch
2016-09-17: What encoding the syslog module uses in Python 3
2016-09-16: A shell thing: globbing operators versus expansion operators
2016-09-15: What I did to set up IPv6 on my wireless network
2016-09-14: When iptables SNAT and routing happens, and how this is annoying
2016-09-13: I don't understand Linux iptables NAT as well as I should
2016-09-12: A bunch of my sysadmin work seems to be like gardening
2016-09-11: We're probably going to see a major Certificate Authority de-trusted
2016-09-10: Link: Actually using ed
Some notes on curating the set of CAs that Firefox trusts
2016-09-09: Someone's exploiting Google's account recovery system to send spam
2016-09-08: Why my smartphone is going to be an iPhone
2016-09-06: Modules should never raise core Python exceptions
2016-09-05: Using Magit to selectively discard changes in your git working tree
An argparse limitation with nargs="*" and choices=...
2016-09-04: What I want in Vim with the mouse (and why I don't think I can have it)
2016-09-03: Why semantic versioning is not going to solve all our problems
2016-09-02: Some thoughts on Python 3 module APIs and Unicode conversion errors
2016-08-31: Python 3 module APIs and the question of Unicode conversion errors
The various IDs of disks, filesystems, software RAID, LVM, et al in Linux
2016-08-30: Bourne's getopts sadly makes simple shell scripts more cluttered and verbose
2016-08-29: Phones and tablets are going to change what sort of passwords I use
2016-08-28: My logic of blocking certain sorts of attachments outright
2016-08-26: Why ZFS L2ARC is probably not a good fit for our setup
2016-08-25: The single editor myth(ology)
2016-08-24: Blindly trying to copy a web site these days is hazardous
more, less, and a story of typical Unix fossilization
2016-08-23: Link: File crash consistency and filesystems are hard
Link: Git from the inside out
2016-08-22: A belated realization about 'TLS suicide' and user CGIs et al
An interesting case of NFS traffic (probably) holding a ZFS snapshot busy
2016-08-21: My pragmatic decision on GNU Emacs versus vim for my programming
2016-08-19: My current Go autocompletion setup in GNU Emacs
Localhost is (sometimes) a network
2016-08-17: A surprising missing Unix command: waiting until a time is reached
2016-08-16: How you tell what signals a Linux process is ignoring
2016-08-15: My ambivalent view on Vim superintelligence, contrasted with GNU Emacs
Some options for reindenting (some of) my existing Python code
2016-08-14: Code alone can tell you the what but it cannot tell you why
2016-08-13: What I did to set up a wireless network and what I have left to do
2016-08-12: I think I'm going to shift my style of Python indentation
2016-08-10: Systemd has a problem with SATA disks behind port multipliers
A look into a future where things assume you have a smartphone
2016-08-08: I need more than one way to get on the Internet from home
2016-08-07: Why I like the sam editor
The harm that comes from ZFS not being GPL-compatible
2016-08-05: Free software licenses are social things, not just legal ones
It's likely worth re-detecting your system's sensor chips every so often
2016-08-03: Some malware that sends interesting fake mailing list messages
Containerization as the necessary end point of deployment automation
2016-08-01: My new key binding hack for xcape and dmenu
2016-07-31: I've become mostly indifferent to what language something is written in
(Not) changing the stop timeout for systemd login session scopes
2016-07-30: The perils of having an ancient $HOME (a yak shaving story)
2016-07-29: My surprise problem with considering a new PC: actually building it
2016-07-28: A bit about what we use DTrace for (and when)
2016-07-27: When 'simple' DNS blocklists work well for you
2016-07-25: An irritating systemd behavior when you tell it to reboot the system
I should learn more about Grub2
2016-07-24: My view on people who are assholes on the Internet
2016-07-23: My current set of Chrome extensions (as of July 2016)
2016-07-22: Ubuntu 16.04's irritatingly broken MySQL updates
2016-07-21: My current set of essential extensions for Firefox profiles
2016-07-20: Official source release builds should not abort on (compilation) warnings
2016-07-19: How not to set up your DNS (part 23)
An interesting (and alarming) Grub2 error and its cause
2016-07-17: A good solution to our Unbound caching problem that sadly won't work
DNS resolution cannot be segmented (and what I mean by that)
2016-07-16: A caching and zone refresh problem with Unbound
2016-07-15: Sudo and changes in security expectations (and user behaviors)
2016-07-14: Your C compiler's optimizer can make your bad programs compile
2016-07-13: Our central web server, Apache, and slow downloads
2016-07-12: How we do MIME attachment type logging with Exim
2016-07-11: Why Python can't have a full equivalent of Go's gofmt
2016-07-10: Some options for logging attachment information in an Exim environment
2016-07-09: How Exim's ${run ...} string expansion operator does quoting
2016-07-08: Some notes on UID and GID remapping in the Illumos/OmniOS NFS server
2016-07-06: Keeping around an index to the disk bays on our iSCSI backends
It turns out that viruses do try to conceal their ZIP files
2016-07-04: A feature I wish the Linux NFS client had: remapping UIDs and GIDs
2016-07-03: An irritating little bug in the latest GNU Emacs Python autoindent code
2016-07-02: cal's unfortunate problem with argument handling
2016-07-01: How backwards compatibility causes us pain with our IMAP servers
2016-06-30: Some advantages of using argparse to handle arguments as well as options
What makes a email MIME part an attachment?
2016-06-29: Modern DNS servers (especially resolvers) should have query logging
2016-06-27: Today's lesson on the value of commenting your configuration settings
If you send email, don't expect people to help you with abuse handling
2016-06-26: How not to maintain your DNS (part 22)
2016-06-25: What Python 3 versions Django supports, and when this changes
2016-06-24: Our new plan for creating our periodic long term backups
2016-06-22: I need to cultivate some new coding habits for Python 3 ready code
Moving from Python 2 to Python 3 calls for a code inventory
2016-06-20: A tiny systemd convenience: it can reboot the system from RAM alone
2016-06-19: A lesson to myself: know your emergency contact numbers
Why ZFS can't really allow you to add disks to raidz vdevs
2016-06-18: It's easier to shrink RAID disk volumes than to reshape them
2016-06-17: Why you can't remove a device from a ZFS pool to shrink it
2016-06-15: How (some) syndication feed readers deal with HTTP to HTTPS redirections
ZFS on Linux has just fixed a long standing little annoyance
2016-06-14: Some notes on how xdg-open picks which web browser to use
How xdg-mime searches for MIME type handlers (more or less)
2016-06-12: There are (at least) two sorts of DNS blocklists
Some notes on adding exposed statistics to a (Go) program
2016-06-11: I accept that someday I'll give up MH and move to IMAP mail clients
2016-06-10: An email mistake I've made as a long-term university sysadmin
2016-06-09: My concern about the potential dominance of the mobile web
2016-06-08: How dominant is the mobile web (versus the desktop web)?
2016-06-06: My views of Windows 10 (from the outside)
I work in what is increasingly a pretty different sysadmin environment
2016-06-05: My approach for inspecting Go error values
2016-06-04: The (Unix) shell is not just for running programs
2016-06-03: One thing that makes the Bourne shell an odd language
2016-06-02: Spammers can abandon SMTP connections not infrequently
2016-05-31: Understanding the modern view of security
2016-05-30: The browser security dilemma
'Command line text editor' is not the same as 'terminal-based text editor'
2016-05-29: What does 'success' mean for a research operating system?
2016-05-28: A problem with using old OmniOS versions: disconnection from the community
2016-05-27: Your overall anti-spam system should have manual emergency blocks
2016-05-26: Why SELinux is inherently complex
2016-05-25: SELinux is beyond saving at this point
2016-05-23: How fast fileserver failover could matter to us
2016-05-22: Our problem with OmniOS upgrades: we'll probably never do any more
My view of Barracuda's public DNSBL
2016-05-21: Please stop the Python 2 security scaremongering
2016-05-20: Some notes on abusing the pexpect Python module
2016-05-19: Some basic data on the hit rate of the Spamhaus DBL here
2016-05-18: Go does not have atomic variables, only atomic access to variables
2016-05-16: A quick trick: using Go structs to create namespaces
Discovering my personal limit on how much I care about security
2016-05-15: It's time for me to upgrade my filtering HTTP proxy
2016-05-14: IPv6 is the future of the Internet
2016-05-13: You can call bind() on outgoing sockets, but you don't want to
2016-05-11: We're never going to be able to have everyone use two factor authentication
The difference between 'Delete' and 'Destroy' in X window managers
2016-05-09: An Apache trick: using directories to create redirections
You can't use expvar.Func to expose a bunch of expvar types
2016-05-08: Issues in fair share scheduling of RAM via resident set sizes
2016-05-07: 'Fair share' scheduling pretty much requires a dynamic situation
2016-05-06: A weird little Firefox glitch with cut and paste
2016-05-04: My annoyance with Chrome's cut and paste support under X
The better way to clear SMART disk complaints, with safety provided by ZFS
2016-05-02: How I think you set up fair share scheduling under systemd
The state of supporting many groups over NFS v3 in various Unixes
2016-04-30: I should keep and check notes even on my own little problems
A story of the gradual evolution of network speeds without me noticing
2016-04-29: You should plan for your anti-spam scanner malfunctioning someday
2016-04-28: You should probably track what types of files your users get in email
2016-04-26: How 'there are no technical solutions to social problems' is wrong
Bad slide navigation on the web and understanding why it's bad
2016-04-25: Why you mostly don't want to do in-place Linux version upgrades
2016-04-24: Why we have CentOS machines as well as Ubuntu ones
2016-04-23: Why I think Illumos/OmniOS uses PCI subsystem IDs
2016-04-22: What Illumos/OmniOS PCI device names seem to mean
2016-04-20: A brief review of the HP three button USB optical mouse
How to get Unbound to selectively add or override DNS records
2016-04-19: Today's odd spammer behavior for sender addresses
2016-04-18: Why your Apache should have mod_status configured somewhere
2016-04-17: Why Unix needs a standard way to deal with the file durability problem
2016-04-16: Why I think Let's Encrypt won't be a threat to commercial CAs for now
2016-04-15: Unbound illustrates the Unix manpage mistake with its ratelimits documentation
2016-04-14: Unix's file durability problem
2016-04-13: How I'm trying to do durable disk writes here on Wandering Thoughts
2016-04-12: There's a spectrum of 'pets versus cattle' in servers
2016-04-11: Why I don't use HTTP Key Pinning and I'm not likely to any time soon
2016-04-10: SPF is not a security feature, as it solves the wrong problem
2016-04-09: Why your Ubuntu server stalls a while on boot if networking has problems
2016-04-08: How to shoot yourself in the foot with /etc/network/interfaces on Ubuntu
2016-04-06: What is behind Unix's 'Text file is busy' error
How options in my programs conflict, and where argparse falls short
2016-04-05: Some notes on Go's expvar package
2016-04-04: The three types of challenges that Let's Encrypt currently supports
2016-04-03: Let's Encrypt certificates can be used for more than HTTPS
2016-04-01: A surprise to watch out for with Go's expvar package (in expvar.Var)
2016-03-31: My initial experience of using NSD as a simple authoritative DNS server
2016-03-30: I've now used Python's argparse module and I like it
My view of Debian's behavior on package upgrades with new dependencies
2016-03-28: An awkward confession and what we should do about it
Why I don't think upgrading servers would save us much power
2016-03-27: The limits of open source with Illumos and OmniOS
2016-03-26: The sensible update for my vintage 2011 home machine
2016-03-25: There's a relationship between server utilization and server lifetime
2016-03-23: How old our servers are (as of 2016)
Wayland and graphics card uncertainty
2016-03-21: Current PC technology churn that makes me reluctant to think about a new PC
When you want non-mutating methods in Go
2016-03-20: What broad hit rate the Spamhaus DBL might get for us
2016-03-18: The Spamhaus DBL does get hits even with basic checks
Some things I believe about importance and web page design
2016-03-16: How 'from module import ...' is not doing what you may expect
I wish I could split up code more easily in Python
2016-03-14: An additional small detail of how writes work on ZFS raidzN pools
How RPM handles configuration files, both technically and socially
2016-03-13: I've started using the Firefox addon Self-Destructing Cookies for some stuff
2016-03-11: Why it's irritating when Ubuntu packages don't include their configuration files
I need to use getopts sooner (and more often) in Bourne shell scripts
2016-03-09: A sensible surprise (to me) in the Bourne shell's expansion of "$@"
Some thoughts on ways of choosing what TLS ciphers to support
2016-03-07: Why it makes sense for true and false to ignore their arguments
Apt-get and its irritating lack of easy selective upgrades
2016-03-06: Firefox addons seem unfortunately prone to memory leaks
2016-03-05: What happens when a modern Linux system boots without /bin/sh
2016-03-04: Some notes on supporting readline (tab) completion in your Python program
2016-03-03: My views on clients for Lets Encrypt
2016-03-02: Some notes on OpenSSH's optional hostname canonicalization
2016-02-29: Turning over a rock on some weird HTTP requests to our web server
Sometimes, doing a bunch of programming can be the right answer
2016-02-28: The status of null-sender spam from outlook.com
2016-02-27: Link: A Short History Of Removable Media Behind The Iron Curtain
Sometimes brute force is the answer, Samba edition
2016-02-26: Our problem with iSCSI connections at boot on OmniOS
2016-02-24: Mozilla, Symantec, SHA-1 certificates, and the balance of power
I'm often an iterative and experimental programmer
2016-02-22: We've permanently disabled overlayfs on our servers
The university's coordination problem
2016-02-21: Why the Ubuntu package update process makes me irritated
2016-02-20: My two usage cases for Let's Encrypt certificates
2016-02-19: We can't use Let's Encrypt on our production systems right now
2016-02-18: Two models of dealing with cookies in Firefox with addons
2016-02-17: The many load averages of Unix(es)
2016-02-16: Whether or not to use cgo for Go packages, illustrated in a dilemma
2016-02-15: SMTP submission ratelimits should have delays too
2016-02-14: Your outgoing mail system should have a per-sender stop switch
2016-02-12: We need to deploy anti-spam precautions even if they're a bit imperfect
Adding a new template filter in Django 1.9, and a template tag annoyance
2016-02-11: My current views on using OpenSSH with CA-based host and user authentication
2016-02-10: The fundamental practical problem with the Certificate Authority model
2016-02-08: Old Unix filesystems and byte order
Clearing SMART disk complaints, with safety provided by ZFS
2016-02-07: Your SSH keys are a (potential) information leak
2016-02-06: You can have many matching stanzas in your ssh_config
2016-02-05: Some notes on SMF manifests (on OmniOS) and what goes in them
2016-02-03: Django, the timesince template filter, and non-breaking spaces
You aren't entitled to good errors from someone else's web app
2016-02-02: A justification for some odd Linux ARP behavior
2016-01-31: One thing I don't like about Fedora is slow security updates
The tradeoffs of having ssh-agent hold all of your SSH keys
2016-01-30: Some good practices for handling OpenSSH keypairs
2016-01-29: What SSH identities will be offered to a remote server and when
2016-01-28: Modern Django makes me repeat myself in the name of something
2016-01-26: Why my home backup situation is currently a bit awkward
Low level issues can have quite odd high level symptoms (again)
2016-01-25: A Python wish: an easy, widely supported way to turn a path into a module
2016-01-24: Hostile HTTPS interception on the modern web is now increasingly costly and risky
2016-01-22: Browsers are increasingly willing to say no to users over HTTPS issues
Memory-safe languages and reading very sensitive files
2016-01-21: One example of why I like ZFS on Linux
2016-01-20: Illumos's ZFS prefetching has recently become less superintelligent than it used to be
2016-01-18: Today I learned that a syslog server can be very silent on the network
A limitation of tcpdump is that you can't tell in from out
2016-01-17: My theory on how network loop caused the problem we observed
2016-01-15: Network loops can have weird effects (at least sometimes)
Things I learned from OpenSSH about reading very sensitive files
2016-01-13: What I want out of backups for my home machine (in the abstract)
Your system's performance is generally built up in layers
2016-01-11: The drawback of setting an explicit mount point for ZFS filesystems
The benefits of flexible space usage in filesystems
2016-01-10: Updating software to IPv6 is often harder than you might think
2016-01-09: The convenience of having keyboard controls for sound volume
2016-01-08: Getting to watch a significant spam campaign recently
2016-01-07: The format of strings in early (pre-C) Unix
2016-01-06: A fun Bash buffering bug (apparently on Linux only)
2016-01-05: Illumos's problem with its VCS commit messages
2016-01-04: How I do per-address blocklists with Exim
2016-01-03: One anti-spam thing I like is per-person (or per-address) blocklists
2016-01-02: I've realized I need to change how I read Twitter
2015-12-31: A defense of C's null-terminated strings
How I've wound up taking my notes
2015-12-30: Some notes on entering unusual characters in various X applications
2015-12-29: Take notes when (and as) you do things and keep them
2015-12-28: The limits of what ZFS scrubs check
2015-12-27: A confession: I find rejecting spam at SMTP time to be more satisfying
2015-12-26: Adjusting mouse sensitivity on Linux, and why you might want to
2015-12-25: I like Magit, the GNU Emacs package for Git
2015-12-24: There is a surprising amount of old SSL code in running MTAs
2015-12-23: Where cryptographic hashes come into TLS certificates
2015-12-21: Some opinions on how package systems should allow you to pin versions
The Apache mod_qos module worked for us
2015-12-20: There are three places spam filtering can happen these days
2015-12-18: A fun tale of network troubleshooting involving VLANs and MACs
Some things about the XSettings system
2015-12-17: Fixing the GTK UI font in my Fedora 23 setup
2015-12-16: I just had another smooth Fedora version upgrade with ZFS on Linux
2015-12-14: Some things that force Go to call the C library for name resolution on Linux
Getting xterm and modern X applications to do cut and paste together
2015-12-13: I still believe in shimming modules for tests
2015-12-12: My views on the choice of Linux distribution
2015-12-11: The ArchLinux wiki has quietly become a good resource for me
2015-12-09: Goroutines, network IO streams, and the resulting synchronization problem
A surprise about cryptographic signatures
2015-12-07: What I like web templating languages for
The old-fashioned and modern ways to remap keys in X (some notes)
2015-12-06: The (peculiar) freedom of having a slow language
2015-12-05: The details behind zpool list's new fragmentation percentage
2015-12-04: One limit to how much TLS can do for you against MITM attacks
2015-12-02: What zpool list's new FRAG fragmentation percentage means
2015-12-01: Red Hat has really doubled down on being email spammers
2015-11-30: My current dilemma: is it worth putting the root filesystem on a SSD
A new piece of my environment: xcape, an X modifier key modifier
2015-11-29: My feelings about my mechanical mini keyboard
2015-11-27: Documentation should explain why things are security issues, at least briefly
A thought on the apparent popularity of new static typing languages
2015-11-26: Some notes on Apache's suexec
2015-11-25: Why speeding up (C)Python matters
2015-11-23: PC laptop and desktop vendors are now clearly hostile parties
Why I care about how fast CPython is
2015-11-22: I should find some good small packages for templates and forms for CGIs
2015-11-21: What I think I want out of autocompletion in GNU Emacs (for Go coding)
2015-11-20: What modern version control systems are
2015-11-18: VCS bisection steps should always be reversible
Increasingly, I no longer solidly and fully know Python
2015-11-16: On public areas on the Net and conversations therein
The problems with creating a new template language
2015-11-15: I should remember that I can cast things in Go
2015-11-14: ZFS pool import needs much better error messages
2015-11-13: We killed off our SunSolve email contact address yesterday
2015-11-12: Don't have support registrations in the name of a specific sysadmin
2015-11-11: No new web templating languages; use an existing one
2015-11-10: Why I spent a lot of time agonizing over an error message recently
2015-11-09: What sysadmins want out of logging means that it can't be too simple
2015-11-08: The great Delete versus Backspace split
2015-11-07: Why I (still) care about SELinux and its flaws
2015-11-06: Revisiting a bit of my X keymapping history
2015-11-04: SELinux's usability, illustrated once again
Outlook.com now has collected some SBL listings
2015-11-02: When setting up per-thing email addresses, make sure you can turn them off
Status reporting commands should have script-oriented output too
2015-10-31: One advantage of System V is that it was available
In practice, anything involving the JVM is often a heavyweight thing
2015-10-30: My discovery that the USB mouse polling rate matters
2015-10-29: USB mouse polling rates under Linux
2015-10-28: System V was kind of backwards for a long time
2015-10-27: Some theories about what spammers get out of using null sender addresses
2015-10-26: The null sender spammers now seem to be entrenched on outlook.com
2015-10-25: More on chroot()'s history, and my blind spot about System III
2015-10-24: How my PS/2 to USB conversion issues have shaken out
2015-10-23: Perhaps it's a good idea to reboot everything periodically
2015-10-22: CPython's trust of bytecode is not a security problem
2015-10-21: Python bytecode is quite heavily trusted by CPython
2015-10-20: Why I never tell people how I voted
2015-10-19: Installing and pinning specific versions of OmniOS packages
2015-10-18: In Go, unsafe.Pointer is a built in type in the compiler
2015-10-17: Do generic stock servers have a future in a cloud world?
2015-10-16: Inside a Go 'terrible hack' in the reflect package
2015-10-15: Some notes on finding package versions in OmniOS with pkg
2015-10-14: OS installers should be easy to open up and modify
2015-10-13: Why I've come to really like git
2015-10-12: Why we hold kernels and other packages on our Ubuntu machines
2015-10-11: Bad news about how we detect and recover from NFS server problems
2015-10-09: How much space ZFS reserves in your pools varies across versions
Our low-rent approach to verifying that NFS mounts are there
2015-10-08: Why you (probably) want to have blog categories (and topics and more)
2015-10-07: The irritation of all of the Ubuntu kernels you wind up with
2015-10-05: How many recent sender domains are in the Spamhaus DBL
I don't trust Linux distributions to leave directories alone
2015-10-04: There's no point in multiple system filesystems any more
2015-10-03: There are two approaches to disaster recovery plans
2015-10-02: What creates a good wikitext dialect depends on how it's going to be used
2015-09-30: There are good and bad wikitext dialects
Why I can't see IPv6 as a smooth or fast transition
2015-09-29: Maybe I should try to find another good mini keyboard
2015-09-28: On not having people split their time between different bosses
2015-09-27: Wikitext not having errors creates a backtracking problem
2015-09-26: I've decided I'll port DWiki to Python 3, but not any time soon
2015-09-25: Do we want to continue using a SAN in our future fileserver design?
2015-09-24: We're probably going to need new Linux iSCSI target software
2015-09-23: One thing I'm hoping for in our third generation fileservers
2015-09-22: The Go 'rolling errors' pattern, in function call form
2015-09-21: When chroot() started to confine processes inside the new root
2015-09-20: Spam from outlook.com has gotten worse (well, for me)
2015-09-19: Experimenting with Firefox's 'Reader' mode (or view)
2015-09-18: Modern Linux laptop suspending and screenlocking makes me twitch
2015-09-17: We know what you are
2015-09-16: There are two different scenarios for replacing disks in a RAID
2015-09-14: A caution about cgo's error returns for errno
Tweaking code when I'm faced with the urge to replace it entirely
2015-09-13: I should have started blocking web page elements well before now
2015-09-12: How NFS deals with the pending delete problem
2015-09-11: ZFS scrub rates, speeds, and how fast is fast
2015-09-10: Changing kernel tunables can drastically speed up ZFS scrubs
2015-09-09: Some notes on my experience using Go's cgo system
2015-09-08: How we disable accounts here (and why)
2015-09-07: Getting gocode based autocompletion working for Go in GNU Emacs
Why we wind up deleting user accounts
2015-09-06: Optimizing finding unowned files on our ZFS fileservers
2015-09-05: Why we aren't tempted to use ACLs on our Unix machines
2015-09-04: Consistency and durability in the context of filesystems
2015-09-03: How I've decided to coordinate multiple git repos for a single project
2015-09-02: Thinking about the different models of supplying computing
2015-08-31: CGo's Go string functions explained
Turning, well copying blobs of memory into Go structures
2015-08-30: Getting C-compatible structs in Go with and for cgo
2015-08-29: The mailing list thread to bug tracking system problem
2015-08-28: The somewhat surprising history of chroot()
2015-08-27: Some notes on using Solaris kstat(s) in a program
2015-08-26: Why I wind up writing my own (sysadmin) tools
2015-08-25: One view on practical blockers for IPv6 adoption
2015-08-24: PS/2 to USB converters are complex things with interesting faults
2015-08-23: I think you should get your TLS configuration advice from Mozilla
2015-08-21: What surprised me about the Python assignment puzzle
What's going on with a Python assignment puzzle
2015-08-20: Using abstract namespace Unix domain sockets and SO_PEERCRED in Python
2015-08-19: Linux's abstract namespace for Unix domain sockets
2015-08-17: Getting dd's skip and seek straight once and for all
Why languages like 'declare before use' for variables and functions
2015-08-16: My irritation with Intel's CPU segmentation (and why it probably exists)
2015-08-15: Spam scoring systems are often not deliberately designed
2015-08-14: My current views on using DomainKeys (DKIM) here
2015-08-13: Enabling services on package updates is a terrible mistake
2015-08-12: What common older versions of free are telling you
2015-08-11: What free is really telling you, and some bits from /proc/meminfo
2015-08-10: My irritation with 'systemctl status'
2015-08-09: One potential problem with cloud computing for us is the payment model
2015-08-08: The ARC now seems to work right in ZFS on Linux
2015-08-07: One thing I now really want in ZFS: faster scrubs (and resilvers)
2015-08-06: Two factor authentication and emergency access to systems
2015-08-05: What I want out of two factor authentication for my own use
2015-08-04: A lesson to myself: commit my local changes in little bits
2015-08-03: Running Fedora 22's dnf as a normal user versus as root
2015-08-02: My view on the potential death of the ad-supported web
2015-07-31: The future problem with Firefox's Electrolysis project
Ubuntu once again fails at a good kernel security update announcement
2015-07-29: My workflow for testing Github pull requests
A cynical view on needing SSDs in all your machines in the future
2015-07-28: Why I still report bugs
2015-07-27: Spammers mine everything, Github edition
2015-07-26: Why I increasingly think we're unlikely to ever use Docker
2015-07-25: Everything that does TLS should log the SSL parameters used
2015-07-24: Fedora 22's problem with my scroll wheel
2015-07-22: A modest little change I'd like to see in bug reporting systems
Some thoughts on log rolling with date extensions
2015-07-20: My brush with the increasing pervasiveness of smartphone GPS mapping
The OmniOS kernel can hold major amounts of unused memory for a long time
2015-07-19: 'Retail' versus 'wholesale' spam
2015-07-18: Some data on how long it is between fetches of my Atom feed
2015-07-17: Your standard input is a tty in a number of surprising cases
2015-07-15: Eating memory in Python the easy way
Mdb is so close to being a great tool for introspecting the kernel
2015-07-14: Don't support shortened versions of your domain names in email addresses
2015-07-13: My personal view of OpenBSD
2015-07-12: A Linux software RAID message flood
2015-07-11: OpenBSD and the impact of culture
2015-07-10: What SSH keys in your .ssh/config will be offered to servers
2015-07-09: When SSH needs you to decrypt your keys
2015-07-08: Making GTK applications in alternate locations, settings edition
2015-07-07: The Git 'commit local changes and rebase' experience is a winning one
2015-07-06: My Django form field validation and cleanup pain
2015-07-05: Sysadmin use of email is often necessarily more or less interrupt driven
2015-07-04: Googlebot and Feedfetcher are still aggressively grabbing syndication feeds
2015-07-03: Wandering Thoughts is now ten years old
Some notes on my 'commit local changes and rebase' Git workflow
2015-07-02: Some thoughts on Go compiler directives being in source comments
2015-06-30: My early impressions of Fedora 22, especially of DNF
The probable and prosaic explanation for a socket() API choice
2015-06-29: BSD Unix developed over more time than I usually think
2015-06-28: Faster SSDs matter to companies because they sell things
2015-06-27: The next (or coming) way to connect SSDs to your system
2015-06-26: The status of our problems with overloaded OmniOS NFS servers
2015-06-25: Multiple set matches with Linux's iptables 'ipset' extension
2015-06-24: I've finally turned SELinux fully off even on my laptop
2015-06-23: A Bash test limitation and the brute force way around it
2015-06-22: Modern *BSDs have a much better init system than I was expecting
2015-06-21: Why System V init's split scripts approach is better than classical BSD
2015-06-20: Thinking about people's SSD inflection points in general
2015-06-19: Sometimes looking into spam for a blog entry has unexpected benefits
2015-06-18: The cost of OmniOS not having /etc/cron.d
2015-06-17: Exploring the irritating thing about Python's .join()
2015-06-16: NFS writes and whether or not they're synchronous
2015-06-15: My view of NFS protocol versions
2015-06-14: What I plug into my home Linux machine as far as peripherals go
2015-06-12: My pragmatic view of HTTPS versus caching
Red Hat are marketing email spammers now (in the traditional way)
2015-06-11: HTTP should be dropped even as a pure Internet transport mechanism
2015-06-10: My pragmatic view on switching to HTTPS and TLS everywhere
2015-06-09: How I use virtual screens in my desktop environment
2015-06-08: Exceptions as aggregators of error handling
2015-06-07: You won't get people off Python 2 by making their lives worse
2015-06-06: The security danger of exploitable bugs in file format libraries
2015-06-05: My current views on Rust (the programming language)
2015-06-04: Linux evolution through de facto quiet standards
2015-06-03: What makes for a simple web application environment
2015-06-01: The problem with 'what is your data worth?'
