Chris's Wiki :: blog/_

Full chronological index of WanderingThoughts

This is a full index of all entries in WanderingThoughts in chronological order, most recent to oldest; you can also get an alphabetical index.

2025-03-23:	The obviousness of indexing the Unix filesystem buffer cache by inodes
2025-03-22:	How we automate installing extra packages during Ubuntu installs
2025-03-21:	The mystery (to me) of tiny font sizes in KDE programs I run
2025-03-20:	Go's choice of multiple return values was the simpler option
2025-03-19:	Go's multiple return values and (Go) types
2025-03-18:	How ZFS knows and tracks the space usage of datasets
2025-03-17:	I don't think error handling is a solved problem in language design
2025-03-16:	OIDC claim scopes and their interactions with OIDC token authentication
2025-03-15:	Some notes on the OpenID Connect (OIDC) 'redirect uri'
2025-03-14:	Some notes on configuring Dovecot to authenticate via OIDC/OAuth2
2025-03-13:	Doing multi-tag matching through URLs on the modern web
2025-03-12:	The commodification of desktop GUI behavior
2025-03-11:	Some views on the common Apache modules for SAML or OIDC authentication
2025-03-10:	The web browser as an enabler of minority platforms
2025-03-09:	How I got my nose rubbed in my screens having 'bad' areas for me
2025-03-08:	How SAML and OIDC differ in sharing information, and perhaps why
2025-03-07:	The OpenID Connect (OIDC) 'sub' claim is surprisingly load-bearing
2025-03-06:	The problem facing MFA-enabled IMAP at the moment (in early 2025)
2025-03-05:	A Prometheus gotcha with alerts based on counting things
2025-03-04:	What SimpleSAMLphp's core:AttributeAlter does with creating new attributes
2025-03-03:	If you get the chance, always run more extra network fiber cabling
2025-03-02:	Updating local commits with more changes in Git (the harder way)
2025-03-01:	Using PyPy (or thinking about it) exposed a bug in closing files
2025-02-28:	Always sync your log or journal files when you open them
2025-02-27:	Using Netplan to set up WireGuard on Ubuntu 22.04 works, but has warts
2025-02-26:	I'm not impressed by the state of NFS v4 in the Linux kernel
2025-02-25:	MFA's "push notification" authentication method can be easier to integrate
2025-02-24:	Go's behavior for zero value channels and maps is partly a choice
2025-02-23:	JSON has become today's machine-readable output format (on Unix)
2025-02-22:	Institutions care about their security threats, not your security threats
2025-02-21:	HTTP connections are part of the web's long tail
2025-02-20:	It's good to have offline contact information for your upstream networking
2025-02-19:	Shared (Unix) hosting and the problem of managing resource limits
2025-02-18:	One problem with "shared Unix hosting" was the lack of resource limits
2025-02-17:	More potential problems for people with older browsers
2025-02-16:	The HTTP status codes of responses from about 21 hours of traffic to here
2025-02-15:	Why I have a little C program to filter a $PATH (more or less)
2025-02-14:	The profusion of things that could be in your $PATH on old Unixes
2025-02-13:	'Internal' accounts and their difference from 'external' accounts
2025-02-12:	How you should respond to authentication failures isn't universal
2025-02-11:	A surprise with rspamd's spam scoring and a workaround
2025-02-10:	Everything should be able to ratelimit sources of authentication failures
2025-02-09:	Providing pseudo-tags in DWiki through a simple hack
2025-02-08:	The Prometheus host agent is missing some Linux NFSv4 RPC stats (as of 1.8.2)
2025-02-07:	Web application design and the question of what is a "route"
2025-02-06:	Linux kernel NFSv4 server and client RPC operation statistics
2025-02-05:	How Ubuntu 24.04's bad bpftrace package appears to have happened
2025-02-04:	The practical (Unix) problems with .cache and its friends
2025-02-03:	Why writes to disk generally wind up in your OS's disk read cache
2025-02-02:	Web spiders (or people) can invent unfortunate URLs for your website Build systems and their effects on versioning and API changes
2025-02-01:	An alarmingly bad official Ubuntu 24.04 bpftrace binary package
2025-01-31:	Modern languages and bad packaging outcomes at scale
2025-01-30:	The tradeoffs of having an internal unauthenticated SMTP server
2025-01-29:	Our well-prepared phish spammer may have been chasing lucrative prey
2025-01-28:	We got hit by an alarmingly well-prepared phish spammer
2025-01-27:	How to accidentally get yourself with '`find ... -name something*`'
2025-01-26:	Some learning experiences with HTTP cookies in practice
2025-01-25:	Syndication feeds here are now rate-limited on a per-IP basis