2015-05-31: Unix has been bad before
My view of setting up sane web server application delegations
2015-05-30: What I'm doing in reaction to Logjam (for HTTPS, SSH, and IKE)
2015-05-29: I don't commit changes in my working repos
2015-05-28: I don't find Github pull requests an easy way to submit patches
2015-05-27: The impact on you of making 'bad' bug reports
2015-05-25: One of the problems with 'you should submit a patch'
Email providers cannot stop spam by scanning outgoing email
2015-05-24: A mod_wsgi problem with serving both HTTP and HTTPS from the same WSGI app
2015-05-23: The right way for your WSGI app to know if it's using HTTPS
2015-05-22: Unsurprisingly, Amazon is now running a mail spamming service
2015-05-21: It's time for me to stop using lighttpd
2015-05-20: On the modern web, ISPs are one of your threats
2015-05-19: Converting filesystems from ext3 to ext4, and concerns attached to it (plus bad news for me)
2015-05-17: Why I'm interested in converting my ext3 filesystems to ext4
A bit more on the ZFS delete queue and snapshots
2015-05-15: Your Illumos-based NFS fileserver may be 'leaking' deleted files
The ZFS delete queue: ZFS's solution to the pending delete problem
The pending delete problem for Unix filesystems
2015-05-14: In Go, you need to always make sure that your goroutines will finish
2015-05-13: Go goroutines as a way to capture and hold state
2015-05-12: It's time to stop coddling software that can't handle HTTPS URLs
2015-05-11: The problem with proportional fonts for editing code and related things
2015-05-10: Our mail submission system winds up handling two sorts of senders
2015-05-09: What addresses we accept and reject during mail submission
2015-05-08: Sometimes it's useful to have brute force handy: an amusing IPMI bug
2015-05-06: Why keeping output to 80 columns (or less) is still sensible
Unix's pipeline problem (okay, its problem with file redirection too)
2015-05-04: Monitoring tools should report timestamps (and what they're monitoring)
What I want to have in shell (filename) completion
2015-05-03: Sometimes knowing causes does you no good (and sensible uses of time)
2015-05-02: OmniOS as a NFS server has problems with sustained write loads
2015-04-30: I'm considering ways to mass-add URLs to Firefox's history database
Why I have a perpetual browser history
2015-04-29: The 'EHLO ylmf-pc' plague of SMTP authentication guessers
2015-04-28: There's no portable way to turn a file descriptor read only or write only
2015-04-27: The fading out of tcpwrappers and its idea
2015-04-26: My complicated feelings on abandoning old but good code
2015-04-25: I'm still running a twelve year old Python program
2015-04-24: A DKMS problem I had with lingering old versions
2015-04-23: Upgrading machines versus reinstalling them
2015-04-22: Don't make /opt a filesystem on OmniOS (or probably Illumos generally)
2015-04-20: I don't think I'm interested in containers
An interesting trick for handling line numbers in little languages
2015-04-19: A potential path to IPv6 (again), but probably not a realistic one today
2015-04-18: A core problem of IPv6 adoption is the lack of user benefits
2015-04-17: In practice, programmers mostly understand complexity by superstition
2015-04-16: Are Python dictionaries necessarily constant-time data structures?
2015-04-15: Illusory security is terrible and is worse than no security
2015-04-14: Allowing people to be in more than 16 groups with an OmniOS NFS server
2015-04-12: One speed limit on your ability to upgrade your systems
Spam victims don't care what business unit is responsible for the spam
2015-04-10: I wish systemd would get over its thing about syslog
My Firefox 37 extensions and addons (sort of)
2015-04-09: Probably why Fedora puts their release version in package release numbers
2015-04-08: Your entire download infrastructure needs to use HTTPS
2015-04-07: How Ubuntu and Fedora each do kernel packages
2015-04-06: What adblockers block
2015-04-05: A note on the argument about the 'morality' of adblockers
2015-04-04: An important note if you want to totally stop an IKE IPSec connection
A weird new IKE IPSec problem that I just had on Fedora 21's latest kernel
2015-04-03: Understanding the (original) meaning of Unix load average
2015-04-02: When the Unix load average was added to Unix
2015-03-31: Btrfs's mistake in limiting itself to two-way mirroring
2015-03-30: My preliminary views on mosh
The 'cattle' model for servers is only a good fit in certain situations
2015-03-29: SSH connection sharing and erratic networks
2015-03-28: All browsers need a (good) way to flush memorized HTTP redirects
2015-03-27: Looking more deeply into some SMTP authentication probes
2015-03-26: Why systemd should have ignored SysV init script LSB dependencies
2015-03-25: A significant amount of programming is done by superstition
2015-03-24: What is and isn't a bug in software
2015-03-23: Systemd is not fully backwards compatible with System V init scripts
2015-03-22: I now feel that Red Hat Enterprise 6 is okay (although not great)
2015-03-21: Spammers show up fast when you open up port 25 (at least sometimes)
2015-03-20: Unix's mistake with rm and directories
2015-03-19: A brief history of fiddling with Unix directories
2015-03-18: The real speed advantage static rendering has over dynamic rendering
2015-03-16: Solving our authenticated SMTP problem by rethinking it
Our difficulties with OmniOS upgrades
2015-03-15: The importance of user interface, illustrated by the Go flag package
2015-03-14: Using an automounter doesn't always help with bad NFS servers
2015-03-13: The puzzle of packets to your host that your host doesn't respond to
2015-03-12: My feelings about GRUB 1 versus GRUB 2
2015-03-11: The irritation of being told 'everyone who cares uses ECC RAM'
2015-03-10: Why installing packages is almost always going to be slow (today)
2015-03-09: I should document my test plans and their results
2015-03-08: Why ZFS's 'directory must be empty' mount restriction is sensible
2015-03-06: Our brute force solution for port isolation without port isolated switches
The simple way CPython does constant folding
2015-03-05: An interesting excursion with Python strings and is
2015-03-04: What creates inheritance?
2015-03-03: The latest xterm versions mangle $SHELL in annoying ways
2015-03-02: My view of the difference between 'pets' and 'cattle'
2015-02-28: Sometimes why we have singleton machines is that failover is hard
2015-02-27: Email from generic word domains is usually advance fee fraud spam
What limits how fast we can install machines
2015-02-25: My current issues with systemd's networkd in Fedora 21
My Linux container temptation: running other Linuxes
2015-02-24: How we do and document machine builds
2015-02-23: In shell programming, I should be more willing to write custom tools
2015-02-22: Unsurprisingly, random SMTP servers do get open relay probes
2015-02-21: It turns out that I routinely use some really old Linux binaries
2015-02-20: All of our Solaris 10 machines are now out of production
2015-02-19: Exploiting Python metaclasses to forbid subclassing and where it fails
2015-02-18: I wish Python didn't allow any callable to be a 'metaclass'
2015-02-17: Your example code should work and be error-free
2015-02-16: Web ads considered as a security exposure
2015-02-15: My current views on Firefox adblocker addons
2015-02-14: Planning ahead in documentation: kind of a war story
2015-02-13: The technical side of Python metaclasses (a pointer)
2015-02-11: Good technical writing is not characterless and bland
ZFS can apparently start NFS fileservice before boot finishes
2015-02-10: Our ZFS fileservers have a serious problem when pools hit quota limits
2015-02-09: 'Inbox zero' doesn't seem to work for me but it's still tempting
2015-02-08: The history of commercial Unix and my pragmatism
2015-02-07: Trying to move towards Ed25519 OpenSSH host keys: a stumbling block
2015-02-06: A thought on containerization, isolation, and deployment
2015-02-05: All of our important machines are pets and special snowflakes
2015-02-04: How our console server setup works
2015-02-03: Why we've wound up moving away from serial consoles on our machines
2015-02-02: Why people were enthused about gcc early on in its life
2015-01-31: The problem with punishing people over policy violations
Upgrades and support periods
2015-01-30: I've come to believe Django's way of defining database tables is wrong
2015-01-29: The practical result of OpenBSD's support policy
2015-01-28: A thought about social obligations to report bugs
2015-01-27: Our current email anti-virus system is probably ineffective now
2015-01-26: Some notes on keeping up with Go packages and commands
2015-01-25: The long term problem with ZFS on Linux is its license
2015-01-24: Web applications and generating alerts due to HTTP requests
2015-01-23: A problem with gnome-terminal in Fedora 21, and tracking it down
2015-01-22: How to set up static networking with systemd-networkd, or at least how I did
2015-01-21: Why I'm switching to systemd's networkd stuff for my networking
2015-01-19: A gotcha with Python tuples
Why user-hostile policies are a bad thing and a mistake
2015-01-18: Limited retention policies for email are user-hostile
2015-01-16: Node.js is not for me (and why)
Using systemd-run to limit something's RAM consumption on the fly
2015-01-15: Link: Against DNSSEC by Thomas Ptacek
General ZFS pool shrinking will likely be coming to Illumos
2015-01-14: What /etc/shells is and isn't
2015-01-13: Our tradeoffs on ZFS ZIL SLOG devices for pools
2015-01-12: I've now seen comment spam attempts from Tor exit nodes
2015-01-11: The effects of losing a ZFS ZIL SLOG device, as I understand them
2015-01-10: Autoplaying anything is a terrible decision, doubly so for video
2015-01-09: Why filesystems need to be where data is checksummed
2015-01-08: ZFS should be your choice today if you need an advanced filesystem on Unix
2015-01-07: Forwarding access to only a subset of ssh-agent's identities
2015-01-06: Choices filesystems make about checksums
2015-01-05: Today on Linux, ZFS is your only real choice for an advanced filesystem
2015-01-04: What makes a 'next generation' or 'advanced' modern filesystem, for me
2015-01-03: The effects of our fileserver multi-tenancy
2015-01-02: Where we have multi-tenancy in our fileserver environment
2014-12-31: I love Apache (well, like it at least)
A retrospective on my one Django web application
2014-12-30: Somewhat to my surprise, classical viruses by email are still a thing
2014-12-29: How I have partitioning et al set up for ZFS On Linux
2014-12-28: How I think DNSSec will have to be used in the real world
2014-12-27: My ZFS On Linux memory problem: competition from the page cache
2014-12-26: My experience with ZFS on Linux: it's worked pretty well for me
2014-12-25: DNSSec in the real world: my experience with DNSSec
2014-12-24: The security effects of tearing down my GRE tunnel on IPSec failure
2014-12-22: The future of OmniOS here if we can't get 10G-T working on it
Why Go's big virtual size for 64-bit programs makes sense
2014-12-21: A steady change in the source of blog comment spam attempts
2014-12-20: Unsurprisingly, laptops make bad to terrible desktops
2014-12-19: Our likely long road to working 10G-T on OmniOS
2014-12-17: The potential end of public clients at the university?
2014-12-16: Does having a separate daemon manager help system resilience?
2014-12-15: How a Firefox update just damaged practical security
Why your 64-bit Go programs may have a huge virtual size
2014-12-14: How init wound up as Unix's daemon manager
2014-12-13: There are two parts to making your code work with Python 3
2014-12-12: The bad side of systemd: two recent systemd failures
2014-12-10: What good kernel messages should be about and be like
How to delay your fileserver replacement project by six months or so
2014-12-09: Why I do unit tests from inside my modules, not outside them
2014-12-08: Why I don't believe in generic TLS terminator programs
2014-12-07: How we install Ubuntu machines here
2014-12-06: Browser addons can effectively create a new browser
2014-12-05: How security sensitive is information about your network architecture?
2014-12-04: Log retention versus log analysis, or really logs versus log analysis
2014-12-03: Security capabilities and reading process memory
2014-12-02: The unreasonable effectiveness of web crawlers
2014-11-30: You should keep your system logs for longer than you probably are
TLS versions in connections to my spam-catching sinkhole SMTP server
2014-11-29: Sometimes you need to turn things into small, readily solvable problems
2014-11-28: How I made IPSec IKE work for a point to point GRE tunnel on Fedora 20
2014-11-26: Using iptables to block traffic that's not protected by IPSec
Using go get alone is a bad way to keep track of interesting packages
2014-11-25: My Linux IPSec/VPN setup and requirements
2014-11-24: Delays on bad passwords considered harmful, accidental reboot edition
Using the SSH protocol as a secure transport protocol
2014-11-23: I'm happier ignoring the world of spam and anti-spam
2014-11-22: The effects of a moderate Hacker News link to here
2014-11-21: Lisp and data structures: one reason it hasn't attracted me
2014-11-20: Sometimes the way to solve a problem is to rethink the problem
2014-11-18: Finding free numbers in a range, crudely, with Unix tools
2014-11-17: Why I need a browser that's willing to accept bad TLS certificates
2014-11-16: We've started to decommission our Solaris 10 fileservers
States in a state machine aren't your only representation of state
2014-11-15: Our current problems with 10G Intel networking on OmniOS
2014-11-14: Sometimes there are drawbacks to replicating configuration files
2014-11-13: I want opportunistic, identity-less encryption on the Internet
2014-11-12: A wish: setting Python 3 to do no implicit Unicode conversions
2014-11-10: Why I don't have a real profile picture anywhere
What it took to get DWiki running under Python 3
2014-11-09: NFS hard mounts versus soft mounts
2014-11-07: What you're saying when you tell people to send in patches
Porting to Python 3 by updating to modern Python 2
2014-11-05: (Probably) Why Bash imports functions from the environment
The weakness of doing authentication over a side channel
2014-11-03: Hassles with getting our NFS mount authentication working on Linux
What I'm worried about with retina displays on Linux
2014-11-02: A drawback in how DWiki parses its wikitext
2014-10-31: With ZFS, rewriting a file in place might make you run out of space
A drawback to handling errors via exceptions
2014-10-29: Quick notes on the Linux iptables 'ipset' extension
Unnoticed nonportability in Bourne shell code (and elsewhere)
2014-10-28: My current somewhat tangled feelings on operator.attrgetter
2014-10-27: Practical security and automatic updates
2014-10-26: Things that can happen when (and as) your ZFS pool fills up
2014-10-25: The difference in available pool space between zfs list and zpool list
2014-10-24: In Go I've given up and I'm now using standard packages
2014-10-23: The clarity drawback of allowing comparison functions for sorting
2014-10-22: Exim's (log) identifiers are basically unique on a given machine
2014-10-20: Some numbers on our inbound and outbound TLS usage in SMTP
Revisiting Python's string concatenation optimization
2014-10-19: Vegeta, a tool for web server stress testing
2014-10-18: During your crisis, remember to look for anomalies
2014-10-17: My experience doing relatively low level X stuff in Go
2014-10-16: Don't use dd as a quick version of disk mirroring
2014-10-15: Why system administrators hate security researchers every so often
2014-10-14: Bashisms in #!/bin/sh scripts are not necessarily bugs
2014-10-13: System metrics need to be documented, not just to exist
2014-10-12: Phish spammers are apparently exploiting mailing list software
2014-10-11: Thinking about how to create flexible aggregations from causes
2014-10-10: Where your memory can be going with ZFS on Linux
2014-10-09: How /proc/slabinfo is not quite telling you what it looks like
2014-10-08: Simple web application environments and per-request state
2014-10-07: Why blocking writes are a good Unix API (on pipes and elsewhere)
2014-10-06: Why it's sensible for large writes to pipes to block
2014-10-05: Making bug reports is exhausting, frustrating, and stressful
2014-10-03: Why people are almost never going to be reporting bugs upstream
When using Illumos's lockstat, check the cumulative numbers too
2014-10-02: The problem with making bug reports about CentOS bugs
2014-09-30: NetworkManager and network device races
Don't split up error messages in your source code
2014-09-28: Learning a lesson about spam-related logging (again)
2014-09-27: Changing major version numbers does not fix compatibility issues
DWiki, Python 3, Python, and me
2014-09-26: The practical problems with simple web apps that work as HTTP servers
2014-09-25: Why CGI-BIN scripts are an attractive thing for many people
2014-09-24: One thing I've come to dislike about systemd
2014-09-22: Go is mostly easy to cross-compile (with notes)
Another side of my view of Python 3
2014-09-21: One reason why Go can have methods on nil pointers
2014-09-19: My view on using VLANs for security
What I mean by passive versus active init systems
2014-09-18: Ubuntu's packaging failure with mcelog in 14.04
2014-09-17: In praise of Solaris's pfiles command
2014-09-15: My collection of spam and the spread of SMTP TLS
I want my signed email to work a lot like SSH does
2014-09-14: My current hassles with Firefox, Flash, and (HTML5) video
2014-09-13: What can go wrong with polling for writability on blocking sockets
2014-09-12: How not to do IO multiplexing, as illustrated by Amanda
2014-09-10: The cause of our slow Amanda backups and our workaround
Does init actually need to do daemon supervision?
2014-09-08: What an init system needs to do in the abstract
2014-09-07: Systemd's fate will be decided by whether or not it works
The kernel should not generate messages at the behest of the Internet
2014-09-05: A DTrace script to help figure out what process IO is slow
Some uses for SIGSTOP and some cautions
2014-09-04: Some other benefits of using non-HTTP frontend to backend transports
2014-09-03: Why we don't want to do any NAT with IPv6
2014-09-01: An IPv6 dilemma for us: 'sandbox' machine DNS
2014-08-31: We don't believe in DHCP for (our) servers
The downside of expanding your storage through bigger disks
2014-08-30: How to change your dm-cache write mode on the fly in Linux
2014-08-29: A hazard of using synthetic data in tests, illustrated by me
2014-08-27: One reason why we have to do a major storage migration
The difference between Linux and FreeBSD boosters for me
2014-08-26: Why I don't like HTTP as a frontend to backend transport mechanism
2014-08-24: 10G Ethernet is a sea change for my assumptions
My spam is (mostly) boring
2014-08-23: Some notes on Python packaging stuff that wasn't obvious to me
2014-08-22: Where DTrace aggregates are handled for printing et al
2014-08-21: How data flows around on the client during an Amanda backup
2014-08-20: Explicit error checking and the broad exception catching problem
2014-08-18: An example of a subtle over-broad try in Python
The potential issue with Go's strings
2014-08-17: The challenges of diagnosing slow backups
2014-08-15: Caches should be safe by default
A consequence of NFS locking and unlocking not necessarily being fast
2014-08-13: Bind mounts with systemd and non-fstab filesystems
How you create a systemd .mount file for bind mounts
2014-08-11: Copying GPT partition tables from disk to disk
2014-08-10: The problem with self-contained 'application bundle' style packaging
What I want out of a Linux SSD disk cache layer
2014-08-09: Intel has screwed up their DC S3500 SSDs
2014-08-08: Hardware can be weird, Intel 10G-T X540-AT2 edition
2014-08-06: A peculiarity: I'm almost never logged in to websites
2014-08-05: Why LinkedIn's 'you must join to unsubscribe' is evil
Another piece of my environment: running commands on multiple machines
2014-08-04: Why our new SAN environment is separate from our old SAN environment
2014-08-03: Our second generation ZFS fileservers and their setup
2014-08-02: The benchmarking problems with potentially too-smart SSDs
2014-07-31: The temptation to rebuild my office machine with its data in ZFS on Linux
2014-07-30: Why I like ZFS in general
My view on FreeBSD versus Linux, primarily on the desktop
2014-07-28: FreeBSD, cultural bad blood, and me
2014-07-27: Go is still a young language
Save your test scripts and other test materials
2014-07-25: An interesting picky difference between Bourne shells
The OmniOS version of SSH is kind of slow for bulk transfers
2014-07-23: What influences SSH's bulk transfer speeds
One of SELinux's important limits
2014-07-21: What I know about the different types of SSH keys (and some opinions)
2014-07-20: The CBL has a real false positive problem
HTTPS should remain genuinely optional on the web
2014-07-19: Some consequences of widespread use of OCSP for HTTPS
2014-07-18: In practice, 10G-T today can be finicky
2014-07-16: My (somewhat silly) SSD dilemma
2014-07-15: A data point on how rapidly spammers pick up addresses from the web
2014-07-14: Unmounting recoverable stale NFS mounts on Linux
2014-07-13: An obvious reminder: disks can and do die abruptly
Early impressions of CentOS 7
2014-07-11: You want to turn console blanking off on your Linux servers
Some notes on bisecting a modified Firefox source base with Mercurial
2014-07-10: The core security problem of SSL on the web is too much trust
2014-07-09: What the differences are between Python bools and ints
2014-07-08: Exploring a surprise with equality in Python
Some thoughts on SAN long-term storage migration
2014-07-06: Goroutines versus other concurrency handling options in Go
The problem with filenames in IO exceptions and errors
2014-07-05: Another reason to use frameworks like Django
2014-07-04: An interesting Go concurrency bug that I inflicted on myself
2014-07-02: Bash is letting locales destroy shell scripting (at least on Linux)
Why Solaris's SMF is not a good init system
2014-07-01: An index of non-letter control characters
2014-06-30: Comparing RPM versions in the shell
My .screenrc
2014-06-29: The tradeoffs for us in a SAN versus disk servers
2014-06-27: A retrospective on our overall fileserver architecture et al
A retrospective on our Solaris ZFS-based NFS fileservers (part 2)
2014-06-25: A retrospective on our Solaris ZFS-based NFS fileservers (part 1)
How my new responsive design here works
2014-06-23: Python 3 has already succeeded in the long run
2014-06-22: Things I like about Go
I need some responsive website design around here
2014-06-21: Sometimes 'unsubscribing' does seem to reduce spam activity
2014-06-20: What Python versions I can use (June 2014 edition)
2014-06-19: Some notes on Go's godoc and what it formats how
2014-06-18: Would I be comfortable documenting our systems in some sort of public?
2014-06-16: My view: a wiki by itself will not solve your problems
2014-06-15: The web is social, and thus minor features can matter a lot
Weird spammer behavior: a non-relaying relay attempt
2014-06-14: I'm not very impressed with Ubuntu 14.04 LTS so far
2014-06-13: Undoing an errant 'git commit --amend'
2014-06-12: An init system has two jobs
2014-06-11: Some thoughts on testing parsers
2014-06-10: An irritating and interesting su change from Ubuntu 12.04 to 14.04
2014-06-09: A challenge in new languages: learning to design good APIs
2014-06-08: The fundamental problem that created su
2014-06-07: Some ways to do sleazy duck typing in Go (from a Python perspective)
2014-06-06: On the Internet, weirdness is generally uncommon
2014-06-05: SMTP's crazy address formats didn't come from nowhere
2014-06-04: Why I don't like SMTP command parameters
2014-06-03: My just-used Go logging idiom and why it is in fact wrong
2014-06-02: Vi's composability antecedent (or one of them)
2014-05-31: Wnen trying to unsubscribe from spam can be not completely crazy
One of my test based development imperfections: use driven testing
2014-05-30: In Go, sometimes a nil is not a nil
2014-05-29: The state of limits on how many groups you can be in (especially for NFS)
2014-05-28: Yahoo Groups has a bad spam problem and they don't care
2014-05-27: Some things for enumerated constants in Go
2014-05-25: Firefox, DRM, and reality
Computing has two versions of 'necessary'
2014-05-23: What ssh-agent does with multiple keys loaded
Why Java is a compiled language and Python is not
2014-05-22: Why Python uses bytecode (well, probably): it's simpler
2014-05-21: How I wish ZFS pool importing could work
2014-05-19: A building block of my environment: sps, a better tree-based process list
Why desktop Linuxes want you to reboot after updates
2014-05-18: What it would take to replace Firefox as my web browser
2014-05-17: The problem of encrypted SSH keys and screen
2014-05-16: Some notes from migrating towards encrypted SSH keys
2014-05-15: My personal and biased view of sudo versus su
2014-05-14: Modern mail forwarding is leaky
2014-05-13: The security model of sudo versus su
2014-05-12: The advantages of editors over database programs for modifying your data
2014-05-11: Why I don't use relational databases in practice
2014-05-09: Some uses for Python's 'named' form of string formatting
Operating systems cannot be hermetically sealed environments
2014-05-08: The modern world of spliced together multi-layer DNS resolution
2014-05-07: How I use Unbound on Fedora 20 to deal with the VPN DNS issue
2014-05-06: Another problem with building your own packages: dependency issues
2014-05-05: The power of meaningless identifiers
2014-05-04: How I set up my Firefox 29's UI
2014-05-03: My Firefox 29 extensions and addons
2014-05-02: An important addition to how ZFS deduplication works on the disk
2014-04-30: Failover versus sparing in theory and in practice
Backup systems, actual hosts, and logical hosts
2014-04-29: Static sites are stable sites
2014-04-28: How dynamic language code gets optimized
2014-04-27: Thoughts about Python classes as structures and optimization
2014-04-26: What I can see about how ZFS deduplication seems to work on disk
2014-04-25: A Unix semantics issue if your filesystem can snapshot arbitrary directories
2014-04-23: How Yahoo's and AOL's DMARC 'reject' policies affect us
At least partially understanding DMARC
2014-04-21: The question of language longevity for new languages
Thinking about how to split logging up in multiple categories et al
2014-04-20: A heresy about memorable passwords
2014-04-19: Cross-system NFS locking and unlocking is not necessarily fast
2014-04-18: What modern filesystems need from volume management
2014-04-17: Partly getting around NFS's concurrent write problem
2014-04-16: Where I feel that btrfs went wrong
2014-04-14: Chasing SSL certificate chains to build a chain file
My reactions to Python's warnings module
2014-04-13: A problem: handling warnings generated at low levels in your code
2014-04-11: The relationship between SSH, SSL, and the Heartbleed bug
What sort of kernel command line arguments Fedora 20's dracut seems to want
2014-04-10: My current choice of a performance metrics system and why I picked it
2014-04-09: Pragmatic reactions to a possible SSL private key compromise
2014-04-08: My goals for gathering performance metrics and statistics
2014-04-07: Giving in: pragmatic If-Modified-Since handling for Tiny Tiny RSS
2014-04-06: How not to generate If-Modified-Since headers for conditional GETs
2014-04-05: An important additional step when shifting software RAID mirrors around
2014-04-03: Shifting a software RAID mirror from disk to disk in modern Linux
The scariness of uncertainty
2014-04-02: I'm angry that ZFS still doesn't have an API
2014-03-31: I'm done with building tools around 'zpool status' output
Why I sometimes reject patches for my own software
2014-03-30: One of my worries: our spam filtering in the future
2014-03-28: Recovering from a drive failure on Fedora 20 with LVM on software RAID
How we wound up with a RFC 1918 IP address visible in our public DNS
2014-03-26: Why people keep creating new package managers
The DNS TTL problem
2014-03-24: The importance of having full remote consoles on crucial servers
Why I don't trust transitions to single-user mode
2014-03-23: Differences in URL and site layout between static and dynamic websites
2014-03-22: Avoiding reboots should not become a fetish
2014-03-21: Thinking about when rsync's incremental mode doesn't help
2014-03-20: Killing (almost) all processes on Linux is not recoverable
2014-03-19: Why I like ZFS's zfs send and zfs receive
2014-03-17: Simple versus complex marshalling in Python (and benchmarks)
Rebooting the system if init dies is a hack
2014-03-16: You don't have to reboot the system if init dies
2014-03-14: Guessing whether people will unsubscribe from your mailing lists
Logins and related things really do change, and for good reasons
2014-03-13: The argument about unbound methods versus functions
2014-03-11: How functions become bound or unbound methods
2014-03-10: The problem of conditional GET and caches for dynamic websites
2014-03-09: Solaris gives us a lesson in how not to write documentation
Why we don't change Unix login names for people
2014-03-08: Why I think 10G-T will be the dominant form of 10G Ethernet
2014-03-07: Coming to terms with D-Bus
2014-03-05: A bit more about the various levels of IPC: whether or not they're necessary
ZFS's problem with boot time magic
2014-03-03: The multiple levels of interprocess communication
2014-03-02: Googlebot is now aggressively crawling syndication feeds
Cool URL fragments don't change either
2014-02-28: Yet another problem with configuration by running commands
Arguments for explicit block delimiters in programming languages
2014-02-26: PCI slot based device names are not necessarily stable
Saying goodbye to the PHP pokers the easy way
2014-02-24: Nerving myself up to running experimental setups in production
The origins of DWiki and its drifting purpose
2014-02-23: The problem with indentation in programming languages
2014-02-22: A subtle advantage of generating absolute path URLs during HTML rendering
2014-02-21: You should segregate different traffic to different mailing lists
2014-02-19: Some rough things about the naming of SAS drives on Linux
The reasoning problem with describing things with a programming language
2014-02-18: People can always unsubscribe from your mailing lists
2014-02-17: File based engines and the awkward problem of special URLs
2014-02-16: Why comments aren't immediately visible on entries here
2014-02-14: 'Broken by design: systemd' is itself kind of broken
The good and bad of the System V init system
2014-02-13: Init's (historical) roles
2014-02-11: Why systemd is winning the init wars and other things aren't
2014-02-10: My dividing line between working remotely and working out of the office
2014-02-09: Why I want a solid ZFS implementation on Linux
Why I'm not looking at installing OmniOS via Kayak
2014-02-08: You cannot have just one network install server
2014-02-07: A followup to what sudo emails to ignore and not ignore
A surprise with OmniOS disk sizing: the rpool/dump ZVOL
2014-02-06: Some thoughts on what sudo emails to ignore and to not ignore
2014-02-05: An interesting internal Django error we just got
2014-02-03: The big attraction of SQLite
Technological progress and efficiency
2014-02-02: An illustration of the problem of noise
2014-01-31: Why I now believe that duck typed metaclasses are impossible in CPython
Linux has at least two ways that disks can die
2014-01-30: OmniOS (and by extension Illumos) is pretty much Solaris
2014-01-29: One cause of Linux's popularity among Unixes
2014-01-28: Building software packages yourself is generally a waste (why package selection matters)
2014-01-27: Things that affect how much support you get from a Linux distribution
2014-01-26: Why writing sysadmin tools in Go is getting attractive
2014-01-25: The origin of RCS (the version control system)
2014-01-24: Things I want to remember during a security incident
2014-01-22: Microsoft has become a spam emitter
Security is everyone's job (why Ruby is wrong about OpenSSL)
2014-01-21: Fake versus real metaclasses and what a fully functional metaclass is
2014-01-20: A thought about the popularity of server-side JavaScript
2014-01-19: Some thoughts on structured logging, especially in and for databases
2014-01-18: Your web application should have an audit log
2014-01-16: Link: Armin Ronacher's 'More About Unicode in Python 2 and 3'
Debian does not have long term support
2014-01-15: SELinux fails again (Fedora 20 edition)
Real support periods versus nominal official ones
2014-01-14: The problem with OmniOS's 'build your own' view for Perl and Python
2014-01-13: Sadly, we're moving away from Red Hat Enterprise Linux
2014-01-12: Why I don't want fully automated installs
2014-01-11: Why I am not enthused about Red Hat Enterprise 6
2014-01-10: An interesting recent spam run against one of my machines
2014-01-09: Using different sshd options for different origin hosts
2014-01-08: The good and bad of Linux's NetworkManager
2014-01-06: The problem with compiling your own version of Python 3
Some thoughts on blog front pages in the modern era
2014-01-05: Hard drives really do wear out, so you need a a hardware budget
2014-01-04: One aspect of partial versus full entries on blog front pages
2014-01-03: What determines Python 2's remaining lifetime?
2014-01-02: Python 3's core compatibility problem and decision
2013-12-31: Two uses of fmt
Reversing my view on Python 3 for new general code: avoid it
Link: Alex Gaynor's 'About Python 3'
2013-12-30: My growing entanglement into vi
2013-12-29: Broad thoughts on tags for blog entries
2013-12-28: The era of known top-level domains or valid TLD patterns is mostly over
2013-12-27: A reason to keep tags external in 'entry as file' blog engines
2013-12-26: How ZFS scrubs routinely save us
2013-12-25: Procedures are not documentation
2013-12-24: The 'entry as file' blog engine problem with tags
2013-12-23: A good reason to use write-intent bitmaps
2013-12-22: The benefits of using expendable email addresses for most things
2013-12-21: If you're using Linux's magic SysRq, increase the log level right away
2013-12-20: A realization: on the modern web, everything gets visited
2013-12-19: Your (HTML) template language should have conditionals
2013-12-18: Thinking about what we'll need for reproducible OmniOS installs
2013-12-17: You probably don't want to use Make to build your generated files
2013-12-16: My computers are increasingly sort of Internet terminals
2013-12-15: Making large selections in xterm (and urxvt and Gnome Terminal)
2013-12-14: Why I'm not likely to use Chrome much in the future
2013-12-13: Using cgroups to limit something's RAM consumption (a practical guide)
2013-12-12: Some observations from playing with PyPy on DWiki
2013-12-11: The problem with nondeterministic garbage collection
2013-12-10: My current view of PyPy
2013-12-09: Hardware is weird (disk enclosure edition)
2013-12-08: Sometimes the right thing to do is to stop (and even to give up)
2013-12-07: Things get weird with read-only NFS mounts and atime on Linux
2013-12-06: The three levels of read-only NFS mounts
2013-12-05: Some thoughts on a body of knowledge for system administration
2013-12-04: sudo is not an auditing mechanism
2013-12-03: The three faces of sudo
2013-12-02: What Go has become for me: Python with performance
2013-11-30: Why 'hotplug' approaches to device handling are the right way
The case of the disappearing ESATA disk
2013-11-29: How modern Linux software RAID arrays are assembled on boot (and otherwise)
2013-11-28: A quick analysis of bounces here
2013-11-27: The difference between CPython and Python
2013-11-25: From CPython bytecode up to function objects (in brief)
Track your disk failures
2013-11-24: Baidu's web spider ignores robots.txt (at least sometimes)
2013-11-23: You are not fooling us with broken bounce addresses
2013-11-22: My hack use for Chrome's Incognito mode
2013-11-20: test is surprisingly smart
The difference between no argument and an empty argument
2013-11-18: Why booting Linux from a ZFS root filesystem with GRUB can be hard
2013-11-17: The 10G Ethernet performance problem on Linux
Sending and receiving file descriptors in Python
2013-11-16: Unix getopt versus Google's getopt variant and why Unix getopt wins
2013-11-15: Professional knowledge, certification, and regulation
2013-11-14: One reason I like Go: it seems natural to avoid object churn
2013-11-13: The cost of expensive hardware and the benefit of hindsight
2013-11-11: Go's getopt problem
2013-11-10: Are those chassis fans actually still spinning?
My views on network booting as an alternative to system disks
2013-11-09: Google Feedfetcher is still fetching feeds and a User-Agent caution
2013-11-08: The spectrum of options when netbooting systems
2013-11-06: Why you might not want to use SSDs as system disks just yet
Modern versions of Unix are more adjustable than they used to be
2013-11-04: How writes work on ZFS raidzN pools, with implications for 4k disks
2013-11-03: Wikitext needs a better way of writing tables
Why we're switching to SSDs for system disks
2013-11-02: Revising our peculiar ZFS L2ARC trick
2013-10-31: Our likely future backend and fileserver hardware
Naming disk devices: drive IDs versus drive locations
2013-10-30: An open question: part uniformity versus unit cost
2013-10-28: If you're on the IPv4 Internet, you really are in public now
2013-10-27: Old and new addresses and spam
Some things I've learned from transitioning a website to HTTPS
2013-10-26: 10G Ethernet and network buffer sizes (at least on Linux)
2013-10-25: Modern disk write caches and how they get dealt with (a quick overview)
2013-10-24: How to force a disk write cache flush operation on Linux
2013-10-23: Paying for services is not necessarily enough
2013-10-21: NFS's problem with (concurrent) writes
Thinking about how I want to test disk IO on an iSCSI backend
2013-10-20: Thoughts inspired by the abstract idea of Docker-like things
2013-10-19: I should never have allowed 'outside' content to break my layout
2013-10-18: ZFS uberblock rollback and the top level metadata change rate
2013-10-17: There are two cases for changing SSL/TLS cipher settings
2013-10-16: Disused addresses and the impact of spam
2013-10-15: Why I'm not looking for any alternatives to iSCSI for us
2013-10-14: The importance of small UI tweaks (for me), dmenu edition
2013-10-13: Revisiting some bits of ZFS's ZIL with separate log devices
2013-10-11: Some pain points of parsing wikitext (and simplifications that avoid them)
How DWiki parses its wikitext (part 1)
2013-10-10: Sun's NeWS was a mistake, as are all toolkit-in-server windowing systems
2013-10-09: An interesting bug with module garbage collection in Python
2013-10-07: What happens when CPython deletes a module
2013-10-06: What reloading a Python module really does
The per-NFS-operation data for NFS mounts in /proc/self/mountstats
2013-10-05: The xprt: data for NFS mounts in /proc/self/mountstats
2013-10-04: The bytes and events data for NFS mounts in /proc/self/mountstats
2013-10-03: What is in /proc/self/mountstats for NFS mounts: an introduction
2013-10-02: What your User-Agent header should include and why
2013-09-30: Centralizing syslogs as an easy way to improve your environment
2013-09-29: Spammers illustrating, well, something
Universities and long term perspectives
2013-09-28: Why I put configuration management systems over packaging systems
2013-09-27: The long term future of any particular configuration management system
2013-09-26: Trying to explain my harshness on configuration management tools
2013-09-24: A semi-wish for an official 'null MX' standard
2013-09-23: The FTE pricing gamble (for vendors)
ZFS filesystem compression and quotas
2013-09-22: An example of optimizing C in the face of undefined behavior
2013-09-20: Nested conditional expressions in Python (and code golf)
2013-09-19: Processes waiting for NFS IO do show in Linux %iowait statistics
Load is a whole system phenomenon
2013-09-18: Reconsidering external disk enclosures versus disk servers
2013-09-17: The pain (or annoyance) of deploying a simple WSGI thing
2013-09-15: Regular expression performance and performance folklore
Identities, trust, and work
2013-09-14: A basic overview of SAS and using SATA with SAS
2013-09-13: Why I think dir() excludes metaclass methods
2013-09-12: I am not a (Unix) purist
2013-09-11: Understanding why CSRF protection really needs cookies
2013-09-09: Why the RPM source and binary package format is superior to Debian .debs
A slow realization: many of my dotfiles don't need to be dotfiles
2013-09-07: Why wiring things up physically instead of virtually is better for us
Good SSL for your website is absurdly difficult in practice
2013-09-06: Making switch configuration changes is not as easy as it looks
2013-09-05: The physical versus the virtual approach to network wiring
2013-09-04: What (and how) I use HTML tables for layout here
2013-09-02: The current weak areas of ZFS on Linux
A little bit more on ZFS RAIDZ read performance
2013-08-31: Simple availability doesn't capture timing and the amount of warning
HTML quoting as I currently understand it
2013-08-30: I'm done with feeling guilty about using HTML tables for layout
2013-08-29: A new piece of my environment: clearing the X selection
2013-08-28: I'm vaguely yearning for a simpler framework than Django
2013-08-26: An example GNU Readline quoting function
2013-08-25: On classifying phish spam as malware
Adding basic quoting to your use of GNU Readline
2013-08-24: My personal view of Fedora versus Ubuntu on the desktop
2013-08-23: Looking at how many viruses we've seen in email recently
2013-08-22: I've changed my thinking about redundant power supplies
2013-08-21: Disk enclosures versus 'all in one case' designs
2013-08-20: The challenge for ARM servers, at least here
2013-08-19: My views on various bits of disk drive technology today
2013-08-16: SSDs may make ZFS raidz viable for general use
A peculiar use of ZFS L2ARC that we're planning
Funding and the size of hardware you want to buy
2013-08-15: My understanding of modern C undefined behavior and its effects
2013-08-14: The pragmatics of an HTTP to HTTPS transition
2013-08-13: You should convert wikitext to HTML through an AST
2013-08-11: The feature (or features) I really want added to xterm
Multi-mount protection and SAN failover
2013-08-10: The importance of names, illustrated through my mistake
2013-08-09: Link: My current dmenu changes
2013-08-08: How to accidentally reboot a server
My Cinnamon desktop customizations
2013-08-07: Understanding how generators help asynchronous programming
2013-08-05: Who or what your website is for and more on HTTP errors
2013-08-04: What's changed in Unix networking in the last decade or so
2013-08-03: The paucity of generally useful HTTP error codes
The pragmatic issues around HTTP error codes mattering (or not)
2013-08-02: I'm giving up on a custom laptop environment for Fedora 19
2013-07-31: The problem with a custom laptop environment: designing it
A Python code structure problem: exception handling with flags
2013-07-30: Phish spam and outside events
2013-07-29: A consistent preference in APIs for kernel and other low-level APIs
2013-07-28: The constraints shaping kernel APIs
2013-07-27: The easy path versus the virtuous path (in system setup)
2013-07-26: Communication is work and a corollary
2013-07-25: An important thing about security issues in HTTP error responses
2013-07-24: Why vendor prices are important things to have
2013-07-23: When Python regexp alternation is faster than separate regexps
2013-07-22: External disk enclosures versus disk servers
2013-07-21: A fun problem: monitoring randomness reduces it
2013-07-19: A bit on the performance of lexers in Python
Thinking about the security issues in HTTP 403 versus 404 errors
2013-07-18: Fedora 19 and the search for volume management
2013-07-17: Do specific HTTP error codes actually matter?
2013-07-15: Systemd needs sensible, non-truncated output
Git's petty little irritation for me
2013-07-14: Why single vendor solutions are a hard sell
2013-07-13: What we need in our fileservers (in the abstract)
2013-07-11: The ZFS ZIL's optimizations for data writes
ZFS transaction groups and the ZFS Intent Log
2013-07-10: Knowing when to go your own way with open source programs
2013-07-09: How we want to recover our ZFS pools from SAN outages
2013-07-07: Sometimes the right thing to do is nothing (at least right then)
A mistake to avoid with summer interns
2013-07-06: Is it particularly useful to have old Unix source sitting around?
2013-07-05: ZFS deduplication is terribly documented
2013-07-04: My version of the story of universities and Unix source code
2013-07-03: You can re-connect() UDP sockets (portably)
2013-07-02: Today's question: are anti-spam statistics useful for us?
2013-06-30: Our pragmatic approach to updating machines to match our baseline
Some very basic DNS blocklist hit information for the last 30 days
2013-06-29: connect() plus write() versus sendto() for UDP sockets
2013-06-28: The limitations of not actually knowing a language
2013-06-27: How much of our incoming email is checked at SMTP DATA time
2013-06-26: What I want from a future version of NFS
2013-06-25: Balancing Illumos against ZFS on Linux
2013-06-24: How to get your syndication feed fetcher at least temporarily banned here
2013-06-23: 'Human error' is not a root cause of problems
2013-06-22: Automatedly overwriting changed files is not a feature
2013-06-21: A Django application design puzzle about modularity
2013-06-20: The question of whether to rewrite an old but working service
2013-06-19: Our approach to configuration management
2013-06-18: What's in the way of us using automated configuration management
2013-06-17: My job versus my career: some thoughts
2013-06-16: Python 3 has very little benefit for ordinary Python programmers
2013-06-15: I'm considering building a custom laptop environment
2013-06-14: The core issue in the Python 3 transition (from my view)
2013-06-13: I don't usually think about IO transfer times
2013-06-12: UI details that you don't expect to can matter a lot
2013-06-11: The good and bad of IPS (as I see it)
2013-06-10: What the SELinux community should be doing
2013-06-09: SELinux should have its own errno value
2013-06-08: The Flickr redesign and knowing your site's focus
2013-06-07: My current understanding of 'software defined networking'
2013-06-06: Why building RPMs for a different architecture is a hard problem
2013-06-05: The case against blog sidebars
2013-06-04: SELinux's toxic mistake
2013-06-02: Security is not the most important thing to most people
Why I do IPSec improperly and reduce my security
2013-05-31: The mystery of POSTs with a zero Content-Length
Understanding the MongoDB code that people are laughing at
2013-05-30: I find Systemtap oddly frustrating
2013-05-28: How you should package local-use configuration files
2013-05-27: Understanding SQL placeholders
Our situation with ZFS and 4 Kb physical sector disks
2013-05-26: Empirically, modern mailing list services are spam senders
2013-05-24: Understanding how CVE-2013-1979 might be exploited
My issue with infinite scrolling web pages: the lack of a stopping point
2013-05-23: Why web robots sending Referer headers is wrong
2013-05-21: Diffbot's bad Referer header
2013-05-20: A serious potential danger with Exim host lists in ACLs
2013-05-19: Today's comment spammer trick: regurgitated comments
The technical effects of being an out of tree Linux kernel module
2013-05-18: A little habit of our documentation: how we write logins
2013-05-17: Why I'm not considering btrfs for our future fileservers just yet
2013-05-16: Why ZFS's CDDL license matters for ZFS on Linux
2013-05-15: Why I've so far been neglecting functional programming languages
2013-05-13: My language irritations with Go (so far) and why I'm wrong about them
The Unix philosophy is not an end to itself
2013-05-11: The consequences of importing a module twice
2013-05-10: Illustrating the tradeoff of security versus usability
Disk IO is what shatters the VM illusion for me right now
2013-05-08: Thoughts on when to replace disks in a ZFS pool
How ZFS resilvering saved us
2013-05-07: Python's relative import problem
2013-05-05: Unix is not necessarily Unixy
The original vision of RISC was that it would be pervasive
2013-05-04: What I see as RISC's big bets
2013-05-03: Virtual disks should be treated as 4k 'Advanced Format' drives
2013-05-01: Two xargs gotchas that you may not know about
2013-04-30: The two stories of RISC
2013-04-29: My practical problem with preconfigured virtual machine templates
My view of ARM versus other RISCs
2013-04-28: My sysadmin view of Python virtualenvs
2013-04-27: Some theories on why DNSBLs may be dwindling away
2013-04-26: Are there less anti-spam DNS blocklists than there used to be?
2013-04-25: How SuS probably requires the 'run at least once' xargs behavior
2013-04-24: Two mistakes I made with VMs today
2013-04-23: Goodbye, djb dnscache
2013-04-21: RCS should not be your first choice for version control
Why a free SSL Certificate Authority is not horrifying
2013-04-19: How ZFS deals with 'advanced format' disks with 4 Kb physical sectors
How I want storage systems to handle disk block sizes
2013-04-18: How SCSI devices tell you their logical and physical block sizes
2013-04-17: Some thoughts on going to HTTPS by default
2013-04-15: The basics of 4K sector hard drives (aka 'Advanced Format' drives)
Go's friction points for me (and a comparison to Python)
2013-04-14: Python's data structures problem
2013-04-13: Classic linked lists versus Python's list (array) type
2013-04-12: My view on software RAID and the RAID write hole
2013-04-11: Something I'd like to be easier in Solaris's IPS
2013-04-10: Some important things about OpenBSD PF's max-* options
2013-04-08: Fedora 18's TexLive packaging failure
Why ZFS still needs an equivalent of fsck
2013-04-07: The apparent source of my Firefox memory bloat problems
2013-04-06: What I needed to do with Grub2 to change my boot disk
2013-04-05: Authoritative, non-recursive DNS servers now need ratelimiting
2013-04-04: An irritating OpenBSD PF limitation on redirections
2013-04-03: How to make sysadmins unhappy with your project's downloads
2013-04-02: Why listen(2)'s backlog parameter has such an odd meaning
2013-03-31: Why we'll continue to have local compute servers in the future
Can we really use the cloud?
2013-03-30: One irritation in xargs's interface
2013-03-29: Illumos-based distributions are currently not fully mature
2013-03-27: What checksums in your filesystem are usually actually doing
2013-03-26: Reconsidering a ZFS root filesystem
2013-03-25: Rethinking avoiding Apache
My (current) view of using branches in VCSes
2013-03-24: Looking at how many external recipients inbound email goes to
2013-03-22: Looking at how many recipients our average inbound email has
The problem with trying to make everything into a Python module
2013-03-21: The FreeBSD iSCSI initiator is not ready for serious use (as of 9.1)
2013-03-20: Don't use ab for your web server stress tests (I like siege instead)
2013-03-18: The wrong way for a framework to lay out projects
2013-03-17: The power of suggestion that documentation has
Argument validation using functions
2013-03-16: I'm giving up on upgrading my laptop from Fedora 14
2013-03-15: A dive into the depths of yes `yes no`
2013-03-14: What I want out of a web-based syndication feed reader
2013-03-12: MATE Desktop's failure in Fedora 18
In universities, computers are not an essential service
2013-03-10: The easy way to wind up with multiple subnets on a single (V)LAN segment
The systemd dependency problem
2013-03-09: Why .rpmnew files are evidence of packaging failures
2013-03-08: Debian shows how to do Apache configuration right (and Fedora fumbles it)
2013-03-06: How we make Exim cut off bounce loops
Turning off delays on failed password authentications
2013-03-04: Why you should never use '/bin/sh -c ...' in configuration files
2013-03-03: Why a netcat-like program is a good test of a language
Go: when I'd extend an interface versus making a new one
2013-03-02: The mythology of spending money on things, or not doing so
2013-02-28: A decorator for decorators that accept additional arguments
Looking at whether Zen-listed IPs keep trying to send us email
2013-02-27: Link: Go at Google: Language Design in the Service of Software Engineering
2013-02-26: How Linux servers should boot with software RAID
Thinking about how much Solaris 11 is worth to us
Looking at whether (some) IP addresses persist in zen.spamhaus.org
2013-02-24: You should avoid using socket.SOMAXCONN
What limits the number of concurrent connections to a server
2013-02-22: (Ab)using awk on the fly
2013-02-21: Go: using type assertions to safely reach through interface types
Some notes on my first experience with Go
2013-02-20: The meaning of listen(2)'s backlog parameter
2013-02-19: The source of C's dependency hell for linking
2013-02-18: The strikes against Solaris 11 for us
2013-02-17: Some brief opinions and notes on uWSGI
2013-02-16: Finding out what TLS/SSL cryptography people actually get with your servers
2013-02-15: SSL/TLS cipher names (aka 'cipher suites') and what goes into them
2013-02-14: The cost of an API mistake in the socket module's fromfd()
2013-02-12: Some notes on Linux's ionice
2013-02-11: The sinking feeling of discovering a design mistake in your code
Thinking about how I use email
2013-02-10: A little irritating (but understandable) limitation on Go interfaces
2013-02-09: Solve your command parsing problems by using scripts
2013-02-08: Linux's great advantage as a Unix is its willingness to make wrenching changes
2013-02-07: Today's learning experience with CSS: don't be indirect
2013-02-05: What makes DWiki and other dynamic file based blog engines slow
2013-02-04: Dynamic web sites and blogs need not be slow, illustrated
What good cryptography error messages need to include
2013-02-03: Systems with cryptography should always have minimal workarounds
2013-02-02: A fundamental problem with the trackback protocol
2013-01-31: The shifting SBL, as experienced here
Why you should support specifying comparison keys (and functions)
2013-01-30: Thinking about FreeBSD versus Illumos for our ZFS fileservers
2013-01-28: Some patterns for easy to parse Domain Specific Languages in Python
2013-01-27: How the modern web 2.0 social web irritates me by hiding discussions
User mode servers versus kernel mode servers
2013-01-25: Some places where I think that Unix is incomplete or imperfect
Unix needs to grow and a consequence of that
2013-01-23: My Unix is a general purpose operating system
What I want to know about kernel security updates
2013-01-22: Disaster recovery preparation is not the same as a DR plan
2013-01-20: Disaster recovery for computers is a means, not an end to itself
Real disaster recovery plans require preallocated resources
2013-01-18: SLAs, downtime, and planning
More on my favorite way of marking continued lines
2013-01-16: My favorite way of marking continued lines
How I drafted (okay, wrote) an entry in public by accident
2013-01-14: Why JavaScript (or something like it) is in demand
Good JavaScript usage is a good thing
2013-01-13: Blogspot's massive web 1.0 failure
2013-01-12: Runtime loading of general code usually requires general dynamic linking
2013-01-11: A thought about static linking and popularity
2013-01-10: The fundamental problem faced by user-level NFS servers
2013-01-09: It turns out I'm biased towards kernel iSCSI target implementations
2013-01-08: Why we wound up using Linux for our iSCSI targets
2013-01-07: Why bad support matters (war story included)
2013-01-06: 24 hours of Atom feed requests here
2013-01-05: What I think changed to make spam deliveries not cost-free
2013-01-04: DTrace's stable providers are not good enough
2013-01-03: An alterate pattern for polymorphism in C
2013-01-02: Some patterns for polymorphism in C
2012-12-31: How our fileserver infrastructure is a commodity setup (and inexpensive)
GNU sort's -h option
2012-12-30: What I'd have liked to hear about Python 3 from the developers
2012-12-29: Why I think that stupid spamming is actively wasteful
2012-12-28: A spammer that is not the brightest light in the box
2012-12-27: Why I somewhat irrationally have a distrust of ZFS on Linux
2012-12-26: Does Python 2 need to evolve?
2012-12-25: A confession: Python 3 has always made me kind of angry
2012-12-24: Why we're almost certainly staying with ZFS
2012-12-23: What we (probably) want in a future version of Solaris
2012-12-22: Packaging in compiled versus interpreted languages
2012-12-21: Version control comes first
2012-12-20: Sysadmins should pretty much version control everything
2012-12-19: Part of good awk programming is getting the clause order right
2012-12-18: Why I'm still using VMware
2012-12-17: Should you alert on the glaringly obvious?
2012-12-16: Alerts should be actionable (and the three sorts of 'alerts')
2012-12-15: A few small notes about OpenBSD PF (as of 4.4 and 5.1)
2012-12-13: A drawback of short servers
2012-12-12: fork() and closing file descriptors
One good use for default function arguments
2012-12-10: The general lesson from the need for metrics
Things that systemd gets right
2012-12-09: When I'd use a web server other than Apache
2012-12-08: Why Apache is such a temptation
2012-12-07: How I use virtualization (and what for)
2012-12-05: One way to break down how people use virtualization
In praise of KVM-over-IP systems
2012-12-04: You can't assume that your performance problems will be obvious
2012-12-03: A reason for detailed commit messages: as a guard against errors
2012-12-02: What goes into the terminal's 'cbreak' and 'raw' modes
2012-11-30: All kernel messages should be usefully ratelimited. No exceptions.
My new view on why you need to profile code
2012-11-29: One reason why having metrics is important
2012-11-28: When you make a harmless change, check to make sure that it is
2012-11-27: You don't necessarily know what matters for performance
2012-11-25: More thoughts on why Python doesn't see much monkey-patching
The limits of monkey patching in Python
2012-11-24: Simple markup as a style guide and limiter
2012-11-22: A little Unix difference that irritates: what word erase erases
Optional features are in practice not optional to understand
2012-11-21: The varying appeal of wikitext and other simple markup
2012-11-20: Where my Firefox performance problem seems to be
2012-11-19: Python 3's print() annoys me (although maybe it shouldn't)
2012-11-18: Linux is less divergent than commercial Unixes used to be
2012-11-17: Why Google's handling of multiple domains on inbound messages is okay
2012-11-16: Why DTrace does not attract people to Solaris very often
2012-11-15: A learning experience: internal mail flow should never be allowed to bounce
2012-11-13: The problem with SELinux (still)
A potential path to IPv6
2012-11-11: Explaining an RPM oddity
A reminder: string concatenation really is string concatenation
2012-11-10: Why Unix doesn't have user-changeable namespaces
2012-11-09: Some amusing cut and paste work from spammers
2012-11-08: Devops, the return of system programmers?
2012-11-07: DTrace: figuring out what you have access to at tracepoints
2012-11-06: Why I want to do full end-to-end performance tests
2012-11-04: Your logs should always include IP addresses (in addition to hostnames)
Good and bad formats for your log messages
2012-11-03: Another go-around on the drawbacks and balances of automation
2012-11-02: Why our ZFS fileservers sometimes boot slowly
2012-10-31: Our DTrace scripts for NFS server, ZFS, and iSCSI initiator monitoring
Some stats and notes on relay attempts for our external mail gateway
2012-10-30: How I am doing randomized read IO to avoid ZFS prefetching
2012-10-29: How ZFS file prefetching seems to work
2012-10-28: Some unusual SMTP activity from would-be spammers
2012-10-27: The difference between cryptographic and normal random number generators
2012-10-26: Thinking about an unusual sequence
2012-10-25: Always make sure you really understand what your problem is
2012-10-24: Why you should support 'reload' as well as 'restart'
2012-10-23: The problem of simulating random IO
2012-10-22: Why parsers matter
2012-10-21: Why fork() is a good API
2012-10-20: The issue with measuring disk performance through streaming IO
2012-10-19: An old Unix trick for saving databases
2012-10-18: A danger of default values for function arguments (in illustrated form)
2012-10-17: Operators and system programmers: a bit of System Administrator history
2012-10-16: Switch flow control and buffering: what we think was wrong in our iSCSI network
2012-10-15: The anatomy of a performance problem with our mail spool
2012-10-14: DTrace: two mistakes you can make in DTrace scripts
2012-10-13: DTrace: counting, aggregates, and a nice undocumented printa() feature
2012-10-12: SSL CAs have an impossible job (if you want them to be thorough)
2012-10-11: Controlling Linux TCP socket send buffer sizes
2012-10-10: Disk IO latency is often what matters
2012-10-09: The negative results problem with search engines
2012-10-08: Acclimatization makes competition in web search engines hard(er)
2012-10-06: Python can execute zip files
How averages mislead you
2012-10-05: Notes on Linux's blktrace
2012-10-04: Averages mislead: an illustrated example
2012-10-03: DTrace: notes on quantization and aggregates
2012-10-02: Some notes on getting durations in DTrace
2012-09-30: A new anti-spam precaution after our local spam incident
2012-09-29: A recent spam oddity that I've been mulling over
What I would like in colour-specification interfaces
2012-09-28: fork() versus strict virtual memory overcommit handling
2012-09-27: Microkernels and device drivers
2012-09-26: Microkernels and modularity: do microkernels ever make sense?
2012-09-25: The jaundiced C programmer's view of object orientation
2012-09-24: The wrong way to harvest system-level performance stats
2012-09-23: How we handle Ubuntu LTS versions
2012-09-22: Speculation about what comment spammers think they're doing here
2012-09-21: How I enter URLs in my browser
2012-09-20: My alternative to bookmarks: a page of links as the browser start page
2012-09-19: Two views of the argparse module
2012-09-18: My Python versions
2012-09-17: The options problem in Python
2012-09-16: The problem with noise
2012-09-15: Sensible reboot monitoring
2012-09-14: What determines how much work a ZFS resilver has to do
2012-09-13: Why you need mass package rebuilds in some circumstances
2012-09-12: The core problem with developers doing their own packaging
2012-09-11: A realization about ratelimit time horizons
2012-09-09: The core difference between Debian source packages and RPMs
When I've interned Python strings
2012-09-08: When you can log bad usernames for failed authentications
2012-09-07: What the standard(s) say about the order of readdir()'s results
2012-09-06: A little trick and gotcha with Exim ratelimits
2012-09-05: Some thoughts on logging failed login attempts (for existing users)
2012-09-03: People are not ignorant (usually)
2012-09-02: What I would like: testable mailers
Solaris 11 is still closed source (and Oracle is careless with words)
2012-08-31: A realization about one bit of test-driven development
A small rant about looking down on Linux users
2012-08-30: My perspective on why we do in-place reinstalls of machines
2012-08-29: A realization: install configuration files before packages
2012-08-28: When Exim generates bounce messages
2012-08-27: You should log all successful user authentication
2012-08-26: Some brief information about a local spam incident
2012-08-25: Some odd behavior from blog comment spammers
2012-08-24: The theoretical right way to check if an account is in a Unix group
2012-08-23: Illustrating the Ubuntu clown car, AccountsService edition
2012-08-22: My view on the understandability of language idioms
2012-08-21: Another problem with how Debian builds from source packages
2012-08-20: Sysadmins hate updates (more or less)
2012-08-19: Why I don't like the Debian source package format
2012-08-18: What everyone needs in source packages
2012-08-17: How Firefox performs (and doesn't) for me
2012-08-16: Why I hate vendors, printers edition
2012-08-15: The historical background of the *BSD 'base system' versus Linux
2012-08-13: When and where I fell out of love with Firefox
2012-08-12: A nice illustration of the cost of creating and destroying objects in Python
The CPython bytecode difference between iteration and looping
2012-08-11: How not to write kernel messages
2012-08-09: Learning something from not testing jQuery 1.8's beta releases
Ubuntu 12.04 and symbolic links in world-writeable sticky-bitted directories
2012-08-08: Linux ps's problem with login names
2012-08-06: The theoretical legality of shadowing builtins in Python
The (possibly apocryphal) story of System V IPC's origins
2012-08-05: Reasoning backwards (a story about what can happen to SATA disks)
2012-08-04: Oracle, ZFS, and Linux (and Solaris)
2012-08-03: What makes an operating system attractive
2012-08-02: Can Oracle make ZFS much more attractive?
2012-07-31: Would GPL'ing ZFS have worked or been a good idea?
Ruminations on the future of ZFS
2012-07-30: IPv6 is going to be a fruitful source of configuration mistakes
2012-07-29: The periodic strangeness of idiomatic Python
2012-07-28: The ecological niches of current open source Unixes
2012-07-27: What 32-bit x86 Linux's odd 896 MB kernel memory boundary is about
2012-07-25: The kernel memory addressing problem
My dislike for what I call 'perverse Test Driven Development'
2012-07-24: Unicode's two new problems
2012-07-22: The history of booting Linux with software RAID
A sleazy trick to capture debugging output from an initramfs
2012-07-20: Ubuntu 12.04 can't reliably boot with software RAID (and why)
The temptation of selective sender address verification
2012-07-19: Unicode code points and abstract characters
2012-07-18: Strings in Python 2 and Python 3
2012-07-16: Getting an Ubuntu 12.04 machine to give you boot messages
My arrogance about Unicode and character encodings
2012-07-15: My general issue with Unicode in Python 3
2012-07-14: ZFS's problem with generic messages
2012-07-13: Why system administration certifications have worked so far
2012-07-12: Why formal sysadmin education isn't likely any time soon
2012-07-11: The extremely cynical take on DevOps
2012-07-10: A theory on why defaults for tunable parameters stay unchanged
2012-07-09: Why the defaults for tunable kernel parameters matter
2012-07-08: Why System V shared memory may normally be limited
2012-07-06: Why Exim has a single queue for all email
Exploring an ARP mystery: a little Linux surprise
2012-07-04: How to irritate sysadmins and give mailers heartburn with your MXes
2012-07-03: The secure web voting problem
The well behaved Unix program and job control signals
2012-07-01: Another cynical take on the nofollow tag
2012-06-30: What Linux distributions should do to help their Python 3 transitions
2012-06-29: The magnitude of the migration to Python 3, illustrated
More about my issues with DTrace's language
2012-06-28: Why I don't like implicit string interpolation
2012-06-27: One root of my problem with GNU Emacs
2012-06-26: A little gotcha with SSH connection sharing
2012-06-25: Why sophisticated line editing is not in the kernel
2012-06-24: My take on fancy editors for programming
2012-06-22: How the Linux kernel command line is processed (more or less)
The effects of DTrace's problems
2012-06-21: How I want to do redirects in Apache, especially in .htaccess files
2012-06-20: An update on comment spammer behavior here on WanderingThoughts (once again)
2012-06-19: How I'm doing AJAX with Django in my web app
2012-06-17: A realization about whether I can contribute to Python development
Why our server had its page allocation failure
2012-06-16: Decoding the Linux kernel's page allocation failure messages
2012-06-15: How the Linux kernel divides up your RAM
2012-06-13: Some tricky bits in in-browser form mangling and validation
Client side form validation can let people explore their options
2012-06-11: What bits of a form are useful to check on the client side
Choosing how slowly your mailer should time out email
2012-06-10: The anti-spam implications of email being multiple things in one
Modern email is actually multiple things in one system (mailer timeouts edition)
2012-06-09: Rethinking when your mailer sends 'not-yet-delivered' warning messages
2012-06-08: An (accessible) explanation of the Flame malware's Windows Update compromise
2012-06-07: My experience doing a Fedora 17 upgrade with yum: it worked fine
2012-06-06: A feature that Linux installers should have: restoring your backups
2012-06-04: Why the TTY line discipline exists in the kernel
2012-06-03: Another view of the merge versus rebase debate in version control
My view on Mercurial versus Git
2012-06-01: Some things that strike me about Linux and UEFI secure booting
The secure boot problem
2012-05-31: What OSes have succeeded or failed here
Thinking about why Solaris has failed here
2012-05-30: What it means for an OS to succeed or fail
2012-05-28: Yes, git add makes a difference (no matter what people think)
How to do a very cautious LVM storage migration
2012-05-27: Complications in spam filter stats in our environment
2012-05-25: How CSLab currently does server side email anti-spam stuff (version 2)
2012-05-24: Today's Mercurial command alias: a short form hg incoming
How we do milter-based spam rejection with Exim
2012-05-23: Some notes on using XFT fonts in TK 8.5
2012-05-22: Our pragmatic experiences with (ZFS) disk errors in our infrastructure
2012-05-21: More on CISC (well, x86) versus RISC
2012-05-20: The XFT font naming issue
2012-05-19: A semi-brief history and overview of X fonts and font rendering technology
2012-05-17: My Firefox memory bloat was mostly from All-in-One Gestures
The Go language's problem on 32-bit machines
2012-05-15: Some stuff on 'time since boot' timestamps
2012-05-14: My Firefox 12 extensions and addons
2012-05-13: My experiment with Firefox Nightly builds: a failure
A basic step in measuring and improving network performance
2012-05-12: The death of paging on the web
2012-05-10: All your servers should have Linux's magic SysRq enabled
2012-05-09: Using rsync to pull a directory tree to client machines
Things I will do differently in the next building power shutdown (part 2)
2012-05-07: Third party Linux kernel modules should build against non-running kernels
2012-05-06: Why I wound up using Django
Counting your syndication feed readers
2012-05-05: Look for your performance analysis tools now
2012-05-04: Explaining a piece of deep weirdness with Python's exec
2012-05-03: Python scopes and the CPython bytecode opcodes that they use
2012-05-01: Into the depths of a Python exec scope-handling bug
2012-04-30: Notes to myself about progressive JavaScript
2012-04-29: The Python language tutorial is a gem
My two approaches to learning (programming) languages
2012-04-28: ZFS and various sorts of read errors
2012-04-27: The case of the Twitter spam I don't understand
2012-04-26: When we replace disks in our ZFS fileserver environment
2012-04-25: Models of providing computing access in a university department
2012-04-24: Universities and their non-employees
2012-04-23: My perspective on the 'Bring Your Own Device' controversy
2012-04-22: I may be wrong about my simple answer being the right one
2012-04-21: Bash's superintelligent errors about exec failures
2012-04-20: Sometimes the simple answers are the right ones (a lesson from bash)
2012-04-19: An interesting experience with IP-based SMTP blocks
2012-04-18: Why you should never use file (or libmagic) to identify files
2012-04-17: ls -l should show the presence of Linux capabilities
2012-04-16: What you need for migrating web content
2012-04-15: My view on why CISC (well, x86) won over RISC in the end
2012-04-14: The wiki trap (that we've fallen into)
2012-04-12: Tanenbaum was wrong in the Tanenbaum-Torvalds debate
Hypervisors are not microkernels
2012-04-11: Faking (or not) a ternary if operator with && and ||
2012-04-10: Revisiting checksum functions
2012-04-09: Understanding hashing in Python
2012-04-08: My story of running scripts from the web
2012-04-06: Checksums and hashes
Why we haven't taken to DTrace
2012-04-05: Why I hate having /tmp as a tmpfs
2012-04-04: More on equality in Python (well, mostly Python 2.7)
2012-04-03: Python's two versions of equality, with a long digression on hash()
2012-04-02: The problem of ZFS pool and filesystem version numbers
2012-03-31: Our sysadmin environment
Why I no longer believe that you need Solaris if you want ZFS
2012-03-29: Scalable system management is based on principles
2012-03-28: How I (once) did change management with scripts
Ultimately, abuse issues have to be handled by humans
2012-03-26: Microkernels are quite attractive to academic computer science researchers
What it means to become another user on Unix
2012-03-25: Atom feeds and constrained (web) environments
Link: Getting Real About Distributed System Reliability
2012-03-24: Garbage collection and modern virtual memory systems
2012-03-23: Sometimes you get lucky
2012-03-22: The problems of operations and sysadmin heroism
2012-03-21: My view of where the Unix community is
2012-03-20: How I use objects in Python
2012-03-19: A modest suggestion: increase your text size
2012-03-18: The standard trajectory of a field
2012-03-16: Parsing versus rewriting: how to tell them apart
2012-03-15: Part of the cleverness of Unix permissions (a little thought)
2012-03-14: The right way to do wikitext transitions
Configuration management is not documentation, at least not of intentions
2012-03-12: Why it matters whether your software works when virtualized
Why ZFS log devices aren't likely to help us
2012-03-11: A CBL false positive reveals a significant issue with the CBL
2012-03-09: Why you do not want to patch your source code in place
2012-03-08: What I have to run for my custom environment on Fedora 16
2012-03-07: The hard part of custom environments on Fedora (or any Linux)
How not to use Apache's ProxyPass directive
2012-03-05: Web frameworks should be secure by default
Convenience in web frameworks is often insecure
2012-03-04: Some stuff on Python 2.7.x support periods
2012-03-03: Two ways I increase the security of SSH personal keys
2012-03-01: A trick for dealing with irregular multi-word lines in shell scripts
2012-02-29: SSDs and understanding your bottlenecks
The two sorts of display resolution improvements
2012-02-28: In place migration to Linux software RAID
2012-02-26: What information I want out of ZFS tools and libraries
How much spam is forged as being from who it's sent to?
2012-02-25: The (future) problem with Python 2.7
2012-02-24: Blogs and the problem of indexes
2012-02-22: How I can be wrong about the death of sysadmin jobs
2012-02-21: Using and understanding Python metaclasses (an index)
2012-02-20: Why I still have a custom-compiled Firefox
My view of where TCL went wrong
2012-02-18: The most popular sender domains for spam messages sent to here
The downside of automation versus the death of system administration
2012-02-16: Handling modern IPv6 in programming environments
2012-02-15: The temptation of LVM mirroring
A downside of automation
2012-02-13: The problem with long-term production support of things
2012-02-12: Some things about changing from old X fonts to modern TrueType fonts
Understanding FVWM States, with better FVWM code for selecting terminal windows
2012-02-11: How I select (terminal) windows from the keyboard in FVWM
2012-02-09: What supporting a production OS means for me
A general point about SSH personal keys
2012-02-08: Choosing the superblock format for Linux's software RAID
2012-02-06: The advantage of HDMI for dual displays
2012-02-05: My view on what will kill 'traditional' system administration
Link: Filenames.WTF
What five years of PC technology changed for me
2012-02-03: Understanding a subtle Twitter feature
Understanding Resident Set Size and the RSS problem on modern Unixes
2012-02-01: A ZFS pool scrub wish: suspending scrubs
2012-01-31: The solution to the modern X font handling mystery
Where is Oracle going with Solaris?
2012-01-30: HTML is not a SGML dialect and never really has been
2012-01-29: Dealing with Fitts' Law on widescreen displays
Thinking about spam rejection and abuse addresses
2012-01-28: How I use FvwmIconMan
2012-01-27: Why metaclasses work in Python
2012-01-26: The drawback of modern X font handling gets mysterious
2012-01-25: The death of system administration: I'm all for it
2012-01-24: Why I use exec in my shell scripts
2012-01-23: Every so often, I solve a problem with a hammer
2012-01-22: My view of the purpose of object orientation
2012-01-21: The C juggernaut illustrated
2012-01-20: Another Russ Cox regexp article: How Google Code Search Worked
2012-01-19: How not to do repeated fields in web forms
Let's make it official: Solaris 11 is closed source
2012-01-18: SOPA and PIPA matter for everyone
2012-01-17: The first browser blinks on XHTML parsing
2012-01-16: Understanding isinstance() on Python classes
What you can find out about the memory usage of your Linux programs
2012-01-15: Understanding the basic shape of Unix virtual memory management
2012-01-14: What do we mean when we talk about something's memory usage?
2012-01-13: Notes on what Linux's /proc/<pid>/smaps fields mean
2012-01-11: A Yum plugin I would like: using a local DVD as a repo source
How to use systemd to just run some stuff on boot
2012-01-10: An insight on the purpose of comments: volume control
2012-01-09: What my physical desk is like
2012-01-08: The latest annoyance with Google Groups
2012-01-07: Why you might want multiple keys for disk encryption
2012-01-05: Nailing down RPM epoch numbers
Disk encryption, backups, and your threat model
2012-01-03: How to lose your data with full disk encryption the easy way
The drawback of full disk encryption
2012-01-02: An example sort that needs a comparison function
2011-12-31: Why CA-based SSL is not likely to be replaced any time soon
My thoughts on the mockist versus classicalist testing approaches
2011-12-30: Why I don't like Python 3 dropping the comparison function for sorting
2011-12-29: An empirical exploration of whether spammers take Christmas off
2011-12-28: Blog entries should have visible dates (usually)
2011-12-27: Python 3 from the perspective of someone writing new Python code
2011-12-26: Labs versus offices for sysadmins (or at least us)
More wiring for sysadmins: sysadmins and gigabit networking
2011-12-25: Why office switches plus VLANs aren't the answer for sysadmins
2011-12-24: Wiring offices for sysadmins
2011-12-23: Disk space in the modern world
2011-12-21: Python 3 from the perspective of someone with existing Python code
2011-12-20: SSH, man in the middle attacks, and public key authentication
A little script: nssh
2011-12-19: An advance fee fraud spam aphorism
2011-12-18: Understanding the close() and EINTR situation
2011-12-17: Python 3 from the perspective of a Unix sysadmin
2011-12-16: Avoiding the classic C quoting bug in your language
2011-12-14: Practical issues with REST's use of the Accept header
What makes backups real
Shell functions versus shell scripts
2011-12-13: I'm on Twitter now
DWiki's code is now on Github (among other things)
2011-12-12: How not to improve your package updater application
What debugging info I want from things like SMF and systemd
2011-12-11: head versus sed
2011-12-10: ZFS pool activation and iSCSI (part II)
2011-12-09: A quiet advantage of the systemd approach to service management
2011-12-08: Another reason sysadmins should program
2011-12-07: Understanding the Solaris iSCSI initiator (a bit)
2011-12-06: What I know about boot time ZFS pool activation (part I)
2011-12-05: Debuggers and two sorts of bugs
2011-12-04: The current state of GPT, EFI, and Linux
2011-12-03: Why I have comments here
Link: Russ Cox's articles on regular expressions
2011-12-02: The many ways PCs can dual boot multiple OSes
2011-11-30: On how PCs boot and hard disk partitioning
My mouse button bindings in fvwm, my window manager
2011-11-29: The alternate screen terminal emulator plague
2011-11-28: The login name problem
2011-11-27: Why processing things in inode order is a good idea
2011-11-26: About the order that readdir() returns entries in
2011-11-25: Python instance dictionaries, attribute names, and memory use
2011-11-24: About SATA port multipliers
2011-11-23: The many names of Linux SATA devices
2011-11-21: A cheap caching trick with a preforking server in Python
Mouse scroll wheels versus buttons that you actually want to use
The likely cause of my IPSec dropped packet mystery
2011-11-20: Google Groups fails both anti-spam and basic mailing list management
2011-11-19: My Liferea crashes are not Liferea's fault
2011-11-17: The drawback of modern X font handling
A classic and standard C quoting bug
2011-11-16: Solaris is not an enterprise operating system
2011-11-15: A scroll wheel experiment
2011-11-13: Thinking about how to test our UPSes
A confession about our ZFS configuration
2011-11-12: (Not) parsing wikitext
2011-11-11: My view of the right way to copy lists in Python
2011-11-10: Praise for systemd
2011-11-09: The disappearance of separate filesystems for /usr and /var
2011-11-08: Files and fundamental filesystem activities (on Unix)
2011-11-07: An IPSec mystery with dropped packets
2011-11-06: Ubuntu does system disk mirroring right
2011-11-05: Understanding Apache's Allow, Deny, and Order directives
2011-11-04: More on my Firefox 7 extensions
2011-11-03: My Firefox 7 extensions
2011-11-02: Attention marketers: blog comments are not email
2011-10-31: Why 'quiet' options to programs aren't as useful as you think
Deduplication is always going to be expensive
2011-10-30: Why we have a VPN
2011-10-29: Why ZFS dedup is not something we can use
2011-10-28: ZFS features that could entice us to upgrade Solaris versions
2011-10-27: A Wikitext formatting mistake that I made here
2011-10-26: How to fail at useful cryptography: bad error messages
2011-10-25: A reason not to automate: policy flexibility
2011-10-24: Salting passwords compared to slow password hashing
2011-10-23: Boiling frogs and PC performance
2011-10-22: Fedora 15 versus me
2011-10-21: How I'm capturing only the last portion of standard error
2011-10-20: The kind of computer usage I think Gnome 3 is targeting
2011-10-19: Defending Berkeley's forced choice in network device naming
2011-10-18: The Ethernet device naming mistake (or one part of it)
2011-10-17: What I want out of stable device names
2011-10-15: Why I say Fedora 15 could get my machine's Ethernet's name right
The problem with Fedora 15's consistent network device naming
2011-10-14: Power consumption numbers for my 2011 home machine
2011-10-13: The problem with event loops
2011-10-12: The true cost of sysadmin time (actually, of anyone's time)
2011-10-11: Why people are attracted to minimal language cores
2011-10-10: Arranging scopes for for loops
2011-10-09: My view of the state of graphics cards for Linux (in fall 2011)
2011-10-08: My new Linux machine for fall 2011 (planned)
2011-10-07: Python's philosophy of what closures close over
2011-10-06: Thinking about event loops versus threads
2011-10-05: Understanding the motivations of mail service vendors
2011-10-03: On CPython, cell objects, and closures
My idea of how a modern mailing service should work
2011-10-02: Another comment spam precaution that no longer works out
2011-10-01: Understanding a tricky bit of Python generators
2011-09-30: Some thoughts from a close view of catastrophe
Unit testing by analogy to scientific hypotheses
2011-09-28: A multilevel view of DevOps (with more balance)
Oracle shows its appreciation for long-term Sun customers again
2011-09-26: DevOps and the blame problem: an outsider's view
2011-09-25: How we handle iSCSI device names in Solaris
Danger signs for mail senders in SMTP conversations
2011-09-24: Some recent Google spam problems
2011-09-23: Python's attribute lookup order
2011-09-22: An operational explanation of Python types
2011-09-21: I've surrendered on utm_* query parameters in URLs
2011-09-20: Why I still comment out code even with a VCS
2011-09-19: An operational explanation of Python metaclasses (part 4)
2011-09-18: An operational explanation of Python metaclasses (part 3)
2011-09-17: An operational explanation of Python metaclasses (part 2)
2011-09-16: Setting the character encoding for HTML form input
2011-09-15: How your Linux installer should help you set up filesystems
2011-09-14: Graphs are not enough (for your monitoring system)
2011-09-13: 'Web of trust' is a security failure
2011-09-12: An operational explanation of Python metaclasses (part 1)
2011-09-11: The weakness of the certificate authority model, illustrated
2011-09-09: You really want to put your switches in server racks
Things that could happen to your archives
2011-09-08: Archival storage in the modern world
2011-09-06: How not to set up your DNS (part 21)
2011-09-05: The real reason why true asynchronous file IO is hard
2011-09-04: Why true asynchronous file IO is hard, at least for reads
How some Unixes did shared libraries in the old days
2011-09-03: The core of modern Unix shared libraries
2011-09-01: Things I will do differently in the next building power shutdown
2011-08-31: An interesting debugging experience (another tale from long ago)
Who is the audience for a trouble ticket update?
2011-08-29: Devirtualization
Designing services for disengagement
2011-08-28: The problem with busy sysadmins
2011-08-26: Why we don't use a trouble ticketing system
The problem for WSGI middleware
2011-08-25: Trouble ticketing systems and the future
2011-08-24: Why we have a problem with Oracle's Solaris support pricing
2011-08-23: Reading the tea leaves about Oracle, Solaris, and universities
2011-08-22: V8's neat encoding trick for type tracking
2011-08-21: The conflict between caching and tracking on the web
2011-08-20: Why browsers can't really change or validate Last-Modified
2011-08-19: Visibility: an advantage of automation
2011-08-18: You should always use super()
2011-08-17: MH is an iceberg
2011-08-16: An interesting way to shoot yourself in the foot and a limitation of super()
2011-08-15: A bit about what life was like on Unix before shared libraries
2011-08-14: The tragedy of MH
2011-08-12: A Gnome 3 shell extensions failure
One reason we install machines from checklists instead of via automation
2011-08-11: Friendly 'noreply' email addresses
2011-08-10: The 'key plus authenticator' pattern in web apps
2011-08-08: You need to hash web app session IDs
An incomplete list of the ways around MAC address blocking
2011-08-07: What I want out a Symbol type in Python
2011-08-06: Gnome 3: I'm out
2011-08-05: Why sysadmins don't just notify users about compromised machines
2011-08-04: On banning MAC addresses
2011-08-03: How I encode and decode the milter protocol (or, how to write a codec for a sane binary protocol)
2011-08-02: How to make yourself look bad: broken bounce addresses
2011-07-31: Reference counting and multiple inheritance in (C)Python
One of my testing little dirty secrets
2011-07-29: Deciding the meaning of 'disabling' an account (and the value of procedures)
2011-07-28: A directory service doesn't make it easy to disable user accounts
Another reason why version control systems should support history rewriting
2011-07-27: Why not YP, er, NIS
2011-07-26: Disabling an account can be kind of complex
2011-07-25: The risks of using CentOS are split
A little thing that irritates me about common WSGI implementations
2011-07-24: On documenting (or not documenting) binary protocols
2011-07-23: What good secure string expansion on Unix should look like
2011-07-22: String expansion and securely running programs on Unix
2011-07-20: Why I would like my mailer to have a real programming language (part 2)
Our ZFS spares handling system (part 3)
2011-07-18: Thinking about when SQL normalization can improve performance
My view on ORMs
2011-07-17: Another reason to reject spam at SMTP time: as a signal
2011-07-15: Ubuntu, illustrating how to utterly fail at kernel security updates
Something to remember: HTML forms are anonymous
2011-07-14: Ramblings on handling optional arguments in Python
2011-07-12: Why I'm going to be skipping Fedora 15
Some thoughts on creating simple and sane binary protocols
2011-07-11: mxiostat: second generation better Linux disk IO statistics
Some things to think about when doing polymorphic WSGI
2011-07-10: Exploiting polymorphic WSGI again to create cat
2011-07-08: My view on iSCSI performance troubleshooting
2011-07-07: An interesting gotcha with Exim and .forward processing
How Exim makes traditional .forward semantics work
2011-07-06: Our solution to the spam forwarding problem
2011-07-05: Another reason to allow mail origin address forgery
2011-07-04: Our ZFS spares handling system (part 2)
2011-07-03: Why Ubuntu's PAM versioning failure matters
2011-07-02: Dear Googlebot: SMTP is not HTTP
2011-06-30: Some ways to test if a program securely runs other programs
Please have symmetric option negotiations in your protocols
2011-06-29: Our ZFS spares handling system (part 1)
2011-06-28: How to securely run programs from inside your program on Unix
2011-06-27: Formatting information output to make it easy to manage
2011-06-26: Design systems to be managed
2011-06-25: A small wish about parked and squatted domains
2011-06-23: Milter tools for Python and an experiment with coding in public
The ZFS opacity problem and its effect on manageability
2011-06-22: A basic Namespace metaclass for Python
Abusing Python classes as namespaces
2011-06-20: It's long since time for languages to provide sensible network IO
What I need for stream decoding and encoding binary protocols
2011-06-19: The Unix shell initialization problem and how shells should work
2011-06-18: My xdm heresy
2011-06-17: cgroups: so close and yet so far away from per-user fair scheduling
2011-06-16: My three sorts of (Linux) desktops
2011-06-15: The persistence of spammers, illustrated
2011-06-14: A package dependency failure in Fedora 15
2011-06-13: An example of the evolution of a real network
2011-06-12: Noting some wandering thoughts on the occasion of an anniversary
Why [], {}, and () are cheap in Python
2011-06-11: Some notes on __slots__ and class hierarchies
2011-06-10: What __slots__ are good for (or, how to use slots to save memory)
2011-06-09: My issues with Chrome's handling of extensions
More impressions of Google Chrome
2011-06-08: OpenBSD pf rule numbers and tcpdump filtering
2011-06-07: Databases as a compromise damage limiter in web applications
2011-06-06: How much space a Python dictionary entry uses
2011-06-05: A subtle difference between tuples and lists in CPython
2011-06-04: Sometimes having a system programmer around is the right answer
2011-06-03: Ints, __slots__, and Python 3
2011-06-02: My understanding of SQL normalization
2011-05-31: The programmer's problem with WikiText systems
How to fail at versioning
2011-05-30: My recent experience with Firefox's speed
2011-05-29: Getting the stages of the class namespace straight
2011-05-28: The stickyness of Fedora 8 (despite my better intentions)
2011-05-26: You can get 'stale filehandle' errors for local files on extN filesystems
2011-05-25: More not supporting random query parameters in URLs
How Django's form field ordering works
2011-05-24: Proper SQL database design versus the real world
2011-05-23: An aside on RAID-5/RAID-6 and disk failures
2011-05-22: Why losing part of a striped RAID is fatal even on smart filesystems
2011-05-21: One of my irritations: outgoing email that was scored as spam
2011-05-20: Why the kernel does mmap() (beyond efficiency)
2011-05-19: One limitation of simple bisection searches in version control systems
2011-05-18: Why open source projects should use 'git rebase' or the equivalent
2011-05-17: What we could use 10G Ethernet for in the near future
2011-05-16: How our network is implemented (as of May 2011)
2011-05-15: The most interesting reason for an unrouted sandbox network
2011-05-14: Our environment illustrated: what network cable colours mean what
2011-05-13: Our network layout (as of May 2011)
2011-05-11: How ZFS lets you recover from damaged metadata, and what the limitations are
2011-05-10: An important way to get ZFS metadata corruption
A brief summary of how ZFS updates (top-level) metadata
The different ways that you can lose a ZFS pool
2011-05-09: X and the misleading claim of 'mechanisms not policy'
2011-05-08: Fvwm as a window manager construction kit
2011-05-07: Email has two faces today
2011-05-06: A realization about cache entry lifetime and validation
2011-05-05: Thinking about when not disabling iSCSI's InitialR2T matters
2011-05-04: Why xterm's cut and paste model is non-standard and limited
2011-05-03: The importance of xterm for X Windows
2011-05-02: The apparent origins of some odd limitations in the iSCSI protocol
2011-04-30: Our likely iSCSI parameter tuning
2011-04-29: Understanding the iSCSI protocol for performance tuning
2011-04-28: How CPython implements __slots__ (part 2): access
2011-04-27: Mail rejection stats for our external mail gateway
Some notes on what __dictoffset__ on types means in CPython
2011-04-26: A quick look at some spam filtering stats from our system
2011-04-25: An important note about multi-line log message formats
2011-04-24: Notes to myself on the priorities of Linux routing policy rules
2011-04-23: The Upstart dependency problem
2011-04-21: Nailing down new-style classes and types in Python
How CPython implements __slots__ (part 1): storage
2011-04-19: Another reason to avoid using __slots__ in your Python classes
A difference between Python 'structs' and C structs
2011-04-18: What made X Windows so special
2011-04-17: The ultimate (for now) answer for our ZFS ARC size problem
2011-04-16: Cache validators versus cache invalidation
2011-04-15: Why a dynamic website with caching is simpler than a baked site
2011-04-14: More on baking websites to static files and speed
2011-04-13: Some common caching techniques for dynamic websites
2011-04-11: You don't need to bake your site to static files to be fast
The importance of test suites for standards
2011-04-10: The evolution of the git tree format
2011-04-08: An example of modifying a Firefox extension
2011-04-07: Why I don't like Solaris boot archives, illustrated
2011-04-06: Monkey subclassing for fun and profit
2011-04-05: The story of leaving N% of your filesystem unused for performance
2011-04-04: Why logging to syslog is different than logging to standard error
Logs are not just streams
2011-04-03: Please don't alert based on percentages
2011-04-02: How to use gdb to call getpeername()
2011-03-31: A slightly unobvious trap with 'from module import *'
A really annoying gap in system observability
2011-03-30: A realization about code complexity and clarity
2011-03-28: Why you should avoid 'from module import whatever'
The problem with contributing documentation to projects
2011-03-27: Some thinking on proliferating web standards
2011-03-26: How not to issue Linux kernel security update notices
2011-03-25: Sending email via a SMTP connection considered harmful
2011-03-24: XHTML and web authoring folklore
2011-03-22: How to add and use additional fields on Django model formsets
Some notes on doing things with Django model formsets
2011-03-21: Why XHTML was doomed from the beginning
2011-03-20: The devil's advocate argument against paying attention to web standards
2011-03-19: The two sides of (PPPoE) DSL service
2011-03-18: How to configure a (PPPoE) DSL connection on a normal Fedora 14 Gnome desktop
2011-03-17: The timing of production Linux deployments
2011-03-16: Thinking about our alternatives to Solaris
2011-03-15: Our uncertain future with Solaris 11
2011-03-14: Why growing IPv6 usage is going to be fun, especially for sysadmins
2011-03-13: Why programs traditionally used spares files on Unix
2011-03-12: Trust betrayed: a story of modern email
2011-03-11: What tools I use to deal with email
2011-03-10: What we did to get iSCSI multipathing working on Solaris 10 update 8
2011-03-09: Why feed readers have been a geek flash in the pan
2011-03-08: My personal hard drive capacity curve inflection point
2011-03-07: What terminal emulators I use when
2011-03-06: A fun Linux kernel pty problem, or maybe it's not a problem
2011-03-05: FastCGI's encoding mistakes and how not to design a wire protocol
2011-03-04: Why I call FastCGI complex and SCGI much simpler
2011-03-02: The POSIX shell and the three sorts of Unixes
Filtering, email, and differences from Usenet
2011-02-28: The evolution of filtering (a story from the Usenet era)
The slowdown of Solaris here
2011-02-27: Django's forms are security-smart the way you want them to be
2011-02-26: A belated realization about web spiders and your page cache
2011-02-25: Why I am not enthused about ZFS for my root filesystem
2011-02-23: Handling variations of a page (or, the revenge of REST)
A quick tour of my desktop
2011-02-22: Why I want read-only form fields in Django
2011-02-21: How to get automatic volume management on Fedora 14 without Gnome
2011-02-20: What windows I use window titlebars on
2011-02-19: My view on window titlebars and when they are good and bad
2011-02-18: Another building block of my environment: xrun
2011-02-17: My latest crazy plan to upgrade my home Linux machine
2011-02-16: The myth of isolated, independent sysadmins
2011-02-15: More on an advantage of the blog approach to web writing
2011-02-14: Thinking about misunderstandings (in systems)
2011-02-13: A humbling experience with '#' characters in filenames
2011-02-12: An advantage of the blog approach to web writing versus the wiki approach
2011-02-11: The letdown
2011-02-10: Using Django forms with HTTP GETs
2011-02-09: On flow (a digression)
2011-02-08: Thinking realistically about SQL database field sizes
2011-02-07: My brute force email archive
2011-02-06: Dear Unix mailers: please allow more forgery
2011-02-05: A side note on Google Chrome and the future of HTML
2011-02-04: Why people put NFS mounts in subdirectories
2011-02-03: The real lesson of XHTML
2011-02-02: Django and primary keys versus surrogate keys
My issues with primary keys are not Django specific
2011-01-31: There are two sorts of standards in the world
A little advantage of Django's automatic primary keys
2011-01-30: An obvious realization about SQL foreign keys
2011-01-29: Two things I have discovered about Django schema design
The amusement of minimalist spam
2011-01-28: On programming (and me)
2011-01-27: Not very much about Solaris NFS filehandles
2011-01-26: The various ways of writing a modern Python web app
2011-01-25: The modern Python web application stack (as I understand it)
2011-01-24: Poison pills, a tale of interrupts versus highly structured systems
2011-01-23: The question of how long our greylisting interval should be
2011-01-22: The clash between wikis and blogging
2011-01-21: A bit more on listing file locks on Solaris 10
2011-01-20: Something I've worked out about Django's admin interface
2011-01-18: What I am trying to do with Django
2011-01-17: Wrestling with how to design a schema for a Django app
2011-01-16: More on Linux FHS and /var
Why I don't use either a thin client or a fat client
2011-01-15: Linux's FHS is not the right answer for where to put data directories
2011-01-14: Wikis are not a simple solution for blogging
2011-01-13: One of SELinux's problems is that it's a backup mechanism
2011-01-11: My problem with SELinux
The optimistic view of SELinux's real purpose
2011-01-10: Why really high computer security is not interesting to most people
2011-01-09: What would be nice for SSL is out-of-band certificate binding
2011-01-08: Finding out if you've been hit by careful, clever spammers
2011-01-07: More modest suggestions for bug trackers
2011-01-06: An appreciation for the Posix $( ) command substitution syntax
2011-01-05: An actual use for the CSS overflow property
2011-01-04: A new building block of my environment: dmenu
2011-01-03: On improved but less functional versions of things
2011-01-02: Why there is a gulf between shells and scripting languages
2010-12-31: The only way to really be secure with SSL
One group that can sensibly use non-GPL'd Linux kernel modules
2010-12-30: Why you need select() even with communication channels
2010-12-29: Spam as a tax on public participation in open source projects
2010-12-28: A modest proposal for fixing your bug tracker
2010-12-27: Users don't care about security
2010-12-26: A lesson for myself: write tests. Really.
2010-12-25: Garbage-collected languages and memory allocation failures
2010-12-24: The jurisdiction problem with making SSL CAs liable for things
2010-12-23: More on the Unix interpreter startup problem
2010-12-22: The Unix interpreter problem(s)
2010-12-21: Why I want tests to be easy to write
2010-12-20: I don't understand how to test complex data structures
2010-12-19: A tale of memory allocation failure
2010-12-17: A Python (non-)idiom that I should really avoid
Sometimes bugs have very small edit distances
2010-12-16: The elements of a non-event
2010-12-15: Always remember that people make mistakes
2010-12-13: Fumbling towards understanding how to use DRBD
A program that I want to write: a 'sink' SMTP server
2010-12-12: One problem with the files-in-directory approach to configuration
2010-12-11: The danger of having system programmers around, illustrated
2010-12-10: How to get sysadmins to never use your software again
2010-12-09: A small request for C programmers: no static locals
2010-12-08: Exploring a limitation of the DTrace fbt provider (on x86)
2010-12-07: More on https as a necessary mistake
2010-12-06: What performance anomalies mean
2010-12-05: A log message format mistake that I've made
2010-12-03: Asking users questions never increases security
Why https was a mistake, but an inevitable one
2010-12-02: My view of OpenSolaris and Illumos
2010-11-30: A modest idea on how to get people to use Fedora Rawhide
2010-11-29: Why low quality encryption is not better than no encryption
Why 10G Ethernet is not a near-term issue for us
2010-11-28: Why I am harsh on Solaris Live Upgrade and similar tools
2010-11-27: Why I'm not really interested in Solaris's Live Upgrade stuff
2010-11-26: My view on Wayland replacing X in Linux
2010-11-25: An example of the progress of the modern web
2010-11-24: My oddly inconsistent caution (or paranoia) with email addresses
2010-11-22: Where to find the Illumos source repository
2010-11-21: Why I think some coding tricks are especially damaging
2010-11-20: Why I avoid DSA when I have a choice
More on those Python import oddities
2010-11-18: My current Apache SSL cipher settings
Thinking about how long our infrastructure will last
2010-11-16: When good ideas go bad: how not to do a file chooser dialog
2010-11-15: The language dilemma for production software
2010-11-14: Four reasons to have a firewall
The ordering of SSL chain certificates
2010-11-13: How os.path exposes some Python import weirdness
2010-11-11: The changing assumptions about viruses in email
Some yum tricks with distro-sync and --releasever
2010-11-09: Directory link counts and a find trick
2010-11-08: A find optimization and a piece of history, all in one
When Linux's rp_filter might make sense
2010-11-07: When you should care about security
2010-11-06: Modern versions of Apache and Redirect
2010-11-05: GNU sort and -k: a gotcha
2010-11-04: What we (currently) use virtualization for
2010-11-03: One reason that I call us a midsized environment
2010-11-01: Redirecting from HTTP to HTTPS is a bad security idea
2010-10-31: How I run two Firefoxes at once and still have remote control
How I set up my isolated testing Firefox environment
2010-10-30: A very convenient trick: having a testing browser
2010-10-29: What problems the Maildir mail storage format solves
2010-10-27: An extra problem with not documenting things in open source modules
A modern VCS mistake enabled by working on live trees
2010-10-26: Why Python's struct module isn't great for handling binary protocols
2010-10-24: Why we built our own ZFS spares handling system
Why I'm interested in Go
2010-10-23: My issues with Go's net package
2010-10-22: My theory on Unix's one chance to have a standard GUI
2010-10-21: The problems with testing for round-trip capable codecs
2010-10-20: Round-trip capable character encodings in Python
2010-10-18: A module that I want in the standard library: Parsing
The cache eviction death spiral
2010-10-17: Read IO is generally synchronous (unlike write IO)
2010-10-16: The attraction of the milter protocol
2010-10-15: How big our fileserver environment is (part 2)
2010-10-13: How big our fileserver environment is (part 1)
Why visited links being visible is important for blog usability
2010-10-12: Why non-linear directories have not been popular in filesystems
2010-10-11: The Unix directory problem and the history of directories
2010-10-10: Fixing Upstart's coupling of startup script presence and activation
2010-10-09: An illustration of how careful and clever spammers are today
2010-10-08: Why I am unhappy with Upstart right now
2010-10-07: In universities, you often buy hardware when you can
2010-10-06: What is going on with Samba's POSIX locking on NFS on Linux
2010-10-05: Why people combine NFS with Samba servers
2010-10-04: Linux, Samba, NFS, and POSIX locking
2010-10-03: An API mistake Unix has made several times
2010-10-02: ZFS resilvers are a whole-pool activity
2010-09-30: Stopping kernel updates on Ubuntu
A lot of my bugs are conceptual oversights
2010-09-29: A surprise about random IO versus unnecessary IO
2010-09-27: Why there is no POSIX standard for a Unix GUI
Why Grub2 doesn't solve my Ubuntu kernel problem
2010-09-26: The problems with OpenSolaris
2010-09-25: How Usenet used to be a filesystem stress test
2010-09-24: Frames were never necessary for menus and tables of contents
2010-09-23: Why things should be in Python's standard library
2010-09-22: The mysteries of video cards for Linux
2010-09-20: Dear Solaris boot sequence: SHUT UP
2010-09-19: Your on the fly control system should not use toggles
Some notes on (dynamic) Bind 9 logging
2010-09-18: Another reason why I don't like Ubuntu kernel packaging
2010-09-17: More on the module selection problem
2010-09-15: Why I like modules to be in the Python standard library
An overview of the Debian and RPM source package formats
2010-09-14: A confession: I find third party modules awkward in Python
2010-09-13: Why you want a recursive-forwarding caching nameserver
2010-09-12: Keyword expansion: why RCS rewrites files when you commit them
One aspect of getting used to modern version control
2010-09-11: A simple thing that every package management system should have
2010-09-10: Go's network package and IPv6 (and my ideal version thereof)
2010-09-09: Go, IPv6, and single binding machines
2010-09-07: My new view of DomainKeys
2010-09-06: Sorting out DomainKeys and understanding its limits
2010-09-05: An observation from changing my password
A plan to deal with my feed reader problem
2010-09-04: The laziness of a programmer, illustrated
2010-09-03: Finally understanding the attraction of AJAX
2010-09-02: Why Python's global is necessary
2010-08-31: I don't understand how net.ipv4.conf.*.rp_filter can work
2010-08-30: My avoidance of Python global variables
2010-08-29: A Bourne shell irritation: no wildcard matching operator
How many uberblock copies ZFS writes on transaction group commits
2010-08-28: The different between an SMTP proxy and a SMTP relay
2010-08-27: My impressions of Google Chrome so far
2010-08-25: A Windows moment on my laptop
The limitation of templates for web design changes
2010-08-24: A design mistake in my comments form
2010-08-23: Why I hate the Solaris 10 version of /bin/sh
My (probably wrong) assumption about Flash on Fedora
2010-08-22: Another reason to hate $LANG and locales on Unix
2010-08-21: A sudden realization about Unix access time updates and disk mirrors
2010-08-20: A clever blog anti-usability trick
2010-08-19: Getting Flash to work on my upgraded 64-bit Fedora 13 machine
2010-08-18: Please, no automatic scrolling to the next item
2010-08-17: The two sorts of Referer spam that I see
2010-08-16: What OpenSolaris's death probably means for us
2010-08-15: Why I change font sizes
2010-08-14: What I want in a caching nameserver
2010-08-13: PPP over ssh: solving problems with indirection
2010-08-12: Many programs should provide an easy way to change font size
2010-08-11: You should have a way to purge history
2010-08-10: Upgrading to Fedora 13 with my first yum upgrade
2010-08-08: The joy of debugging other people's programs
A personal view of the Fedora versus Ubuntu issue
2010-08-07: Why buying a Linux machine is not such a simple thing
2010-08-06: A thing I miss in the modern X world: command line arguments
2010-08-05: Doing unsigned 32-bit integer math in Python
2010-08-04: Good Solaris news from Oracle for once
2010-08-02: How OpenBSD's pf source-hash maps internal IPs to NAT pool IPs
2010-08-01: The consequence of Oracle's Solaris decisions
2010-07-31: The other peculiar effects of grant funding at universities
It's the indirect failure modes that will get you
2010-07-30: A little modern Unix twitch
2010-07-29: Some brief notes on OpenSSH's known_hosts hashing
2010-07-28: My Fedora 8 problem: upgrading
2010-07-27: What I would now do differently in a file based blog engine
2010-07-25: Why sysadmins almost never replace distribution packages
iSCSI versus NFS
2010-07-24: Thinking about the implications of your program being successful
2010-07-23: A realization about why my inbox keeps being my to-do tracker
2010-07-22: Why keeping /etc under version control doesn't entirely help
2010-07-21: The easy way to do fast OS upgrades
2010-07-20: The sysadmin view of messages from programs
2010-07-19: Why blog calendar widgets are bad
2010-07-18: How I solve the configure memory problem
2010-07-17: More building blocks of my environment: tkrxterm, tkssh, and pyhosts
2010-07-16: Realistic blog usability
2010-07-14: Making the Linux kernel shut up about segfaulting user programs
The challenges of shared spares in RAID arrays
2010-07-13: Sun Support's habit of publicizing private bug reports
Single-level list flattening in Python
2010-07-12: On (not) logging calculated statistics
2010-07-11: When is using SQL the right answer?
2010-07-10: People forget exceptions
2010-07-08: Unix programs should avoid exiting non-zero for clever reasons
2010-07-07: A gotcha with the Bourne shell's set -e and &&
2010-07-06: How zpool status reports on ZFS scrubs and resilvers
ZFS scrubs and resilvers are not sequential IO
2010-07-05: A thesis: noisy email addresses are dead
2010-07-03: /u, one of our long-standing Unix customizations
Returning to the era of 'duplicated' Ethernet addresses
2010-07-02: A gotcha with Python's socket.htonl() and ntohl()
A corollary to the limits of anti-spam precautions
2010-06-30: An update on comment spammer behavior here on WanderingThoughts
2010-06-29: Converting between IPv4 addresses and 32-bit integers in Python
There is such a thing as too much SQL (a reminder to myself)
2010-06-28: The great irritation of hidden access controls
2010-06-27: How we propagate password information in our fileserver infrastructure
2010-06-26: The Unix system UID and login name problem
2010-06-25: Python class definitions can be nested
2010-06-24: The elements of fileserver infrastructure
2010-06-23: The advantages of separate machines for separate things
2010-06-22: Why feed readers are not good for skimming things
2010-06-21: Applying low distraction design to alerting systems
2010-06-20: How my mail notifier avoids interrupting me
2010-06-19: Don't make your 'I am processing' animation too complex
2010-06-18: ZFS and multi-pool shared spares
2010-06-17: One reason why I prefer browser windows to browser tabs
2010-06-16: The problem of testing firewall rules changes
2010-06-14: The practicalities of non-GPL'd Linux kernel modules
A thought on feed readers versus the social web
2010-06-13: A (surprising) missing Unix tool program
2010-06-12: iSCSI Enterprise Target 1.4.20.1 and disk write caches (and ZFS)
2010-06-11: What I know about ZFS and disk write caches
2010-06-10: What an iSCSI Enterprise Target kernel message really means
2010-06-09: The challenge of analyzing NFS packet traces
2010-06-08: Focusing on what you actually need in a program
2010-06-07: One problem with testing system changes
2010-06-06: The quiet death of postmaster@anywhere
2010-06-04: How to set up your module exceptions to be useful
How disk write caches can corrupt filesystem metadata
2010-06-02: A ZFS feature wish: rewriting read errors
2010-06-01: My sad little irritation with Twitter
2010-05-31: Another building block of my environment: sshterm
2010-05-30: The end of university-provided email is probably nigh
2010-05-29: UPSes: defense against problems, or sources of them?
Some comments on spam scoring and anti-spam tools in general
2010-05-28: Why I am really unhappy with ZFS right now: a ZFS import failure
2010-05-27: One benefit of relying on third-party (anti-)spam filtering
2010-05-25: Watch out for quietly degrading SATA disks
2010-05-24: Give your personal scripts good error messages
2010-05-23: Replacing modules for testing (and fun)
2010-05-22: How I fixed Google's search results redesign
Why I'm wrong about what sort of APIs C's stdargs allows
2010-05-21: An example of an API that you can't do with C stdargs
2010-05-20: The limitations of C's varargs support
2010-05-19: Why RPM's .rpmnew files don't work in practice
2010-05-18: An illustrated example of how not to do package updates
2010-05-16: You should also document why you didn't do attractive things
A theory about our jumbo frame switch firmware bug
2010-05-15: Why we don't use jumbo frames for iSCSI: a cautionary tale on testing
2010-05-14: A sysadmin mistake: shooting your virtual foot off
2010-05-13: Python exceptions for C programmers
2010-05-12: 'Borrowing' IPv4 netblocks to get around address space exhaustion
2010-05-11: Retrospectives are uncommon
2010-05-10: A little vi twitch
2010-05-09: Why diskless Unix machines lost out
2010-05-08: SSL certificate vendors are selling a commodity
2010-05-06: Oracle's future for Sun's hardware and OS business is now clear
The right way and the wrong way to disable init.d services
2010-05-05: The right way to fix ZFS disk glitches (at least for us)
2010-05-04: Dear software packagers, startup scripts edition
2010-05-03: Keeping track of filesystem consistency
2010-05-02: A brief history of fsck
2010-04-30: A rule of thumb: Automate where you can make mistakes
Never kill the screen locker
2010-04-29: How you access an object can be important in Python
2010-04-28: Altering a Python function's local variables with a trace function
2010-04-27: Evolving our mail system step 1: adding an external mail gateway
2010-04-26: How we moved from a black-box mailer configuration to a white-box one
2010-04-25: An observation about Twitter (and Google)
2010-04-24: Evolving our mail system: the overview and our goals
2010-04-23: What per-partition disk IO stats you get from the Linux kernel
2010-04-22: The latest Solaris licensing and support rumbles
2010-04-21: The advantage of garbage collection for APIs
2010-04-20: Standard format Unix errors in Python programs
2010-04-19: Why you don't want to host your MTA machine in the cloud
2010-04-18: I think it's time to turn off automatic periodic ext3 fscks
2010-04-17: The 30 second elevator pitch on HTML 4.01 (vs XHTML)
2010-04-16: How to write to stderr so people will like you
2010-04-15: The standard format Unix error messages
2010-04-14: The myth of a completely shared knowledge base across sysadmins
2010-04-13: The impact of single-disk slow writes on mirrors (and other RAID arrays)
2010-04-12: The importance of figuring out low-level symptoms of problems
2010-04-11: The comedy potential inherent in people reusing your address space
2010-04-10: Why commands can never afford to get it wrong in a version
2010-04-09: The processing flow of a network copying program
2010-04-08: A little script: sshup
2010-04-07: Our current mail system's configuration
2010-04-06: How not to set up IP aliases on Ubuntu (and probably Debian)
2010-04-05: An important thing about how ZFS handles spares
2010-04-04: The problem with header and footer overlays on web pages
2010-04-03: A DVCS advantage for open source development
2010-04-02: Notes on the compatibility of crypted passwords on various Unixes
2010-03-31: Looking back at a year of our disk-based backup system
Remote applications and Gnome settings: an irritation
2010-03-30: One possible future for Solaris
2010-03-29: More signs of Oracle's view of Solaris
My theory on why our worklogs work for us
2010-03-28: The evolution of checklists in my work
2010-03-27: Testing in the face of popen()
2010-03-26: Tkinter sometimes has a busy-wait main loop (more or less)
2010-03-25: The problem with overly verbose package installation
2010-03-24: One reason why 'zpool status' can hang
2010-03-23: No DSL is 'human-readable' as such
2010-03-22: Why I exploit Python to shim modules for testing purposes
2010-03-21: The power of 'I like this' in social applications
2010-03-20: Web analytics versus GET parameter security
2010-03-19: The problem with general purpose languages as configuration languages
2010-03-17: How Solaris 10's mountd works
Another building block of my environment: rxterm
2010-03-16: The Solaris 10 NFS server's caching of filesystem access permissions
2010-03-15: How to create pointless error reports (and how not to)
2010-03-14: Space and content
2010-03-13: A surprising lack: milter clients
2010-03-12: End results versus what's inside the black box
2010-03-11: Why the pam_mail PAM module is not my friend
2010-03-10: Mythology about Unix workstations
2010-03-09: How not to design an API (in C): the enum ordering mistake
2010-03-08: Exceptions versus error return values
2010-03-07: Why I don't expect third-party support for OpenSolaris
2010-03-06: Pushing code changes upstream is hard work
2010-03-05: PCs are (or can be) Unix workstations
2010-03-04: You want to do spam forwarding on a separate machine
2010-03-03: All syndication formats use XML
2010-03-02: A building block of my environment: rxexec
2010-02-28: Why XML is terrible for configuration files
The dividing line between supporting code and forking it
2010-02-27: An 'email marketing' wish
2010-02-26: The remaining Unixes (and their manpages)
2010-02-25: Reading the Oracle tea leaves for Solaris
2010-02-24: How to listen on a socket in the modern IPv6-enabled world
2010-02-23: What Linux's getaddrinfo() is doing with IPv6 (on some versions)
2010-02-22: Unix portability and scripting language versions
2010-02-21: It's sinking in that Sun is gone
2010-02-20: Viral marketing versus word of mouth marketing
2010-02-19: Using socket.getaddrinfo to look up IP addresses
2010-02-18: Some notes on using socket.getaddrinfo()
2010-02-17: The purpose of configuration files
2010-02-16: A Linux gotcha about daemons and bindv6only
2010-02-15: IPv6 with Lighttpd on Linux
2010-02-14: Brief notes on IPv6 support in some Linux programs
2010-02-13: Some stuff on dual-bound IPv6 sockets on Linux
2010-02-12: The many IPv6 addresses of an IPv4 machine
2010-02-11: Forcing your webpage content to scroll is generally a bad idea
2010-02-10: Beware of using Linux's hostname -s switch
Some thoughts about 6to4
2010-02-09: Why your program should have an actual configuration file
2010-02-08: A thought on deliberately slow disaster recovery
2010-02-07: The problem with blog footnotes
2010-02-06: Why a laptop is not likely to be my primary machine any time soon
2010-02-05: Emergency procedures checklists need check steps
2010-02-03: Outdated documentation is especially risky for sysadmins
Link: Pollution in 1.0.0.0/8
How to destroy people's interest in updating documentation
2010-02-02: What charging credit cards doesn't prove
2010-01-31: More vim options it turns out that I want
Thinking about syndication feeds and spoilers
2010-01-30: I'm puzzled about DNS glue records in the modern world
2010-01-29: A theory about Apple's new iPad
2010-01-28: Always sign exactly what you are authenticating
2010-01-27: AT&T's mad unbundling and the damage it did to Unix
2010-01-26: Why the modern age is great
2010-01-25: You can only really expire cookies on the server
2010-01-24: How I should have done password crypto for DWiki
2010-01-23: A Python safety tip: Do notice that things can throw exceptions
2010-01-22: Three ways to get tracebacks in your CGI Python application
2010-01-20: The argument for not managing systems via packages
One of the things that killed network computers (aka thin clients)
2010-01-19: OpenSolaris versus Solaris
2010-01-18: More on mismatched sectors on Linux software RAID mirrors
2010-01-17: I do not like Unix's fossilization
2010-01-16: Different visions of what packaging systems are for
2010-01-15: Packaging systems should support overlays
2010-01-14: Packaging systems should be comprehensive
2010-01-13: One reason why you should not let people register other people
2010-01-12: How systems get created in the real world
2010-01-11: In praise of crash (and kernel source)
2010-01-10: Why the Solaris packaging system is bad
2010-01-09: Patch management is part of package management
2010-01-08: A brief and jaundiced history of Unix packaging systems
Interesting things can happen when you scale things up
2010-01-06: A theory on why most browsers control their own list of CA roots
The department's model for providing computing support
2010-01-04: Some thoughts on battery backup for RAID controller cards
Turning synchronous channels asynchronous
2010-01-03: Go interfaces are not my sort of interfaces
2010-01-02: Proper disclosure, or how not to be a comment spammer
2010-01-01: Brief bits from the evolving ipsCA failure
2009-12-31: Why free things are so attractive in universities
Look at your pull-based system for things that push
2009-12-30: Real world support periods are shorter than they look
2009-12-29: Solaris is not open source
2009-12-28: The annoying timing of future SSL certificate renewals
2009-12-27: Some OpenSSL and SSL certificate basics
2009-12-26: Things that limit the performance of hardware acceleration
2009-12-25: Linux's non-strict overcommit is the right default
2009-12-24: The advantages of open source software RAID
2009-12-23: Another demonstration of SSL Certification Authority (in)competence
2009-12-22: How not to set up your DNS (part 20)
Do you have a network layout diagram?
Using OpenID for local web application authentication
2009-12-20: Some things about getting useful output from time
Some thoughts on intercepting https traffic
2009-12-19: Local CAs and an interesting consequence of the SSL security model
2009-12-18: Secure or useful: pick one
2009-12-17: The good and bad of SQL
2009-12-16: How Linux software RAID is making me grumpy right now
2009-12-15: The high costs of true security paranoia in the face of compromises
2009-12-13: Sysadmin versus developer uses of version control systems
Mercurial versus git for sysadmins, or why we picked Mercurial
2009-12-12: You should always be able to get a program's version and basic usage
2009-12-11: A wish for KVM virtualization: simple bridged networking
2009-12-10: How not to copy a file to standard output in Python
2009-12-09: My views on inheritance versus interface
2009-12-08: Why I am not enthused about etckeeper and similar systems
2009-12-07: Why whitelists (and blacklists) are long-term poison for online systems
2009-12-05: Overcoming the drawbacks of preforking accept() servers
What version of Python is included in various current OSes
2009-12-04: Learning from Unicorn: the accept() thundering herd non-problem
2009-12-02: The problem with the OpenSolaris source repository
The mixed directory/unrelated files VCS problem
2009-11-30: Using content hashing to avoid the double post problem
Poking around the OpenSolaris codebase (for sysadmins)
2009-11-29: In security, you need to stop the root mistake
2009-11-28: 'Conditional restart' in init.d scripts can be dangerous
2009-11-27: Modern version control systems change your directory layouts
2009-11-26: Some notes for myself on git bisect
2009-11-25: Why I love Unix, number N (for some N)
2009-11-24: An important lesson for me on Fedora upgrades
2009-11-23: Converting a directory from RCS to Mercurial
My current unhappy thoughts on Fedora 12
2009-11-22: RCS versus modern version control systems
2009-11-21: An update on faulted ZFS spares
2009-11-20: Spam and the attraction of reach
2009-11-19: The corollary for effective anti-spam heuristics
2009-11-18: Universities are open environments
2009-11-17: Finally understanding the appeal of 'Interfaces'
2009-11-16: 'Is-a' versus 'is-a-descendant-of'
2009-11-15: A limitation of Python types from C extension modules
2009-11-14: How to defer things in Exim
2009-11-13: (Ab)using Exim routers for their full power
2009-11-12: What makes Exim work as a mailer construction kit
2009-11-11: For universities, the Internet world has fundamentally changed
2009-11-10: HTML5 may end up giving us real, working XHTML
2009-11-08: My problem with the obvious solution to my unexposed types problem
2009-11-07: Solving unexposed types and the limits of duck typing
A gotcha with Bash on Ubuntu 8.04
2009-11-06: A shell script thing that I have learned the hard way
2009-11-05: Why the NFS client is at fault in the multi-filesystem NFS problem
2009-11-04: The cause of the multi-filesystem NFS export problem
2009-11-02: Are security bugs always code bugs?
XHTML vs HTML5
2009-10-31: My thoughts on why invented standards succeed or fail
The risk continuum for standardization success
2009-10-30: Understanding hash length extension attacks
2009-10-29: Why per-process (or per-user) memory resource limits are hard
2009-10-28: Python modules should make visible their (fundamental) types
2009-10-27: A personal experience of web browsers making bad text editors
2009-10-26: What I think I understand about how standards get created
2009-10-25: Some thoughts on a 'modern' university email system
2009-10-24: Something I have realized about university services
2009-10-22: The limits of some anti-spam precautions
How to waste lots of CPU time checking for module updates
2009-10-21: Why you should be able to get a list of your local email addresses
2009-10-20: Simple mailing lists: an illustration of Exim's flexibility
2009-10-19: The case against backup MXes
2009-10-18: Backup MXes versus redundant MXes
2009-10-17: Automated web software should never fill in the Referer header
2009-10-16: A tale of network horror, or at least excitement
2009-10-15: One complexity of buffered IO on Unix
2009-10-14: Why 'invite-your-friends' features are spam from you, not your users
2009-10-13: There are two different uses of conditional GETs
2009-10-12: ZFS GUIDs vs device names
2009-10-11: Why security bugs aren't bugs
2009-10-10: You should delete obsolete data files
2009-10-09: A fun bug I once ran across
2009-10-08: What is going on with faulted ZFS spares
2009-10-07: A brief introduction to ZFS (disk) GUIDs
2009-10-06: The danger of software suspend on servers
2009-10-05: The problem with security bugs is that they aren't bugs
2009-10-04: Why Unix filesystems precreate lost+found directories
2009-10-03: One thing that top-posting is good for
2009-10-01: The rules for combining things with Bourne shell 'here documents'
2009-09-30: A little habit: cat >/dev/null
On (not) putting IP addresses in registration email
2009-09-28: Two ends of hardware acceleration
What I think about why graphics cards keep being successful
2009-09-27: Some suggestions for registration confirmation emails
Why you can no longer have an 'invite-your-friends' feature
2009-09-26: How our 'plug in and go' laptop network DHCP portal works
2009-09-25: How our DHCP registration portal redirections work
2009-09-24: SSL certificates require proper domain names
2009-09-23: A brief overview of the Solaris 10 nvpair library
2009-09-22: Some trivia about Python frame objects
2009-09-21: Exploring the frame object f_builtins member
2009-09-20: Why kernel packaging is so bad in Debian and Ubuntu
2009-09-19: Why I am not a fan of hardware acceleration
2009-09-18: Are you sure it's a C string?
2009-09-17: A trick to testing https setups on test machines
2009-09-16: Some kernel lockd NFS error messages explained
2009-09-14: Listing file locks on Solaris 10
Forwarding emails without false positives
2009-09-13: How modern CPUs are like (modern) disks
2009-09-12: My opinions on when you should let ZFS handle RAID stuff
2009-09-11: Why you should let ZFS handle the RAID stuff
2009-09-10: What I know about how ZFS actually handles spare disks
2009-09-09: Postfix versus Exim
2009-09-08: Some ways to avoid needing a public ticketing system
2009-09-07: A use for ticketing systems as your primary support method
2009-09-06: What typing ^D really does on Unix
2009-09-05: Why the Unix EINTR semantics (probably) exist
2009-09-03: An interesting issue with doing NFS over TCP (apparently)
Programming blindness and security
2009-09-02: Environment variables make bad switches
2009-08-31: How to deprecate bits of your program
The IO scheduler improvements I saw
2009-08-30: Some more thinking about requirements in specifications
2009-08-29: MUST versus SHOULD in your specifications
2009-08-28: ZFS changes filesystem device numbers on reboot
2009-08-26: What packages SystemTap requires on Ubuntu 8.04 (and others)
A frame object's f_locals isn't always the locals
2009-08-24: The problem with the CFQ IO scheduler and our iSCSI targets
Anti-spam content scanning systems need to scan more
2009-08-23: You should not use HTTP request parameters as filenames
2009-08-22: A gotcha with Python's new signal.siginterrupt()
2009-08-21: The danger of powerful generality, illustrated
2009-08-20: Python modules should not reinvent OSError
2009-08-19: Link: Using colour well in data visualization
Python, signal handlers, and EINTR
2009-08-18: Why user programs mapping page zero is so bad news on x86 hardware
2009-08-17: More accidental BitTorrent on our network
2009-08-16: Testing versus extensibility
2009-08-15: SSDs and the RAID resync problem
2009-08-14: Sorting out what 'passive ftp' is
2009-08-12: Undo is sometimes not good enough
One thing your mail-sending system should do
2009-08-11: The somewhat apocryphal history of comments in the Bourne shell
2009-08-10: The difference in the Bourne shell between : and #
2009-08-09: Building true ssh opportunistic connection sharing
2009-08-08: How I use ssh's connection sharing feature
2009-08-07: The basics of ssh's connection sharing feature
2009-08-06: A rule for Internet software
2009-08-05: A feature that I wish Linux package managers had
2009-08-04: A downside to syndication feed readers respecting permanent HTTP redirects
2009-08-02: Limitations on custom NFS mount authorization on Solaris
What you can't do before you drop setuid permissions
2009-07-31: Using SystemTap to trace the system calls of setuid programs on Linux
How fast various ssh ciphers are
2009-07-30: How we do custom NFS mount authorization on Solaris 10
2009-07-29: The shift-selection trick in X terminal programs
2009-07-28: Spammers are quite dedicated in their address scraping
2009-07-27: Why you should do code reviews for sysadmin scripts
2009-07-26: The anatomy of a hack to get around try:/finally: and generators
2009-07-25: When code in generators runs
2009-07-24: The usefulness of a syndication feed of your blog's comments
2009-07-22: Thinking like a security paranoid: an example
A peculiar change in Linux flock() and fcntl() behavior
2009-07-21: Packages should not contain both tools and policies
2009-07-20: Minimalistic spam, another annoyance to worry about
2009-07-19: The importance of making an issue visible
2009-07-18: Why NFS filehandles fail as access capabilities
2009-07-17: The hard problem of live major release upgrades
2009-07-16: Another reason to safely update files that are looked at over NFS
2009-07-15: A Bourne shell gotcha with ( ... ) command grouping
2009-07-13: Some stuff on NFS access restrictions
Shell scripts should not use absolute paths for programs
2009-07-12: A brief history of NFS server access restrictions
2009-07-11: What can go wrong in making NFS mounts
2009-07-10: An unpleasant surprise about ZFS scrubbing in Solaris 10 U6
2009-07-09: The high-level version of how mounting NFS filesystems works
2009-07-08: Fedora and workstations (on Linux distributions for desktops)
2009-07-07: Why and why not Fedora
2009-07-06: How you could do a shared root directory with NFS
2009-07-05: The coming Internet identity problem
2009-07-04: A side note on the cost of operations
2009-07-03: How software makes reverse proxying hard
2009-07-02: Finding out when a command in a pipeline fails
2009-06-30: A Unix irritation: pipeline status
More on why users keep mailing specific people
2009-06-29: A theory on why users keep mailing specific people
2009-06-28: How we solve the multiuser PHP problem
2009-06-27: Possible limits on our port multiplied ESATA performance
2009-06-26: How not to set up your DNS (part 19)
An advantage for hardware RAID over software RAID
2009-06-25: Patching systems versus patching appliances
2009-06-24: Another source of stickyness for social web sites
2009-06-22: Solaris 10 NFS server parameters that we change and why
Why GNU tools are sometimes not my favorite programs
2009-06-21: Email is intrusive, and why
2009-06-20: Using GRUB to figure out the mapping of BIOS drive numbers
2009-06-19: Fedora desperately needs a better upgrade system
2009-06-18: A kernel NFS error message explained
2009-06-17: The NFS 'reserved ports' option and why you care
2009-06-16: Maybe understanding blogrolls
2009-06-15: try:/finally: and generators
2009-06-14: How to set up your vacation messages to get thrown off mailing lists
2009-06-13: One of the reasons good alerting is tough
2009-06-12: What I know about Solaris 10 NFS server file lock limits
2009-06-11: There are two different purposes of monitoring systems
2009-06-10: Users are lazy
2009-06-08: Another way that generators are not lists: modifying them
Monitoring systems should be always be usefully informative
2009-06-07: It's important to get the real costs right
2009-06-06: User perceptions (and expectations) of backups
2009-06-05: How we're planning our backup storage capacity needs
2009-06-04: Another irritation with Gnome's gconf settings system
2009-06-03: The costs of development versus the costs of operation
2009-06-02: Sometimes brute force is the answer (on Unix)
2009-05-31: A thought on giving custom redundant storage systems some history
The better way to install Sun's Java
2009-05-30: The program energy efficiency optimist's view
2009-05-29: The cost of program energy efficiency
2009-05-28: Encapsulation may be in the eye of the beholder
2009-05-27: Hosted servers, cloud computing, and backups
2009-05-25: Backups versus redundancy
2009-05-24: An interesting bit of ssh and sshd behavior
What modern email is good for
2009-05-23: The drawback of using a language with a good interface to the OS
2009-05-22: How CPython handles (and delays) Unix signals
2009-05-21: Solving the Python SIGCHLD problem
2009-05-20: Why directory URLs have to have trailing slashes
2009-05-19: Some notes on rewrites in Apache .htaccess files
2009-05-17: One reason for Unix's permission checking timing
The crucial difference between online and offline backups
2009-05-16: Autoresponders in the modern email world
2009-05-15: Why df on an NFS-mounted ZFS filesystem can give odd results
2009-05-14: Fixing your system after hitting the RAID growth gotcha
2009-05-13: Booting a Linux system without a root mirror
2009-05-12: A serious gotcha with growing software RAID devices
2009-05-10: What affects how fast you can restore backups
Another advantage of disk-based backup systems
2009-05-09: Our disk-based backup system
2009-05-08: The problem with tapes (for backup)
2009-05-07: How to set up your xorg.conf for RandR-based dual-headed systems
2009-05-06: An irritation with Linux's 'mount -t nfs' output
2009-05-05: How we periodically scrub our ZFS pools
2009-05-03: An inexplicable omission in bash's sourcing of .bashrc
2009-05-02: Why version control systems should support 'rewriting history'
Convenient ssh in Gnome, or 'my sshmenu wish comes true'
2009-04-30: My standard Gnome customizations
Why I would still like MC/S in Linux
2009-04-29: Pragmatic issues with hash verifiers for email messages
2009-04-27: One of my TDD weaknesses: mock objects for complex objects
The problems of over-documenting things
2009-04-26: A Bourne shell irritation: piping just stderr
Lighttpd, CGIs, and standard error
2009-04-25: On digital signatures and client security issues
2009-04-24: The difference between Web 1.0 and Web 2.0
2009-04-23: A Gnome irritation
2009-04-21: Why your ticketing system should not be accessible to users
2009-04-20: Some ways to add versioning to pickled objects
Why pickle is not a good way to save your data
2009-04-19: Sometimes you don't want behavior with your data
2009-04-18: What users see as benefits from sysadmins
2009-04-17: Git and 'rewriting history'
2009-04-16: What causes the ZFS file deletion problem with snapshots
2009-04-15: The problem with Solaris 10 update 6's ZFS failmode setting
2009-04-13: How I went wrong in thinking about /boot mirroring
Your ticketing system should be optional
2009-04-12: A hairshirt too far: on always avoiding CSS
2009-04-11: The advantage of having an (XML) sitemap
2009-04-10: Why 'sender stores message' is easier for spammers than real mail servers
2009-04-09: Why ssh needs to verify host keys
2009-04-07: Handling ssh to generic hostnames
The technical problems with 'sender stores messages' schemes
2009-04-06: An interesting hardware mystery
2009-04-05: Why I don't expect ARM-based netbooks to be a success
2009-04-03: The (or a) problem with Unix manpages
How to use Vixie cron to schedule at regular odd times
2009-04-02: System status announcements and where your users are
2009-03-31: The SSD boom and the theoretical multicore revolution
A sysadmin use for Twitter
2009-03-30: There are three entry states for feed readers
2009-03-29: Why I wrote my own bulk IO performance measurement tool
2009-03-28: Make your web application's interface elements obvious
2009-03-27: The theoretical advantage of a separate /boot filesystem
2009-03-26: An important difference
The git version control system as a creation of the modern age
2009-03-24: Using fully mirrored system disks on Linux
How not to improve your CD player application
Frustration for a sysadmin (well, for me)
2009-03-23: How libraries should handle internal warning messages
2009-03-22: An outline of a possibly easier IPv4 to IPv6 transition
2009-03-21: Why the ideal IPv4 to IPv6 transition is impossible
2009-03-19: Why 'sender stores message' schemes won't cure phish spams
2009-03-18: An obvious thing about dealing with web spider misbehavior
Principles of email in the modern age
2009-03-16: An important gotcha with iSCSI multipathing in Solaris 10
Complex data structures and the two sorts of languages
2009-03-15: A realization: planet aggregators have a natural size limit
2009-03-14: Why I don't trust seteuid() and friends
2009-03-12: The problem with /var today
The not so secret history of /var
2009-03-11: Checklists versus procedures
2009-03-10: Why checklists work
2009-03-09: What list methods don't make sense for heterogeneous lists
2009-03-08: Python's theoretically missing core data type
2009-03-07: What past problems of mine the collections module solves
2009-03-06: What can keep a ZFS pool busy and prevent it from exporting
2009-03-05: What seems to use power on a Dell Mini 12
2009-03-04: The ASUS Eee PC versus the Dell Mini 12
2009-03-03: Rollbacks versus downgrades
2009-03-02: Some gotchas with ZFS in Solaris 10 update 6
2009-02-28: What it would take for me to use Fedora Rawhide
The potential problems with distribution downgrades
2009-02-27: The peculiar case of the conference spammers
2009-02-26: What I learned from Google Mail's recent outage
2009-02-25: Don't log usernames for bad logins
2009-02-24: A core principle of error and warning messages
2009-02-23: A problem with microtransactions
2009-02-22: Internet scale security: the impact of cheapness
2009-02-21: How to turn off gnome-terminal's cursor blinking
2009-02-20: An attraction of planet-style blog aggregators as your feed reader
2009-02-19: Appearances are deceptive in the (anti-)spam world
2009-02-18: My theory on why people wind up using common passwords
2009-02-17: Design versus construction
2009-02-16: My approach to website passwords (and why it is the right one)
2009-02-15: How CPython optimizes allocations for some built-in types
2009-02-14: Some of my assumptions about Python object allocation
2009-02-13: The accumulator mini-pattern and .setdefault()
2009-02-12: Recognizing non-interactive shells and 'shell levels'
2009-02-11: True point in time restores may be hard
2009-02-09: Backups and archives
I hate flaky systems, Fedora 10 and/or hardware edition
2009-02-08: When bash sources your .bashrc
2009-02-07: An illustration of one reason that documentation is hard
2009-02-06: Our SunFire X2100 nVidia Ethernet experiences
2009-02-04: An alarming ZFS status message and what is usually going on with it
Why btrfs was inevitable: a corollary to (not) getting ZFS in Linux
2009-02-02: A grumpy remark about Solaris's scalability
2009-02-01: Understanding ZFS cachefiles in Solaris 10 update 6
2009-01-31: Why social mudding works
When can you assume UTF-8 filenames?
2009-01-30: A surprising lack on Linux: browsers for camera RAW photos
2009-01-29: An RPM packaging utter FAIL
2009-01-28: The (or an) attraction of Twitter
2009-01-27: My wishes for Sun's online documentation
2009-01-26: My reaction to Solaris 10 update 6's ZFS changes
How LiveJournal is sticky
2009-01-25: Thinking about what you do with undo
2009-01-24: Towards a better undo
2009-01-23: The HTML tax (in Python, and in general)
2009-01-22: The NFS re-export problem
2009-01-20: Why high availability NFS requires shared storage
The inner life of NFS filehandles
2009-01-19: Using iptables to get around the policy based routing limitation
2009-01-18: The basic implementation of relatively high-availability NFS
2009-01-17: Practical issues with getting ZFS on Linux
2009-01-16: A lament about modern NFS development
2009-01-15: Why templating systems are the wrong answer for simple HTML generation
2009-01-14: Documenting the kernel.sem sysctl
2009-01-12: A surprising lack in Python's standard library
What I want out of NFS security, at least at the moment
2009-01-11: The problems I see with multi-signed SSL in practice
2009-01-10: You cannot ask users to manage their own security
2009-01-09: A Unix shell glob trick
2009-01-08: The ufsdump block size doesn't seem to matter much
2009-01-07: Two suggestions for improving Fedora's PreUpgrade experience
2009-01-06: The problem of forcing users to make choices (in security)
2009-01-05: Why 'email marketing' winds up as spam
2009-01-04: 'Email marketing' versus outright email spam
2009-01-03: How to help programmers (parts 2 and 3): os.environ and sys.argv
2009-01-02: Why SSL needs certificate authorities, or at least trust roots
2009-01-01: Flaws in the 'web of trust' approach to trust issues
2008-12-31: Certificate authorities seem to be a real weakness in SSL
One of Python 3's fundamental problems on Unix
2008-12-30: ZFS and crazy dates
2008-12-28: Discovering things while researching Unix history
An advantage of doing test driven development
2008-12-27: Email marketing is pretty much spam
2008-12-26: The consequences of the Debian OpenSSL compromise
2008-12-25: My view of Sun and their history
2008-12-24: A thesis: Sun should be prepared to give up on SPARC
2008-12-23: You need major advantages to really move issues
2008-12-21: Part of why managing firewalls is hard
The role of superstition and folklore in system administration
2008-12-20: The source of spurious .rpmnew files
2008-12-19: Comments and dialogues
2008-12-18: Why LVM snapshots should really have hooks into filesystems
2008-12-17: Some reasons why I like vi
2008-12-16: Why XHTML is doomed, at least in its strict validation form
2008-12-14: Feed aggregators should fail gracefully
2008-12-13: The pragmatic problem with strict XHTML validation
2008-12-12: Two-step updates: the best solution to the valid XHTML problem
2008-12-11: Why syndication feed readers (and web browsers) should fail gracefully
Why you should always allow version 1 to be specified
2008-12-09: What sort of user interfaces the web is good for
How Amanda uses what restore program to use, a correction
2008-12-08: How I split up my workstation's disk space
2008-12-07: How to help programmers (part 1): the os.listdir() problem
One of Python's problems with packages
2008-12-06: On line endings and honesty
2008-12-05: A little gotcha when implementing shell read
2008-12-04: The rewriting problem on ZFS and other 'log structured' filesystems
2008-12-03: Mapping IP addresses to ASNs
2008-12-02: A thesis: Sun should fork Solaris
2008-11-30: My view on vi and vim (and nvi et al)
Server problems caused by 'transparent' self-signed SSL certificates
2008-11-29: Good editors aren't better or worse, just different
2008-11-28: Why rootkits targeted at Red Hat Enterprise would make me especially nervous
2008-11-27: The practical insecurity of self-signed SSL certificates on the web
2008-11-26: One consequence of mathematical security thinking
2008-11-25: The problem with security alerts, and indeed all alerts
2008-11-23: My sign of a good graphical interface
2008-11-22: Why I hate 'security questions'
2008-11-21: Limiting how much load Exim puts on your system
2008-11-20: Combining dual identity routing and isolated interfaces revisited
2008-11-19: A growing realization about tcpdump and reading IP traffic
BitTorrent's file fragmentation problem
2008-11-18: Where vi runs into its limits
2008-11-16: Checking systems with RPM verification (part 2)
A hint for email providers
2008-11-15: Getting Python's encoding and decoding straight
2008-11-14: How to force a crash dump on Solaris 10 x86
2008-11-13: What the members of a Unicode conversion error object are
2008-11-12: Why not doing Unicode is easier than doing Unicode in Python
2008-11-11: Another attempt to split SSL into encryption and trust
2008-11-10: Exploiting the Bourne shell to parse configuration files
2008-11-09: The history of Unix *dump programs
2008-11-08: Thinking about how your security domains relate to each other
2008-11-07: What the timestamps in Ubuntu kernel messages mean
2008-11-05: How many root passwords should you have?
An issue with quotas on ZFS pools
2008-11-04: Mistakes editors can make that disqualify them as sysadmin editors
2008-11-03: Why vi has become my sysadmin's editor
2008-11-02: Why university webmail systems are attractive to spammers
2008-10-31: Why realistic UDP bandwidth testing is hard
Banging rocks together in Python
2008-10-30: How Linux initrds used to be a hack
2008-10-29: Problems I have seen with switch port mirroring
2008-10-28: One reason why people buy Ethernet taps
2008-10-27: What we keep track of for ZFS pools
2008-10-26: Why RAID-1 is the right choice for our new fileservers
2008-10-25: How we worked out the partition sizes for our SAN
2008-10-24: A little neat detail of the BitTorrent protocol
2008-10-23: Another update to the ZFS excessive prefetching situation
2008-10-22: How Amanda knows what restore program to use
2008-10-21: Seeing how remarkable V7 Unix was
2008-10-19: The advantages of iSCSI's MC/S for multipathing
Thesis: reputation based antispam systems are dead
2008-10-18: More on Firefox 3's handling of self-signed SSL certificates
2008-10-17: How self-signed certificates are a problem for browsers
2008-10-16: Why Firefox 3's handling of self-signed SSL certificates is wrong
2008-10-15: The corporate identity problem
2008-10-14: Improving initial ramdisks
2008-10-13: The complexity of not lying to Makefiles
2008-10-12: An irritating awk limitation: getting a range of fields
2008-10-11: Forcing sort ordering in Unix shell scripts
2008-10-10: Some notes about iSCSI multipathing in Solaris
2008-10-09: We've lost the password battle
2008-10-08: How we set up our Solaris ZFS-based NFS fileservers
2008-10-07: How we set up our iSCSI target servers
2008-10-06: A problem with Python's help()
2008-10-05: SSL certificate revocation doesn't work (for web browsers)
2008-10-04: Consider having obvious interfaces too
2008-10-03: Arranging your SSL websites for very cautious people
2008-10-01: Another consequence of the Debian OpenSSL security bug
2008-09-30: The consequences of your SSL certificate getting compromised
Using Python to find out what cipher a SSL server is using
2008-09-29: SSL/TLS and forward secrecy
2008-09-28: Why I hate Solaris 10's service facility right now
2008-09-27: The problem with initial ramdisks
2008-09-26: The aesthetics of syntactic sugar
2008-09-25: Why qmail is no longer a suitable Internet MTA
2008-09-24: How we lie to our Makefiles
2008-09-23: Some thoughts on improving current thread-based programming
2008-09-21: Why I wind up writing real parsers for my sysadmin tools
2008-09-20: A side note to the attraction of file-based blog engines
The attractions of 'file as blog entry' blog engines
2008-09-19: Gotchas with IET that I have encountered
2008-09-18: My experiences so far with Linux iSCSI target software
2008-09-17: How to securely manipulate user files
2008-09-16: A Unix without a test program
2008-09-15: Why ZFS's raidz design decision is sensible (or at least rational)
2008-09-14: A read performance surprise with ZFS's raidz and raidz2
2008-09-13: 999 days is not forever
2008-09-12: ZFS's helpful attention to detail
Why you want sysadmins, not users, to be providing the computing
2008-09-11: Why I have the same shell dotfiles everywhere
2008-09-10: A Unix shell trick
2008-09-09: The problem with unit testing programs
2008-09-08: How to get as much of your program byte-compiled as possible
2008-09-07: Why your main program should be importable
2008-09-06: Why negative DNS caching is necessary
2008-09-05: Something to remember when using DTrace on userland programs
2008-09-03: Why SMTP needs a way of communicating partial success for message delivery
How to reject at SMTP time without enabling dictionary scanning
2008-09-01: Accept-then-bounce is no longer acceptable in mail systems
2008-08-31: There is a balance between optimism and paranoia for compromised machines
A realization about the recent Red Hat Enterprise security issue
2008-08-29: Open source projects and programs versus products
We don't really control user desktop machines
2008-08-28: Thinking about the importance of cross-implementation portability
2008-08-27: How I think about how important security updates are
2008-08-25: Fixing low command error distances
The concept of error distance in sysadmin commands
2008-08-24: An update to the ZFS excessive prefetching situation
2008-08-23: Another problem with SSL identities
2008-08-22: Why noting security fixes in Linux kernel changelogs doesn't really help
2008-08-21: What you select for when you make something harder
2008-08-20: An illustration of why syntactic sugar matters
2008-08-18: The problem with using tuples and lists to hold structures
2008-08-17: Thinking about the best way to handle command registration
Why your blog comments have less of an audience than new blog entries
Another reason to avoid having comments
2008-08-16: Why it matters what users like
2008-08-15: Using a non-standard shell as your login shell
2008-08-14: A bash irritation: the incompatible exec
2008-08-12: The first principle of analyzing compromised machines
2008-08-11: How RPM verification deals with prelinking
2008-08-10: Anti-spam work is pure overhead
How to tell when your bug reporting system is at its limits
2008-08-08: How to exploit unsigned repository metadata
A workaround for the Python module search path issue on Unix
2008-08-07: The pragmatics of language changes
2008-08-06: More on the funding capture problem
2008-08-04: SSL does not create trust
Our answer to the ZFS SAN failover problem
2008-08-03: A performance gotcha with syslogd
First impressions of using DTrace on user-level programs
2008-08-02: One reason that it is so hard to challenge Google
2008-07-31: A crude system verification method
SSL's identity problem
2008-07-30: What is guaranteed in languages in practice
2008-07-28: What you can (probably) count on for concurrency in Python
Another advantage of Python builtins
2008-07-27: The yum versionlock problem
2008-07-26: dict.setdefault() as a concurrency primitive
2008-07-24: How packaging systems should handle kernel updates
One thing that I dislike about typical debuggers
2008-07-23: Retracting blog entries in the face of syndication feeds
2008-07-22: Two different usage patterns
2008-07-20: Thinking about uses for (system) activity tracers
Why I'm mostly out of the email (anti-)spam game
2008-07-18: One consequence of Linux's dynamic network device naming
The advantage of blog comments
2008-07-17: The not so secret origins of /usr/bin and /usr/sbin (and /sbin)
2008-07-16: The problem with Usenet
2008-07-14: What some fdisk options actually do
2008-07-13: How ZFS helps out with the big RAID-5 problem
The problem with big RAID-5 arrays
2008-07-12: When overlapping windows do (and don't) make sense
2008-07-11: The case of the mysteriously failing connections
2008-07-10: Internet software decays and must be actively maintained
2008-07-09: Detailed usage charges versus simpler charging models
2008-07-08: How to force Solaris to renumber network devices
2008-07-06: A (D)VCS feature that I'd really like
A small drawback to Wietse Venema's TCP Wrappers
2008-07-05: How OOXML is a complete failure, even for Microsoft
2008-07-04: Phish spammers who make it easy
2008-07-03: Why system administrators like interpreted languages
2008-07-02: Why reverse proxies are good for big web applications
2008-06-30: The many problems with bad security patches
2008-06-29: Why user exposure matters for Linux distributions, especially on desktops
Why Ubuntu's LTS releases are inferior to Red Hat Enterprise Linux
2008-06-28: The other reason that shells should be programmable
2008-06-27: Fault hierarchies and problem reports
2008-06-26: Virtual desktops versus multiple monitors
2008-06-25: More on standard interfaces
2008-06-23: Why I am not really fond of docstrings in Python
More thinking about Python's inheritance model
2008-06-22: The implicit versus the explicit
2008-06-21: A bug reporting paradox: don't put in too much detail
2008-06-20: Accidental bittorrent on our networks
2008-06-19: A thought about filesystem snapshots
2008-06-17: A simple request for vendor websites
Sun flubs another SSH patch
2008-06-16: Why people persist in sending files by email
2008-06-15: Why DNS blocklists return information as IP addresses
2008-06-13: The cost of virtualization
2008-06-12: The problem with ZFS, SANs, and failover
2008-06-11: Designing a usable DNS Blocklist result format
Tabs versus windows, or why I usually want windows
2008-06-09: Mirrored system disks should be trivial to set up
2008-06-08: Thinking about Python's inheritance model
Recovering my Eee PC from a post-update problem
2008-06-07: Why 'file as blog entry' blog engines have problems
2008-06-06: Why shells should have small programming languages
2008-06-04: Some corollaries to the charging problem
2008-06-03: My problem with ZFS
2008-06-02: Improving RPM as a packaging system
Why package systems are important
2008-05-31: What contracts aren't
2008-05-30: The fun of awk
Users are rational
2008-05-29: Why web spiders should not crawl syndication feeds
2008-05-28: What promiscuous mode does on modern networks
2008-05-26: Shimming modules for testing (and fun)
2008-05-25: Making a good Unix glue language
The risks of forcing frequent password changes
2008-05-24: Dear applications: WEP keys are not passwords
2008-05-23: Frequent password changes as security mythology
2008-05-21: Combining dual identity routing and isolated interfaces
2008-05-20: Getting live network bandwidth numbers on Solaris
2008-05-19: Segregating your outgoing email to get blocked as little as possible
2008-05-18: The threat model for website logins
Counterproductive password security
2008-05-17: Why we're interested in many ZFS pools
2008-05-15: Why it is hard to decommission a DNS blocklist
What protects the strength of a ssh connection's encryption
2008-05-13: Things I have learned about ZFS (and a Linux iSCSI target)
2008-05-12: Some thoughts on tradeoffs between storage models
2008-05-11: The history of readdir()
Another problem with doing your own sysadmin automation
2008-05-09: An advantage of interpreted languages
2008-05-08: Getting live network bandwidth numbers on Linux
2008-05-07: Today's Solaris 10 irritation: the fault manager daemon
2008-05-06: The Bourne shell is not a programming language
2008-05-05: The costs of doing your own system administration automation
2008-05-04: On standard interfaces
2008-05-03: Why people don't automate sysadmin stuff
2008-05-02: Automation changes as systems grow
2008-05-01: What the co_names attribute on Python code objects is
2008-04-30: Why apt is always going to be faster than yum
Why you can't stop 'abuse' of file sharing services
2008-04-28: Abusing Python frame and code objects
2008-04-27: Attribute tracing as a mixin class
2008-04-26: A thought on trackbacks
2008-04-25: BitTorrent trackers are not innocent bystanders
2008-04-24: What Linux's RPC queue dump means, sort of
A brief mention of some tools for debugging Linux NFS client issues
2008-04-22: The irritation of single-context applications
2008-04-21: Dear ZFS: please stop having your commands stall
2008-04-20: Finding the name of your caller in Python
What FAQs are
2008-04-18: The two (at least) forms of documentation
2008-04-17: The limits of isolated interfaces
2008-04-16: My secret mouse fear
The appeal of GNU tools
2008-04-15: Management interfaces as isolated interfaces
2008-04-14: A sysadmin's review of the ASUS Eee PC
2008-04-13: How I use Firefox's remote control
2008-04-12: Different reasons for having comments
2008-04-11: The appeal of XML
When I do and don't read a blog's comments
2008-04-09: Why there's a bunch of spam from university webmail systems right now
2008-04-08: An alternate take on availability numbers
2008-04-07: Get statistics
2008-04-06: The problem with PID files
2008-04-05: What I needed to make my custom Fedora 8 environment work
Why people are accepting bad uptimes from Internet applications
2008-04-03: Google Mail has a spam problem
2008-04-02: ZFS: Reservations versus quotas
2008-04-01: A simple Python class to trace access to object attributes
2008-03-31: Keeping secrets as a system administrator
The quote of the time interval, on XML
2008-03-30: Docstrings versus comments in my code
2008-03-29: Tradeoffs in where you store volume management metadata
2008-03-28: The stages of Bittorrent encryption
2008-03-27: An idea for a browser anti-phish feature
2008-03-26: Why authenticated email won't stop phish spam
2008-03-25: The easy way to keep a week's worth of something
2008-03-24: The two sorts of (programmer) certification
2008-03-23: Why software engineering certification may not work out the way people want
2008-03-22: Why NFS writes to ZFS are sometimes (or often) slow
2008-03-21: Journaling filesystems and the fsync() problem
2008-03-20: Why you should ratelimit messages that outside things can cause
2008-03-19: The problem of charging for things (well, one of them)
2008-03-18: Some things I dislike about the ASUS Eee
2008-03-17: Why I expect more from Solaris
2008-03-16: My problem with Lisp
2008-03-15: Why accurately counting committed address space is hard
2008-03-14: Why I like definite answers to support issues
2008-03-13: Another problem with iSCSI on Solaris 10
2008-03-12: A bash irritation: mutable history
2008-03-11: The 'Add Comments' problem
2008-03-10: Why I organize comments on WanderingThoughts the way I do
2008-03-09: The difference between a SAN and a cluster filesystem
2008-03-08: What controls Red Hat Enterprise's ethN device names
My problem with Ethernet naming on Red Hat Enterprise 5
2008-03-06: Software RAID, udev, and failed disks
The difference between operations and system administration
2008-03-05: How we make Exim discard bounces of spam
2008-03-04: How we deal with the spam forwarding problem
2008-03-03: How not to set up your DNS (part 18)
2008-03-02: How ZFS's version of RAID-5 can be better than normal RAID-5
2008-03-01: Speed surprises in reimplementing the .find() string method
2008-02-29: An illustration of the speed advantage of Python builtins
2008-02-28: My likely Firefox 3 extensions
2008-02-27: Two sorts of languages
2008-02-26: Something that I do not understand
2008-02-25: The best way to shroud IP addresses
2008-02-24: An idea: only use URL fragments as an implementation detail
2008-02-23: Where the risk is with virtualization (and iSCSI)
2008-02-22: Why I am not fond of Ubuntu's management of kernel updates
2008-02-21: Wireless, machine rooms, and the Asus Eee PC
The irritation of single-instance applications
2008-02-20: How our automounter replacement works
2008-02-18: Coding paralysis
ZFS versus SANs: where do you put the RAID?
2008-02-16: The only way you can stop spam with money
2008-02-15: A weird routing mystery
2008-02-14: Why does anyone buy iSCSI TOE network cards?
2008-02-13: A consequence of Python's 'computer science' nature
2008-02-12: A small annoyance with HTML
2008-02-11: Why commercial support needs to solve your customers' problems
2008-02-10: A basic introduction to prelinking on Linux
2008-02-09: The other reason certified email won't solve the spam problem
How your fileservers can wind up spreading over your SAN
2008-02-08: Why /usr/local is now useless (and where it came from)
2008-02-06: Why ZFS needs a zfsdump
2008-02-05: Prewiring experimental racks
2008-02-04: The origins of /usr/share
2008-02-03: A note to would-be photo editing applications
2008-02-02: Why certified/authenticated email cannot solve spam
2008-02-01: Isolating network interfaces on Linux
2008-01-31: The sysadmin's life (again)
2008-01-30: Linux's IP forwarding settings summarized
2008-01-29: An annoyance in Python's attribute access rules
2008-01-28: One reason I like Python
2008-01-27: Classic crontab syntax mistakes
2008-01-26: The funding capture problem
2008-01-25: A modest suggestion about test accounts
2008-01-24: Running a 32-bit Firefox on a 64-bit Fedora or Red Hat Enterprise
2008-01-23: The weird effects of Firefox's remote control on Unix
Linux's umount -f forces IO errors
2008-01-21: Why I believe that you want Solaris if you want ZFS
2008-01-20: Layering buffering on top of other buffering is usually a bad idea
2008-01-19: Why the x86 Linux kernel is part of every process's address space
2008-01-18: What seems to use power on an Asus Eee PC
2008-01-17: Lab notebooks are not changelogs
2008-01-16: Why sysadmins should keep a lab notebook
2008-01-15: What applications are actually crucial at a university
2008-01-14: A Python pattern: Mutating Proxies
2008-01-13: The robot logic of ZFS snapshots and quotas
2008-01-12: A thought about Amazon's S3 and EC2
2008-01-11: The importance of killing processes with the right signal
2008-01-10: What you don't know about other peers in BitTorrent
2008-01-09: There are two different situations for content-types
2008-01-08: Why I feel that a missing Debian package is a bad sign
2008-01-07: Some thoughts on Solaris 10 x86 versus Linux
2008-01-06: Why the server is the right place to determine web content types
2008-01-05: Why file extensions in URLs are a hack
2008-01-04: One problem with the current anti-spam environment
2008-01-03: Scrolling versus panning
2008-01-02: The various sorts of backgrounding in Unix
2008-01-01: An unpleasant thing about system administration
2007-12-31: There are really two GPL v2 licenses
2007-12-30: The importance of killing processes in the right order
2007-12-29: SNI doesn't work in practice
2007-12-28: Please don't make me pick an account name
2007-12-27: Why I am not entirely fond of Solaris 10 x86's boot archive
2007-12-26: Two problems with Python's file iterators
2007-12-25: Process memory layout for 32-bit Linux programs
2007-12-24: The difference between shells that do job control and shells that don't
2007-12-23: Multihomed hosts and /etc/hosts
Shortening hostnames for fun and profit
2007-12-22: Getting a useful persistent VNC session
2007-12-21: A thought about Solaris 10 x86's boot process
2007-12-20: Virtualization does not eliminate security concerns
2007-12-19: Why setuid scripts are fundamentally a bad idea
How x86 Linux executes ELF programs
2007-12-17: What is a script language on Unix
2007-12-16: A thought on reading multiline records
2007-12-15: There are reasons for stupid anti-spam policies
2007-12-14: Check then use is a dangerous security pattern
2007-12-13: Doing one-shot booting with GRUB
2007-12-12: A more abstract view of the generalized open() issue
Implicit generalized open()'s are dangerous
2007-12-10: A surprise about Linux serial consoles
2007-12-09: I don't like smooth scrolling
2007-12-08: A depressing thing about phish spam
2007-12-07: Using Linux's magic SysRq feature
2007-12-06: Why large ISPs like SPF (the cynical view)
2007-12-05: Safely updating files that are read over NFS
2007-12-04: Dumb switches are now too smart for my good
2007-12-03: A comment spam precaution that didn't work out
2007-12-02: How my CGI to CGI/SCGI frontend works
2007-12-01: My expectations for responsible spider behavior
BitTorrent's protocol is not designed to hide
2007-11-29: Hashes are not complete protectors of privacy
2007-11-28: The problem the automounter was trying to solve
Another aphorism of system administration
2007-11-27: Taking advantage of polymorphic WSGI
2007-11-26: The two things I can mean by 'web spider'
2007-11-25: Why we may not be able to use ZFS
2007-11-24: Gotchas with dual-headed X with RandR on ATI cards
2007-11-23: My web spider technical requirements
2007-11-22: The different types of hash collisions
2007-11-21: Linux virtual terminals and the X server
2007-11-20: A lesson learned: Always upgrade Fedora with a respin CD
2007-11-19: What IPsec being mandatory in IPv6 really means
2007-11-18: I love Linux's serial console support
2007-11-17: Fighting spam always costs
2007-11-16: Improving your life with checklists
2007-11-15: Platform risk and platform (in)security
2007-11-14: What NAT is useful for
2007-11-13: Why vfork() got created (part 2)
2007-11-12: Matching words against a list in the Bourne Shell
2007-11-11: Why vfork() got created (part 1)
2007-11-10: The risks of spam filtering (part 2)
2007-11-09: An object oriented design mistake illustrated
2007-11-08: How Linux handles virtual memory overcommit
2007-11-07: Understanding the virtual memory overcommit issue
2007-11-06: A thought about competition between Red Hat Enterprise and CentOS
2007-11-05: Some notes on Solaris 10 U4 x86 as an iSCSI target
2007-11-04: Thinking through salts for passwords
2007-11-03: A thought about the speed of IPv6 deployment
2007-11-02: Note to self: check for gigabit Ethernet
2007-11-01: Dynamic rendering versus static rendering for websites
2007-10-31: What may be causing my random NumLock issues
Jumbo frames on gigabit Ethernet on Solaris 10 x86
2007-10-30: The problem with big systems
2007-10-29: My problem with learning new programming languages
2007-10-28: The inconvenience of some DWiki design choices
2007-10-27: Why I am not really interested in hearing blacklist appeals
2007-10-26: The Slashdot effect is not like regular load
2007-10-25: Long term storage management in the field
2007-10-24: The format of PTR records in Bind irritates me
2007-10-23: How we sized the overcommit ratio
2007-10-22: The dangerous appeal of the obvious
Vim options it turns out I want
2007-10-21: How I got a corrupted metadb replica that paniced Solaris 10 x86
2007-10-20: Why mail systems should not defer rejections to RCPT TO time
2007-10-19: Some notes on booting single user in x86 Solaris 10
2007-10-18: The Python marshal module versus the cPickle module
2007-10-17: Our experience with Linux's strict overcommit mode
2007-10-16: Our old mail system's configuration
2007-10-15: The arrogance of trying to design for long term storage management
2007-10-14: Why I think identity blurs into authority
2007-10-13: Weekly spam summary on October 13th, 2007
2007-10-12: Getting your networks to your racks
2007-10-11: A gotcha with command order in pipes
2007-10-10: How to properly look up hostnames from IP addresses
2007-10-09: A silly trick with X
2007-10-08: I have new system enthusiasm
2007-10-07: An improvement in my comment spam precautions
2007-10-06: Weekly spam summary on October 6th, 2007
2007-10-05: Why we don't use cable management arms
2007-10-04: The corollary to who actually benefits from bug reports
2007-10-03: A basic principle of system design
2007-10-02: A gotcha with 'bidirectional' pipes to commands
2007-10-01: How Exim determines the retry time for local deliveries
2007-09-30: Understanding Exim's weird way of doing retries
Weekly spam summary on September 29th, 2007
2007-09-29: The first rule of free email-based services
2007-09-28: Phase objects: simple decent error reporting for Python programs
2007-09-27: Fixing Ubuntu's ethN device names when you swap hardware
2007-09-26: Thinking about why Apache waits for CGIs to close standard output
2007-09-25: How to clear Solaris Volume Manager metadb replicas on Solaris 10 x86
2007-09-24: Assume the existence of folklore among your users
2007-09-23: Names are not cheap
2007-09-22: Weekly spam summary on September 22nd, 2007
2007-09-21: An interesting bind(2) failure
2007-09-20: Websites should not accept random parameters in requests
2007-09-19: The benefit of chronological blog navigation
2007-09-18: Linux NFS client kernel tunable settings
2007-09-17: How mmap(2) requires a unified buffer cache
2007-09-16: In praise of Python's Global Interpreter Lock
2007-09-15: Weekly spam summary on September 15th, 2007
2007-09-14: A thought on untyped languages
2007-09-13: Limiting a process's memory usage on Linux
2007-09-12: Mass scanning via POP3
2007-09-11: Why I dislike ATX power supplies
2007-09-10: A small drawback of 64-bit machines
2007-09-09: Rethinking my views of Fibrechannel
2007-09-08: Weekly spam summary on September 8th, 2007
2007-09-07: My view of what 'strongly typed' means
2007-09-06: When you don't want RAID-5
2007-09-05: Where to find specifications on HTTP POST behavior
Features that I wish ZFS had
2007-09-03: Why syndication feed readers ignore an entry's 'last updated' time
2007-09-02: I wish mailers had a real programming language
2007-09-01: Weekly spam summary on September 1st, 2007
2007-08-31: Partial entry syndication feeds and updated entries
2007-08-30: Using reverse proxies to unify web sites
2007-08-29: One limitation of internal charges
2007-08-28: A gotcha with Solaris Volume Manager metasets
2007-08-27: On the naming of machines (part 2)
2007-08-26: A limitation in Linux's policy based routing
2007-08-25: Weekly spam summary on August 25th, 2007
2007-08-24: Linux and accidentally multipathed disks
2007-08-23: The excessive cleverness of some people's reverse DNS
2007-08-22: Redirecting traffic to another machine with Linux's iptables
2007-08-21: The dilemma of website facing
2007-08-20: Recognizing phish spam from exceedingly RFC compliant mailers
2007-08-19: A realization about breadcrumbs
2007-08-18: Weekly spam summary on August 18th, 2007
2007-08-17: A thesis about language niches
2007-08-16: How not to set up your DNS (part 17)
How to tell a DNS no data reply from a lame delegation
2007-08-15: The problem that built C++ (a thesis)
2007-08-14: The benefits of growing your toolbox
2007-08-13: One problem with distributed identity systems
2007-08-12: Adventures in network design, illustrated by our new backbone connection
Weekly spam summary on August 11th, 2007
2007-08-11: On the performance of Python longs being used as bitmaps
2007-08-10: Clever large integers
2007-08-09: A gotcha with the format of dump archives
2007-08-08: Explaining some university staff peculiarities
2007-08-07: A surprise with the Provides header in RPM
2007-08-06: Implementing a preforking network server in Python
2007-08-05: Thinking about more text formatting for DWiki
2007-08-04: Weekly spam summary on August 4th, 2007
2007-08-03: The scope of shell history
Using WSGI for performance tuning
2007-08-02: Link: XML on the web summarized
2007-08-01: A ZFS-based fileserver design
2007-07-31: Consequences of allowing packages to quiz users at install time
2007-07-30: What we want out of our new fileserver design
2007-07-29: My standard for clear idioms in personal code
2007-07-28: Weekly spam summary on July 28th, 2007
2007-07-27: How big is the Slashdot effect?
2007-07-26: An unexpected performance stress test for DWiki
2007-07-25: Solaris Volume Manager and iSCSI: a problematic interaction
2007-07-24: Using iSCSI and AOE to create artificial disk errors
2007-07-23: An interesting issue when yum upgraded gaim
2007-07-22: Universities are not businesses: an implication
2007-07-21: Weekly spam summary on July 21st, 2007
2007-07-20: The downside of a unified buffer cache
2007-07-19: A safety tip: keep your different sorts of source trees separate
2007-07-18: Why I like Python's large integer support
2007-07-17: Random passwords are not necessarily good passwords
2007-07-16: Why SSL and name-based virtual hosts don't get along
2007-07-15: Problems I see with the ATA-over-Ethernet protocol
Weekly spam summary on July 14th, 2007
2007-07-14: Linux kernel asynchronous IO doesn't work on sockets
2007-07-13: You can't change a Python function's local variables from outside
2007-07-12: An interesting mistake with ZFS and iSCSI
2007-07-11: Why I wish Python had assignment in conditionals
2007-07-10: Thinking about the Python equivalents of C's !! double negation
2007-07-09: How many bits of information are in a password?
How not to set up your DNS (part 16)
2007-07-08: A suggestion for HMAC signature construction
2007-07-07: Weekly spam summary on July 7th, 2007
2007-07-06: What the flags on DNS query responses mean
How not to set up your DNS (part 15)
2007-07-05: What OpenID is good for
2007-07-04: What OpenID is (and is not)
Problems with EXA X acceleration on ATI cards in Fedora Core 6
2007-07-03: How not to set up your DNS (part 14)
2007-07-02: What the unified buffer cache is unifying
2007-07-01: The optimization rule for systems
2007-06-30: Weekly spam summary on June 30th, 2007
2007-06-29: The stupidity of being nickled and dimed by vendors
Why forwarding all email for users is dangerous
2007-06-28: Why I don't like inverted if conditionals
2007-06-27: Why you can't use object.__new__ on everything
2007-06-26: A small update on comment spammer behavior
2007-06-25: ZFS's issues with long term storage management
The advantage of a SAN
Painless long term storage management without disturbing users
2007-06-23: Weekly spam summary on June 23rd, 2007
2007-06-22: One reason why the Debian package format is not my favorite
A thought on web server capacity measurement
2007-06-20: More on slot wrapper objects
2007-06-19: Thinking about types of bugs (and static analysis)
2007-06-18: What are slot wrapper objects?
2007-06-17: A use for CSS adjacent selectors
2007-06-16: Weekly spam summary on June 16th, 2007
2007-06-15: Why I am in system administration instead of programming
2007-06-14: Getting source RPMs with yumdownloader (part 2)
2007-06-13: What NFS file-based locking problems can happen
2007-06-12: 'Argument list too long' is a misleading message
2007-06-11: Getting source RPMs with yumdownloader
2007-06-10: How NFS is unreliable for file-based locking
2007-06-09: Weekly spam summary on June 9th, 2007
2007-06-08: Some thoughts on Slashdot's moderation system
2007-06-07: Why I hate firewalls, especially stateful firewalls
2007-06-06: Why you want a filesystem consistency checker
2007-06-05: RPM's multi-architecture file ownership problem
2007-06-04: RAID-5 versus RAID-6
Why we need our SAN RAID controllers to support logical drives
2007-06-02: Weekly spam summary on June 2nd, 2007
2007-06-01: Why our Solaris fileservers still use the automounter
2007-05-31: Please test your error paths
2007-05-30: A gotcha with the automounter and loopback mounts
2007-05-29: On storing source code in some non-text format
2007-05-28: Why ZFS's data integrity is less important than Solaris's usability
2007-05-27: Paying for security exploits
2007-05-26: Weekly spam summary on May 26th, 2007
2007-05-25: If you want work done, you need to pay for it
The risks of spam filtering (part 1)
2007-05-24: Firefox preferences settings that I use
2007-05-23: The danger of a web server writeable document area
2007-05-22: A case for breaking the web server ownership guidelines
2007-05-21: Linux is a Unix
2007-05-20: Properties relevant to finding what class supplies a method
2007-05-19: Weekly spam summary on May 19th, 2007
2007-05-18: The difficulty of throwing things away
2007-05-17: Determining what superclass supplies a method in Python
2007-05-16: My rules of thumb for picking conference talks
2007-05-15: Sizing your swap space (part 2)
2007-05-14: Sizing your swap space (part 1)
2007-05-13: Unix folklore: your swap should be twice your RAM
2007-05-12: Weekly spam summary on May 12th, 2007
2007-05-11: Building your own kernel with the Fedora kernel configuration
2007-05-10: The other problem with network booting
2007-05-09: CSS separates layout from content less than you'd like
2007-05-08: Supporting the real world
2007-05-07: What computer security is
2007-05-06: What Linux bind mounts are really doing
2007-05-05: Weekly spam summary on May 5th, 2007
2007-05-04: A little twitch I have in X Windows
2007-05-03: A stupid switch configuration trick
2007-05-02: My view of Ubuntu
2007-05-01: Some good practices for web servers
2007-04-30: Being specific about where your systems are
2007-04-29: What matters about object oriented operating systems
Weekly spam summary on April 28th, 2007
2007-04-28: Why I no longer bother to complain to ISPs about spam
2007-04-27: My view of Solaris 10 summarized
2007-04-26: A clever way of doing IP address assignment
2007-04-25: What do Unix errno values mean?
2007-04-24: RPC is surprisingly expensive
2007-04-23: Extra security systems for Unix should be explicit, not implicit
2007-04-22: Why Red Hat 7.3 is (still) so present on servers
2007-04-21: Weekly spam summary on April 21st, 2007
2007-04-20: Why organizations buy software from commercial companies
2007-04-19: A thought about attitudes towards support requests
2007-04-18: An advantage of CSS layouts for accessibility
2007-04-17: Why the University of Toronto can't just use Google Mail
A disappointment with ZFS
2007-04-16: Using CSS instead of tables is still using a hack
2007-04-15: chkconfig --add considered misleading
2007-04-14: Weekly spam summary on April 14th, 2007
2007-04-13: A little gotcha about binding services to interfaces
2007-04-12: Why Evolution is not my favorite mail reader
2007-04-11: Users don't really benefit from filing bug reports
2007-04-10: A limitation of Debian's /etc/network/interfaces control file
2007-04-09: Why indirect xdm probably doesn't work on your Linux machine
2007-04-08: A limitation of Python properties
Weekly spam summary on April 7th, 2007
2007-04-07: An interesting observation about web cracker behavior
2007-04-06: Why network booting is not a good answer
2007-04-05: Wanted: remote controllable DVD drives
An irritation about rails
2007-04-04: A brief sad note about root passwords
Social problems are the real problems
2007-04-03: Why charging for email won't do what people want
2007-04-02: Some lighttpd bits
2007-04-01: An advantage of virtualization for license servers
Please leave IOError and OSError alone
Weekly spam summary on March 31st, 2007
2007-03-31: Created functions and exception stack backtraces
Microsoft has another problem
Link: you are what you code
A simple debugger feature that I would really like
2007-03-30: What an Ethernet splitter looks like
2007-03-29: Usability issues with blog URLs
2007-03-28: A surprise to remember about starting modern machines
Dual identity routing with Linux's policy based routing
2007-03-27: The VPN routing problem
Some problems with iSCSI on Solaris 10 (on x86)
2007-03-26: Quality Solaris 10 software:
2007-03-25: Fitts' Law and edge-flipping in window managers
2007-03-24: Weekly spam summary on March 24th, 2007
How comment spammers behave
Randomly engaging NumLock considered irritating
2007-03-23: Counterintuitive RAID read performance
2007-03-22: An irony of conditional GET for dynamic websites
Making user home directories on a stock Solaris machine
2007-03-21: Users are almost always right
2007-03-20: On educating users
2007-03-19: The three strata of virtualization
2007-03-18: Why Unix setuid is incompatible with real network filesystems
2007-03-17: Weekly spam summary on March 17th, 2007
2007-03-16: GRE is a translucent tunnel
Things I have learned while doing GRE tunnels on Linux
2007-03-15: An annoying limitation of Linux IPSec
2007-03-14: The problem of machine startup order dependencies
2007-03-13: Machine room archaeology
What I currently do to stop comment spam on WanderingThoughts
2007-03-12: New warning messages might as well be fatal errors
2007-03-11: I consider __dict__ an implementation detail
Weekly spam summary on March 10th, 2007
2007-03-10: What a sysadmin's machine should be able to do
2007-03-09: Why hashcash schemes for email will never be adopted
2007-03-08: A bad popup dialog
A belated set of more power consumption numbers
2007-03-07: A gripe about sun.com
2007-03-06: Why I don't like USB keyboards
2007-03-05: Some useful new Linux software RAID features
2007-03-04: Handling lines with something-separated fields for Python
Weekly spam summary on March 3rd, 2007
2007-03-03: On useful front-panel LEDs
2007-03-02: A story of network weirdness
2007-03-01: An irritating limitation of listening sockets
2007-02-28: Using Unix domain sockets from Python
2007-02-27: Things I did not know about until recently: Ethernet splitters
2007-02-26: Things I have learned about effective sysadmin meetings
2007-02-25: Ordered lists with named fields for Python
How CSLab currently does email anti-spam stuff
Weekly spam summary on February 24th, 2007
2007-02-24: Thesis: any server push technology inevitably breeds spam
The problem with browser minimum font size settings
Most world-editable wikis are doomed
Some things to remember when implementing __getitem__
2007-02-23: The downside of distinctive hostnames
2007-02-22: A simplified summary of Python's method resolution order
My zeroth law of compromised machines
A note about the ordering of mixin classes
2007-02-21: Fixing Python's string .join()
The quick overview of DiskSuite failover
2007-02-20: Getting around LiveJournal's new minimum page width
2007-02-19: What I currently know about Fibrechannel versus iSCSI versus AoE
Another aphorism of system administration
2007-02-18: Why we do NFS fileserving with a SAN
Weekly spam summary on February 17th, 2007
2007-02-17: Programming fun
2007-02-16: I hate hardware (Dell 2950 edition)
QOTD: There are three types of authentication
2007-02-15: Something all full-service backup systems should have
2007-02-14: RPM tricks for dealing with multiarch machines
2007-02-13: On Python's grammar
2007-02-12: Why thin clients are doomed (part 2)
2007-02-11: How to do locking in shell scripts
2007-02-10: Weekly spam summary on February 10th, 2007
A temptation with challenge/response anti-spam systems
Link: Why the ease of installing Java matters
2007-02-09: What System V did to the poor ln command
2007-02-08: The danger of validating your XHTML
2007-02-07: Why I think thin clients are doomed
2007-02-06: What the Solaris 8 nfs3_max_threads parameter probably controls
2007-02-05: An irritation with yum localupdate
Another small user interface suggestion
2007-02-04: A sysadmin twitch about dump
2007-02-03: Weekly spam summary on February 3rd, 2007
2007-02-02: A modern environment's need for broadband
Why don't SQL servers do a lot of caching?
2007-02-01: Transparent versus non-transparent caching
2007-01-31: The inherent fragility of complex systems (in system administration)
Why I am not fond of DHCP in lab environments
2007-01-29: A gotcha with <textarea>
How to have your web spider irritate me intensely (part 2)
2007-01-28: Why DWiki doesn't use fully REST-ful URLs
Weekly spam summary on January 27th, 2007
2007-01-27: Why I think that DNS whitelists are going to fail
2007-01-26: First impressions of pyOpenSSL
2007-01-25: A clever trick to deal with students powering off workstations
2007-01-24: An irritation with current GUI interfaces
2007-01-23: How to stop DiskSuite resyncing a mirror on Solaris 8
2007-01-22: Why host authentication has to check who the certificate belongs to
2007-01-21: Sometimes system administration requires a hacksaw
2007-01-20: Weekly spam summary on January 20th, 2007
Browsers are the wrong place to report HTML validation errors
2007-01-19: Link: Peter Gutmann on PKI
2007-01-18: Why I want direct certificate checking instead of having to rely on CAs
2007-01-17: A grump about the socket module's SSL support
2007-01-16: Why I don't have a GPG key
2007-01-15: Configuring VLANs on Fedora Core
2007-01-14: Wrapping exceptions versus propagating them untouched
An alarming reflex in my use of find
2007-01-13: Weekly spam summary on January 13th, 2007
2007-01-12: The easy way to get me to not comment on a weblog
2007-01-11: Xen versus VMware for me
An interesting Bourne shell limitation
2007-01-10: A gotcha with inetd/xinetd and popular UDP services
2007-01-09: Solving an automounter timeout problem with brute force
2007-01-08: What I really want from an automounter
2007-01-07: Another issue with C's volatile
2007-01-06: Weekly spam summary on Janury 6th, 2007
Fixing up .rpmnew files
2007-01-05: Henry Spencer on C's volatile
2007-01-04: The scars of my NPTL experience
2007-01-03: The problem with C's volatile qualifier
2007-01-02: My current views on webmail providers
2007-01-01: Solaris's impressive ABI compatibility
Link: Threads Cannot be Implemented as a Library
2006-12-31: A (Solaris 8) automounter irritation
2006-12-30: Weekly spam summary on December 30th, 2006
2006-12-29: What can go wrong if your compiler is not thread aware
2006-12-28: A thought on the advance of X auto-configuration
2006-12-27: Solaris 8 DiskSuite's lack of good monitoring
HTTP as it is seen in the wild
2006-12-26: Link: OpenBSD spamd
Link: varnish, a HTTP accelerator
2006-12-25: The problem with #ifdef
A thought of the day
Link: A lovely summary of the XHTML issue
2006-12-24: What Google Sitemaps isn't
2006-12-23: Weekly spam summary on December 23rd, 2006
2006-12-22: Another example of why Bourne shell quoting makes me grumpy
2006-12-21: Something to avoid in callback email address verification
2006-12-20: How many root DNS servers are reachable over Internet II?
2006-12-19: An Internet dependency
2006-12-18: A basic principle of website security
2006-12-17: How to get me to block your web ads in a flash
Weekly spam summary on December 16th, 2006
2006-12-15: An unsurprising discovery about spammer behavior
2006-12-14: Fedora Core's memory problem
2006-12-13: An example of Unix's slow fossilization
A SMTP implementor's conundrum
2006-12-12: A limitation of OpenBSD bridging NAT firewalls
2006-12-10: An irony of web serving
Weekly spam summary on December 9th, 2006
2006-12-09: How DWiki uses partial function evaluation
2006-12-08: What I want out of a Linux partitioning program
Why I don't expect result-oriented work hours to work out
2006-12-07: Another obnoxious discovery about Ubuntu's /var/run stuff
How not to set up your DNS (part 13)
2006-12-06: Setting up switches to avoid unwanted VLAN leakage
2006-12-05: A small annoyance with Unix wildcards
2006-12-04: How SSH achieves forward secrecy
2006-12-03: More fun with Python's indentation rules
2006-12-02: Weekly spam summary on December 2nd, 2006
2006-12-01: Ubuntu's attention to detail in init.d scripts
2006-11-30: How Python parses indentation
2006-11-29: Turning off HTTP basic authentication in urllib
2006-11-28: Progress towards an all 64-bit application world
2006-11-27: Some words of wisdom on email certification programs
Why I don't rip my CDs
2006-11-26: An irritating X Windows limitation with wheel mice
Link: Serif vs. Sans Serif Legibility
Weekly spam summary on November 25th, 2006
2006-11-25: The quest for a nice Linux CD player application
2006-11-24: A classical Unix tape gotcha
2006-11-23: Why I don't file bug reports very often
2006-11-22: Why ssh validates host keys using the exact name you supplied
2006-11-21: A small script: bsearch-nums
2006-11-20: A DiskSuite annoyance: metastat
2006-11-19: How https: should work
Weekly spam summary on November 18th, 2006
2006-11-18: Link: Golden Rules for Bad User Interfaces
Should you care about whether you can upgrade hardware?
The good old days of Unix
2006-11-17: How to quiesce NFS traffic the brute force way
2006-11-16: An annoying omission in the Solaris 8 DiskSuite toolset
2006-11-15: A little regexp thing to remember about \b (and \w)
Why the Bourne shell is not my favorite language
2006-11-14: Some more power consumption numbers
2006-11-13: People aren't suspicious
2006-11-12: Some ways to break your syndication feed
Broken syndication feeds are worse than no feed
2006-11-11: Weekly spam summary on November 11th, 2006
A thought about disaster recovery planning
2006-11-10: Link: On Bots
2006-11-09: A fundamental problem with challenge/response anti-spam systems
The importance of printable objects
2006-11-08: Link: Pumas on Hoverbikes
The quest for the mythical C.UTF-8 locale
2006-11-07: Link: Unicode Spaces
2006-11-06: HTML character sets
2006-11-05: An interesting Python garbage collection bug
2006-11-04: Weekly spam summary on November 4th, 2006
2006-11-03: Installing Wine on Fedora Core 5 x86_64
2006-11-02: Knowing things versus being able to prove them
2006-11-01: The downsides of remailing
2006-10-31: A Solaris 8 make bug
An Internet rule of thumb
2006-10-30: A brief Exim observation
First irritations with Fedora Core 6
2006-10-29: Python's assert is a weak debugging tool
2006-10-28: Weekly spam summary on October 28th, 2006
2006-10-27: In (modest) praise of Solaris DiskSuite
2006-10-26: Languages need comments
2006-10-25: Another advantage of distributed version control systems
2006-10-24: Google and YouTube
2006-10-23: A dump performance hint: the block size really matters
2006-10-22: Why cursors blink
2006-10-21: Weekly spam summary on October 21st, 2006
An irritating iptables limitation
2006-10-20: Why releases are important
2006-10-19: A paradox of ignorance
An Ubuntu astonishment
2006-10-18: CSS is assembly language
Getting your spam crossed
2006-10-17: Link: HTML Doctype declarations inventoried
An Amanda gotcha with dumps to disk
2006-10-16: Why have an MX record to yourself?
2006-10-15: On the various meanings of <tag />
2006-10-14: Weekly spam summary on October 14, 2006
2006-10-13: Why quoting in the Bourne shell makes me grumpy
Link: Warning Signs for Tomorrow
2006-10-12: How stable my AMD 64-bit systems have been
2006-10-11: Getting nice looking TrueType fonts on Fedora Core
A spectacular web spammer failure
2006-10-10: Cross building i386 RPMs on an x86_64 Fedora Core 5 machine
A trivial script: wcat
2006-10-09: I ♥ Fedora Extras
2006-10-08: A reason to read blogs in reverse chronological order
2006-10-07: Weekly spam summary on October 7th, 2006
2006-10-06: A Python quoting irritation
2006-10-05: Thoughts on machine identity
2006-10-04: A pyramid of little scripts: nsdig
2006-10-03: Some numbers for modern disk performance
2006-10-02: The longevity of old hardware
2006-10-01: The advantage of vendor packages
2006-09-30: Weekly spam summary on September 30th, 2006
2006-09-29: Gnome daemons you'll want to run in a custom environment
2006-09-28: Why I hate $LANG and locales on Unix
2006-09-27: How not to set up your DNS (part 12)
2006-09-26: Why people still like TCL/TK
Web site security theatre
2006-09-25: Some reactions to a dual monitor X setup
2006-09-24: Two approaches to Unix environments
Weekly spam summary on September 23rd, 2006
2006-09-22: A NFS mount accident on Linux
2006-09-21: The danger of relying on Javascript for input validation
An amusingly truthful hostname
2006-09-20: A peculiarity of hardware at universities
2006-09-19: One of the reasons I dislike SELinux
2006-09-18: Why /var/log/btmp may be using up a lot of space in your /var
My current view of Linux system filesystem sizes
2006-09-17: How to convert a time string in GMT to seconds since the epoch
2006-09-16: Weekly spam summary on September 16th, 2006
2006-09-15: The temptation of LVM
2006-09-14: A bonus to writing documentation
The brute-force way to install missing Solaris 9 packages
2006-09-13: The really irritating thing about voicemail
2006-09-12: A quick note about how extended partitions work
2006-09-11: Python's extra-clever help() function
'In place' filesystem defragmentation with Disksuite
2006-09-10: A thought on iTunes and similar online services
Weekly spam summary on September 9th, 2006
2006-09-09: Something I really wish vendor product pages did
2006-09-08: A Solaris 8 Disksuite single user mode surprise
I hate hardware (AMD CPU edition)
Link: IRON File Systems
2006-09-07: Industrial strength Python
Some wise words from Henry Spencer on backups
2006-09-06: How fast an LCD refresh rate is going to be fast enough?
2006-09-05: Stupid web spammer tricks
2006-09-04: A thought about interactive development environments
2006-09-03: Why writing documentation is no fun
2006-09-02: Weekly spam summary on September 2nd, 2006
2006-09-01: Link: The Single Unix Specification et al
Why Postfix is not my favorite mailer
2006-08-31: SIGCHLD versus Python: a problem of semantics
How dd does blocking
2006-08-30: A problem with debugging threaded Python programs
How to lose readers of your syndication feed
2006-08-29: An interesting filesystem corruption problem
Documentation should be cheap
2006-08-27: Documentation is not free
2006-08-26: Weekly spam summary on August 26th, 2006
2006-08-25: Please don't use session cookies
Another stupid spider mistake
2006-08-24: More on the Solaris ssh stuff (part 3)
How not to get our business
2006-08-23: Why I am irritated with evince
An update on impending changes to access to Solaris patches
2006-08-22: How not to set up your DNS (part 11)
Link: Csh Programming Considered Harmful
fork(), wait(), and threads
2006-08-21: Most new products are upgrades
How not to set up your DNS (part 10)
2006-08-20: Finally, a good reason to periodically reboot servers
2006-08-19: Weekly spam summary on August 29th, 2006
Documentation needs testing
2006-08-18: Why apt-get is not my favorite application (part 2)
2006-08-17: Idealist versus Realist
The quick secret to bootable USB keys
2006-08-16: The fun of 32-bit bugs
2006-08-15: Hardware RAID versus software RAID
2006-08-14: The importance of numerical literacy
Distributions: keep your hands off vi
2006-08-13: The real Bourne shell problem
2006-08-12: Weekly spam summary on August 12th, 2006
2006-08-11: An unhappy spam milestone
2006-08-10: A Bourne shell gotcha: redirection order
2006-08-09: A Bourne shell irritation
2006-08-08: Slashdot's tacit admission of failure
2006-08-07: A problem in Python's implementation of closures
2006-08-06: A fun little regular expression bug
2006-08-05: Weekly spam summary on August 5th, 2006
2006-08-04: My current set of Firefox extensions
2006-08-03: Link: When the "best tool for the job"... isn't.
How to irritate your successor (on Solaris)
2006-08-02: In praise of installing from Live CDs
2006-08-01: One serial problem I should remember
2006-07-31: The limitations of Unix atime
2006-07-30: XHTML on the web is for masochists
Weekly spam summary on July 29th, 2006
2006-07-29: Link: Ten Risks of PKI
Another little sysadmin twitch or two
2006-07-28: A plug for blastwave.org
2006-07-27: Unix files do not have creation times
2006-07-26: xterm's ziconbeep feature
2006-07-25: An awk idiom: getting fields backwards from the end of the line
Reading Unix manpages
2006-07-24: Link: Linguistic blindness illustrated
A brief history of cut and paste in X
Walking away from Slashdot: a story of design
2006-07-23: Weekly spam summary on July 22nd, 2006
2006-07-22: Solaris's sparseness
2006-07-21: What Linux distributions we use (and sort of why)
2006-07-20: Why I like Python more than Perl
Link: non-errors in English
2006-07-19: A sysadmin habit: screen locking
Using Python to test system behavior
Link: 'Document Centric'
2006-07-18: Why you can't mix wildcard IP port binding with other bindings
2006-07-17: Thesis: SMP is a failure for most Internet servers
2006-07-16: Weekly spam summary on July 15th, 2006
2006-07-15: A robot wish
2006-07-14: SELinux bites man: a story
Pointers to some SELinux explanations
2006-07-13: A thought on Linux installation versus Solaris 9 installation
2006-07-12: Why I like 'lib64' better than 'lib32' for the x86_64 transition
2006-07-11: Why nofollow is useful and important
2006-07-10: A suggestion for people with 'Out of Office' autoreplies
2006-07-09: Weekly spam summary on July 8th, 2006
2006-07-08: The problem of IT winning arguments
2006-07-07: Sysadmins are an overhead
2006-07-06: More on tabs
2006-07-05: On tabs
2006-07-04: A surprise with using object() instances
2006-07-03: Why Solaris is not my favorite operating system
2006-07-02: Weekly spam summary on July 1st, 2006
2006-07-01: Link: The virtual furniture police
Another annoying RSS feed trick
2006-06-30: Some thoughts on the Fedora Core 5 Gnome desktop
2006-06-29: screen -x
2006-06-28: The problem with cool URLs
2006-06-27: More on the Solaris ssh stuff (part 2)
Microsoft has a problem
2006-06-26: How not to report spam (part 1)
WSGI versus asynchronous servers
2006-06-25: Weekly spam summary on June 24th, 2006
2006-06-24: A problem with signals in Python
2006-06-23: Respecting Unix signals
2006-06-22: An extreme example of C preprocessor (ab)use
2006-06-21: A year (and a bit) of WanderingThoughts
More on the Solaris ssh stuff
2006-06-20: How to improve programming productivity
2006-06-19: Impending changes to access to Solaris patches
An odd choice of hostname
WSGI: the good and the bad
2006-06-18: Weekly spam summary on June 17th, 2006
2006-06-17: Metrics considered dangerous
2006-06-16: /etc/inittab versus /etc/rc.d
2006-06-15: How to have your web spider irritate me intensely
Dispelling a nightmare (a sysadmin tale)
2006-06-14: How to supply an IP address in Red Hat's Kickstart
2006-06-13: A web validation aphorism
2006-06-12: Why charging for things is deadly at a university
2006-06-11: Link: The Unix Heritage Society
Weekly spam summary on June 10th, 2006
2006-06-10: Fixing the bad Solaris ssh patch
2006-06-09: Seeing Quicktime movie trailers on Fedora Core 5
2006-06-08: Some computer power consumption numbers
2006-06-07: Some Fedora Core 5 experimentation
2006-06-06: Internet Distance (In Memoriam)
2006-06-05: A Python coding mistake
People are ordinary
2006-06-04: Weekly spam summary on June 3rd, 2006
2006-06-03: The fundamental problem of spam
2006-06-02: An object identity gotcha in Python
2006-06-01: Link: a Unix sysadmin rosetta stone
The cynical take on nofollow
2006-05-31: A simple way to get a disk space usage summary
Fiddling with X selections from shell scripts
2006-05-30: An shell script idiom for choosing what file to operate on
2006-05-29: An obvious way to do bulk initialization of dictionaries
2006-05-28: Weekly spam summary on May 27th, 2006
2006-05-27: Today's dilemma: wiki page or blog entry?
2006-05-26: A message you do not want to see from your backup software
The problem with treating RAID arrays as single disks
2006-05-25: Link: Classic Mistakes Enumerated
A Linux su surprise
SCGI is a form of caching
2006-05-24: The not so secret history of vmlinuz
2006-05-23: Link: Why overtime is bad for everyone
A defense of Unix that always irritates me
2006-05-22: A little failsafe feature in 3-prong electrical plugs
2006-05-21: My mistake with the Host: HTTP header
Weekly spam summary on May 20th, 2006
2006-05-20: Things that irritate me about Python's socket module
2006-05-19: Some modest suggestions on vendor tradeshow giveaways
2006-05-18: The future of spam is advance fee fraud
2006-05-17: Where to find package inventories on Solaris 9
2006-05-16: A Python limit I never expected to run into
2006-05-15: PlanetLab hammers on robots.txt
2006-05-14: Absolute versus relative URLs in syndication feeds
Link: an engineering management hack
A small user interface suggestion
Weekly spam summary on May 13th, 2006
2006-05-13: Safely updating Unix files
2006-05-12: The problem with preforking Python network servers
2006-05-11: Building a boot floppy for BIOS flashing
2006-05-10: Another really stupid web spider
The practical cost of forking in Python
2006-05-09: Bad patch management at Sun
2006-05-08: Link: an excerpt from On Writing Well
A really stupid web spider
2006-05-07: Link: Search engine page size limits for indexing
SCGI versus FastCGI
Weekly spam summary on May 6th, 2006
2006-05-06: Using a stock kernel.org kernel on Fedora Core 5
2006-05-05: Link: Readable colour text combinations
Peeking under mount points with NFS
2006-05-04: A subtle advantage of simple wikis
2006-05-03: Fedora Core 5's missing 32-bit shared library symlinks
2006-05-02: CSS and syndication (another CSS limitation)
2006-05-01: Emergency repairs with GRUB
2006-04-30: Weekly spam summary on April 29th, 2006
2006-04-29: Another little script: field
2006-04-28: Some first impressions of Fedora Core 5
2006-04-27: A picture of what university IT is like
2006-04-26: Common web spider mistakes
2006-04-25: Linux's %iowait statistic
2006-04-24: People are social
2006-04-23: The sort of command line I can wind up typing
Some CBL stats for the week ending on April 22nd, 2006
Weekly spam summary on April 22nd, 2006
2006-04-22: Link: Scaling Apache at ftp.heanet.ie
2006-04-21: Working on RPMs with quilt: an illustrated guide
A CSS limitation: it's not supported by lynx
2006-04-20: The spread of syndication
2006-04-19: A gotcha with analyzing syslog logs
2006-04-18: How Solaris matches names in NFS exports
2006-04-17: What do variable names mean (in Python and elsewhere)?
2006-04-16: Weekly spam summary on April 15th, 2006
2006-04-15: The problem of the growth of syndication feeds
Public interfaces and Solaris 9 patchadd exit codes
2006-04-14: Why del has to be a Python builtin
2006-04-13: An obnoxious RSS feed trick
2006-04-12: Something to remember about networking restarts
2006-04-11: A little script: howmany
2006-04-10: xiostat: better Linux disk IO statistics
The fun and charm of quoting URLs properly
2006-04-09: Weekly spam summary on April 8th, 2006
2006-04-08: Apple joins the webmail hall of shame
A common socket programming mistake: not handling short IO
2006-04-07: A bash irritation
A pleasing Python regularity with __future__
Some quick SMTP connection statistics
2006-04-06: Some things about smpatch
2006-04-05: Keeping up with new Python features
The other dynamic linking tax
2006-04-04: Why I don't like resorting to caching
2006-04-03: An ugly spam attempt
Spiders should respect rel="nofollow"
2006-04-02: Weekly spam summary on April 1st, 2006
2006-04-01: The best April Fools joke I've seen here
A Firefox CSS irritation
2006-03-31: The perfection trap: a lesson drawn from Worse is Better
The difficulty of punishing people at universities
2006-03-30: What disk IO stats you get from the Linux kernel
2006-03-29: Easier Solaris patch management with pca
2006-03-28: Hotmail spam stats revised
Using threading to implement a 'busy' cursor (a tale from long ago)
2006-03-27: A helpful Apache safety tip
2006-03-26: Weekly spam summary on March 25th, 2006
2006-03-25: A little gotcha with os.path.join
2006-03-24: Setting up to build RPMs
2006-03-23: Side effects are bad: a personal illustration
We apologize for the disruption in syndication feeds
Atom versus RSS
Solaris patch exit codes and what they mean
2006-03-22: Google Desktop and conditional GET (part 2)
2006-03-21: The backend for our recent mirroring
2006-03-20: An optimization thought
2006-03-19: Weekly spam summary on March 18th, 2006
2006-03-18: Some little things Firefox gets right
2006-03-17: How not to set up your DNS (part 9)
The problem with LiveJournal
2006-03-16: A tricky memoization decorator
2006-03-15: The aftermath of our mirroring
2006-03-14: Some problems with iostat on Linux
2006-03-13: Preparing a high load web mirror setup
2006-03-12: A DNS realization
Weekly spam summary on March 11th, 2006
2006-03-11: Web design trends that I don't understand (part 1)
2006-03-10: Why dynamic linking
The dynamic linking tax on fork()
2006-03-09: Making things simple for busy webmasters
Closures versus classes for capturing state
2006-03-08: Thinking about project failures
2006-03-07: A modular approach to Apache configuration
2006-03-06: How not to set up your mail server (part 1)
A thought about Technorati
2006-03-05: Weekly spam summary on March 4th, 2006
2006-03-04: os.walk can be surprisingly slow
2006-03-03: Visualizing dynamic program flow
2006-03-02: A robots.txt surprise
The :; shell prompt trick
2006-03-01: Unicode is not simple
2006-02-28: Practical RAID-1 read balancing
A sad day for SGI: it's now a spammer
A web spider update: not actually Uptilt's web spider
A surprising effect of RAID-1 resynchronization
2006-02-27: Python's extra-clever function parameters
2006-02-26: Weekly spam summary on February 25th, 2006
The hassle of email (as compared to RSS)
2006-02-25: More clever (ab)use of and and or
A trick for handling mutable default arguments
2006-02-24: Wanted: RSS feeds for vendor software updates
2006-02-23: Checking systems with RPM verification (part 1)
2006-02-22: Peter Drucker on the Five Deadly Business Sins
2006-02-21: An annoyance with $PATH on Red Hat
2006-02-20: More on regular expression performance
2006-02-19: Irony in a Referer spammer
Weekly spam summary on February 18th, 2006
2006-02-18: Automation promotes action
Stupid web spider tricks
2006-02-17: Some regular expression performance surprises
2006-02-16: An interesting IDE to SATA migration problem
2006-02-15: Fun with control characters and the web
2006-02-14: An advantage of using a non-standard shell
2006-02-13: GNU bc for the birthday paradox
The problem with <pre>
2006-02-12: Weekly spam summary on February 11th, 2006
2006-02-11: The return of how to get your web spider banned
2006-02-10: The charm of Sun's Freeware collection
Session IDs and the Birthday Paradox
2006-02-09: Using the tempfile module to get temporary files
2006-02-08: The id attribute considered dangerous
2006-02-07: $PATH in Solaris
2006-02-06: The sysadmin's life
More on simple markup languages
2006-02-05: Weekly spam summary on February 4th, 2006
2006-02-04: Why simple markup languages make sense
2006-02-03: Van Jacobson illustrates the importance of cache effects
2006-02-02: The rise of wikiblogs
2006-02-01: A suggestion: read your own syndication feed
2006-01-31: Getting console messages in X
2006-01-30: An impending Debian derailment
2006-01-29: Weekly spam summary on January 28th, 2006
2006-01-28: A bad product name
2006-01-27: Pointer: The Unix-Haters Handbook
2006-01-26: A Unix annoyance
2006-01-25: Site navigation stuff goes on the right side
2006-01-24: A digression on spelling
2006-01-23: Why case independent filenames are a bad idea
2006-01-22: Weekly spam summary on January 21st, 2005
2006-01-21: Please have stable ids for your feed entries
2006-01-20: The limits of web spider tolerance
2006-01-19: A Python length gotcha
2006-01-18: A portability gotcha with accept()
2006-01-17: The economics of CPU performance
2006-01-16: Some words of wisdom for all ISPs
The danger of specific errno values
2006-01-15: How not to set up your DNS (part 8)
Weekly spam summary on January 14th, 2006
2006-01-14: Writing HTML considered harmful
2006-01-13: An unconventional reason for large RAID stripe sizes
2006-01-12: How not to set up your DNS (part 7)
On not logging things
2006-01-11: Recording attribute access and method calls
2006-01-10: The peculiar effects of grant funding at universities
2006-01-09: How Linux names network interfaces
2006-01-08: Weekly spam summary on January 7th, 2006
Towards assessing SORBS' false positive rate
2006-01-07: Some notes on Solaris 9's Sunscreen IP filtering package
2006-01-06: The old nameserver glue record hell
2006-01-05: Is concurrency 'hard'?
2006-01-04: Python synergies in list addressing
2006-01-03: In practice, there are multiple namespaces for URLs
2006-01-02: Universities are peculiar places
2006-01-01: Weekly spam summary on December 31st, 2005
2005-12-31: Notes on getting a Solaris hardware inventory
A logical consequence of def being an executable statement
2005-12-30: On Lisp's fundamental data structure
A Python surprise: the consequences of variable scope
2005-12-29: What I use asserts for
2005-12-28: Unix folklore: using multiple sync commands
2005-12-27: A thought about free software licenses
2005-12-26: Thinking about a closure confusion
2005-12-25: Weekly spam summary on December 24th, 2005
2005-12-24: When comment spammers attack
2005-12-23: Why the (Sun) JVM is irrelevant to me
2005-12-22: What I really want is error-shielding interfaces
2005-12-21: How to get your web spider banned from here
2005-12-20: Another problem of secrecy
A sociopolitical advantage of distributed version control
2005-12-19: Initializing Python struct objects with optional defaults
2005-12-18: Emulating C structs in Python
Weekly spam summary on December 17th, 2005
2005-12-17: The problem of secrecy
On the web, text colours are an all or nothing thing
2005-12-16: On the name of USB flash memory drives
2005-12-15: Another introspection trick
Reddit versus Digg: a little detail that matters
2005-12-14: A thing I don't like about Linux
2005-12-13: What Python threads are good for
2005-12-12: Waiting for both network IO and inter-thread notifications
2005-12-11: Weekly spam summary on December 10th, 2005
2005-12-10: How not to set up your DNS (part 6)
2005-12-09: A surprising hazard of running as root all the time
Security versus resilience
2005-12-08: How not to set up your DNS (part 5)
2005-12-07: Google Desktop and conditional GET
2005-12-06: How not to set up your DNS (part 4)
An explanation for the popularity of threads
2005-12-05: Dropping packets versus rejecting them in firewall rules
2005-12-04: Weekly spam summary on December 3rd, 2005
2005-12-03: CBL listings broken down by ISP
How to do TCP keepalives in Python
2005-12-02: Iptables modules that aren't in the iptables manpage
2005-12-01: Stopping brute-force ssh scans the easy way
2005-11-30: An advantage to introspection and an interactive interpreter
2005-11-29: A little gotcha in shell scripts
2005-11-28: How not to set up your DNS (part 3)
What Python's global interpreter lock does (and doesn't) protect
2005-11-27: Weekly spam summary on November 26th, 2005
2005-11-26: How not to set up your DNS (part 2)
How not to set up your DNS (part 1)
2005-11-25: Making self-signed SSL certificates with OpenSSL
A little sysadmin twitch
2005-11-24: Solaris 9's slow patch installs
Multiprocessors are a leaky abstraction
2005-11-23: A quick outline of Firefox extension structure
2005-11-22: How to fiddle with Firefox .jar files relatively easily
2005-11-21: Why I don't write 'if (NULL == foo)' in C code
2005-11-20: Weekly spam summary on November 19th, 2005
2005-11-19: Solaris 9 sendmail irritations
2005-11-18: SQL as metaprogramming
2005-11-17: Why Linux threads use up so much memory
2005-11-16: How not to do DNS for internal domains
2005-11-15: The scope of the peril of having a highly dynamic web site
2005-11-14: Banning MSNBot: an open letter to MSN Search
2005-11-13: Weekly spam summary on November 12th, 2005
2005-11-12: Why using local variables is fast in Python
2005-11-11: The importance of understanding Python's implementation
2005-11-10: How doing relative name DNS lookups can shoot you in the foot
2005-11-09: Using Python introspection for semi-evil
2005-11-08: Fun with DNS: a semi-obscure problem
2005-11-07: Examining Python's string concatenation optimization
2005-11-06: Weekly spam summary on November 5th, 2005
2005-11-05: Minimizing object churn to optimize Python code
2005-11-04: Modifying Linux kernel configuration options the easy way
2005-11-03: Fun with upgrading our backup server
2005-11-02: How well do some Atom feed fetchers do conditional GETs?
2005-11-01: Another tip: Label your hard drives
2005-10-31: A tip: Always include NAT in your Linux kernel configuration
2005-10-30: Weekly spam summary on October 29th, 2005
2005-10-29: Affiliate marketing is undead
The problem with If-Modified-Since as a timestamp
2005-10-28: Inside building RPMs with Python distutils
2005-10-27: Databases are APIs
2005-10-26: An example of why DBAs make money
2005-10-25: A smooth disk swap
2005-10-24: On banning web search engines
2005-10-23: One reason why I like Unix
Weekly spam summary on October 22nd, 2005
2005-10-22: A gotcha with Python and Unix signals
2005-10-21: How ETags and If-Modified-Since headers interact
MSNbot (still) has problems with binary files
2005-10-20: A Python surprise: exiting is an exception
Accidentally shooting yourself in the foot in Python
2005-10-19: Thoughts on Jakob Nielsen on weblog usability
2005-10-18: Another aphorism of system administration
2005-10-17: The Myth of Support (Part 3)
2005-10-16: Weekly spam summary on October 15th, 2005
2005-10-15: How Hotmail is doing on the spam front
Estimating search engine popularity
2005-10-14: On the naming of machines
2005-10-13: Try things out with new machines
2005-10-12: Really understanding availability numbers
2005-10-11: Improve your web experience by turning Javascript off
2005-10-10: A useful resource: gmane.org
2005-10-09: Troubleshooting versus support
Weekly spam summary on October 8th, 2005
2005-10-08: Exploring some spamblogs
Solaris 9 'Power management'
2005-10-07: Three levels of database usage
2005-10-06: First irritations with Solaris 9
2005-10-05: Thinking about redundant power supplies
2005-10-04: A left-field aphorism
Keeping changing systems stable
2005-10-03: Some important notes on getting all objects in Python
2005-10-02: Weekly spam summary on October 1st, 2005
2005-10-01: Some problems in common definitions of 'spam email'
The many consoles of Linux
2005-09-30: Pinging weblogs.com in Python
2005-09-29: Something C programmers should not write in Python code
2005-09-28: MSNbot goes crazy with RSS feeds
2005-09-27: Some hints on debugging memory leaks in Python programs
2005-09-26: A peril of having a highly dynamic web site
2005-09-25: Weekly spam summary on September 24th, 2005
2005-09-24: A spammer roundup
It's a multi-protocol world after all
2005-09-23: Be cautious with numbers in awk
The (probable) importance of accurate Content-Types
2005-09-22: Excluding buggy RPMs from a yum repository
2005-09-21: More Fedora Core 4 problems with X
What vendor updates are pending on your Linux system?
2005-09-20: Some words of wisdom for free webmail providers
Two Python import tricks
2005-09-19: Function definition order in Python
2005-09-18: Weekly spam summary on September 17th, 2005
2005-09-17: Demon Internet joins the webmail hall of shame
2005-09-16: Getting a list of all objects in Python
Web browsers make bad text editors
2005-09-15: Efficiently distributing huge files to lots of workstations
2005-09-14: Why I really dislike the Singleton design pattern
2005-09-13: Concurrency is tricky
The problem of being overcautious
2005-09-12: Things not do for your network daemon's debugging option
The annoyance of arbitrary limits
2005-09-11: Weekly spam summary on September 10th, 2005
Comment spam writ large
2005-09-10: Hotmail's Other Spam Problem
Hotmail has a spam problem
More Fedora Core 4 Anaconda fun
2005-09-09: When Python classes are pointless
2005-09-08: Another Fedora Core 4 Anaconda bug
2005-09-07: The MSN search spider has gone crazy
2005-09-06: Two sides of Internet identity
2005-09-05: Why print-based debugging is so popular
2005-09-04: Weekly spam summary on September 3rd, 2005
2005-09-03: Varying interpretations of improper CIDRs
2005-09-02: The 'Trade Press' and blogs
2005-09-01: On blocking access from large IP ranges
2005-08-31: LILO vs GRUB: why LILO still wins for servers
2005-08-30: The Version Control System dependency problem
2005-08-29: Python's dangerous automatic Unicode conversions
2005-08-28: Weekly spam summary on August 27th, 2005
2005-08-27: How not to package software in RPMs
2005-08-26: Two faces of RSS
2005-08-25: Explaining rubber duck debugging
2005-08-24: Another aphorism of system administration
Completely using an alternate yum configuration
2005-08-23: Diagnosing an install problem: a case study in indirect failures
2005-08-22: On being nibbled to death by moths
2005-08-21: Weekly spam summary on August 20th, 2005
Mutating Referer Spammers
2005-08-20: Disk setup in our Fedora Core 4 Kickstart environment
2005-08-19: The March of the Cheap
2005-08-18: The pains of modern disk storage
2005-08-17: Parallelizing DNS queries with split
Remember to think about the scale of things
Annoying RSS Feed Tricks
2005-08-16: Things that could happen to your backups
2005-08-15: Check your backups
2005-08-14: Weekly spam summary for August 13th, 2005
Those amusing Referer spammers
2005-08-13: The anatomy of a DWiki bug
2005-08-12: Chiming in on static versus dynamic typing
2005-08-11: Some interesting software tools (part 1)
An aphorism of system administration
2005-08-10: Why open source needs distributed version control
2005-08-09: My first comment spam
2005-08-08: Security is a pain
2005-08-07: XBL rejection stats, August 6th 2005
2005-08-06: The importance of 'transparency' in data structures
2005-08-05: Perimeter firewalls and universities
2005-08-04: Keep your hands off my font size
2005-08-03: Why Perl is not my favorite language
2005-08-01: Multilevel list comprehensions in Python
Spam breakdown by SBL listing, July 31st 2005
2005-07-31: Spam storm aftermath, July 30th 2005
2005-07-30: Briefly doing DNS queries in Perl
2005-07-29: How spammers seem to be coping with greylisting
2005-07-28: Doing DNS queries in Python
2005-07-27: Spam Storm, July 26th 2005
2005-07-26: What ASNs are most actively spamming us
2005-07-25: Reliably archiving things
2005-07-24: Spam summary for July 23rd 2005
The necessary evolution of mail servers
2005-07-23: The Myth of Support (Part 2)
2005-07-22: The Myth of Support (Part 1)
2005-07-20: Please produce useful error messages
2005-07-19: Exceptions as efficient programming
Exceptions and casual programming
2005-07-17: Skills I use when troubleshooting
How many places actually send us email?
2005-07-15: First Irritations with Fedora Core 4
How AMD killed the Itanium
2005-07-13: The legend of Debian Linux
2005-07-12: Chasing a problem in our Gnome customizations
2005-07-11: Adding submenus to Gnome
2005-07-10: Tools versus frontends in systems programs
2005-07-09: The minimum antispam features of a modern SMTP server
2005-07-08: Why apt-get is not my favorite application
2005-07-07: What RSS can learn from Usenet
2005-07-06: Mozilla versus SeaMonkey
2005-07-05: Fedora Core 4's buggy Anaconda
2005-07-04: The big trick of running lots of systems
There's two sorts of large systems
2005-07-03: Checking for dead DNSBls
2005-07-02: What shouldn't be a method function
2005-07-01: Why this site has almost no design
2005-06-29: Reconsidering network authentication delays
2005-06-28: Scripting and automation capture knowledge
2005-06-27: Some quick CBL stats
Dangerously over-broad error catching
2005-06-26: Some spam stats at June 25th, 2005
2005-06-24: An open letter to free webmail providers
An unchanging system should be stable
2005-06-23: A real use for staticmethod
2005-06-22: Future Sysadmin Jobs
2005-06-21: The problems with enforced UTF-8 only filenames
2005-06-20: Small details can matter (or: a little nifty Python bit)
2005-06-18: SMTP IP firewall stats at June 18th, 2005
2005-06-17: The problem with CPAN (and other similar systems)
2005-06-16: AJAX vs Dialups
Iterator & Generator Gotchas
2005-06-14: Putting a pleasant Python surprise to use
Pitfalls in generating Last-Modified:
2005-06-12: Making a Python mountain out of a molehill
Why a Blog?
2005-06-11: web/HTTPRedirects
web/CSSIrritation


This is a Category/PageManagement page.