2025-01-24:	Languages don't version themselves using semantic versioning
2025-01-23:	Sometimes you need to (or have to) run old binaries of programs
2025-01-22:	More features for web page generation systems doing URL remapping
2025-01-21:	A change in the handling of PYTHONPATH between Python 3.10 and 3.12
2025-01-20:	The (potential) complexity of good runqueue latency measurement in Linux
2025-01-19:	Sometimes print-based debugging is your only choice
2025-01-18:	Some ways to restrict who can log in via OpenSSH and how they authenticate
2025-01-17:	Thoughts on having SSH allow password authentication from the Internet
2025-01-16:	Some stuff about how Apache's mod_wsgi runs your Python apps (as of 5.0)
2025-01-15:	(Multiple) inheritance in Python and implicit APIs
2025-01-14:	My bug reports are mostly done for work these days
2025-01-13:	A mystery with Django under Apache's mod_wsgi on Ubuntu 24.04
2025-01-12:	The history and use of `/etc/glob` in early Unixes
2025-01-11:	IMAP clients can vary in their reactions to IMAP errors
2025-01-10:	The problem with combining DNS CNAME records and anything else
2025-01-09:	Realizing why Go reflection restricts what struct fields can be modified
2025-01-08:	Using tcpdump to see only incoming or outgoing traffic
2025-01-07:	What a FreeBSD kernel message about your bridge means
2025-01-06:	The issue with DNF 5 and script output in Fedora 41
2025-01-05:	WireGuard's AllowedIPs aren't always the (WireGuard) routes you want
2025-01-04:	There are different sorts of WireGuard setups with different difficulties
2025-01-03:	The programmable web browser was and is inevitable
2025-01-02:	Rejecting email at SMTP time based on the From: header address
2025-01-01:	The modern web is why web browsers don't have "nice things" (platform APIs)
2024-12-31:	My unusual X desktop wasn't made 'from scratch' in a conventional sense
2024-12-30:	I'm firmly attached to a mouse and (overlapping) windows
2024-12-29:	My screens now have areas that are 'good' and 'bad' for me
2024-12-28:	In an unconfigured Vim, I want to do '`:set paste`' right away
2024-12-27:	Cgroup V2 memory limits and their potential for thrashing
2024-12-26:	WireGuard on OpenBSD just works (at least as a VPN server)
2024-12-25:	x86 servers, ATX power supply control, and reboots, resets, and power cycles
2024-12-24:	The TLS certificate multi-file problem (for automatic updates)
2024-12-23:	A gotcha with importing ZFS pools and NFS exports on Linux (as of ZFS 2.3.0)
2024-12-22:	Two views of Python type hints and catching bugs
2024-12-21:	When power cycling your (x86) server isn't enough to recover it
2024-12-20:	Remembering to make my local changes emit log messages when they act
2024-12-19:	Short lived TLS certificates and graceful rollover in web servers
2024-12-18:	Browser feed reader addons don't seem to do very well on caching
2024-12-17:	We have an unusual concern when we use Let's Encrypt
2024-12-16:	Some notes on "closed interfaces" in Go
2024-12-15:	I think Go union type proposals should start with their objectives
2024-12-14:	ZFS on Linux and block IO limits show some limits of being out of the kernel
2024-12-13:	Cgroup V2's cpu.idle setting versus process niceness
2024-12-12:	Improving my desktop's responsiveness with the cgroup V2 'cpu.idle' setting
2024-12-11:	The long (after)life of some of our old fileserver hardware
2024-12-10:	My wish for VFS or filesystem level cgroup (v2) IO limits
2024-12-09:	Maybe we should explicitly schedule rebooting our fleet every so often
2024-12-08:	Unix's buffered IO in assembly and in C
2024-12-07:	PCIe cards we use and have used in our servers
2024-12-06:	Common motherboards are supporting more and more M.2 NVMe drive slots
2024-12-05:	Buffered IO in Unix before V7 introduced stdio
2024-12-04:	Sorting out 'PCIe bifurcation' and how it interacts with NVMe drives
2024-12-03:	The modern world of server serial ports, BMCs, and IPMI Serial over LAN
2024-12-02:	Good union types in Go would probably need types without a zero value
2024-12-01:	Union types ('enum types') would be complicated in Go
2024-11-30:	Using systemd-run to limit something's memory usage in cgroups v2
2024-11-29:	Python type hints are probably "worth it" in the large for me
2024-11-28:	My life has been improved by my quiet Prometheus alert status monitor
2024-11-27:	Some notes on my experiences with Python type hints and mypy
2024-11-26:	Python type hints may not be for me in practice
2024-11-25:	What NFS server threads do in the Linux kernel
2024-11-24:	The question of how many NFS server threads you should use (on Linux)
2024-11-23:	The general issue of terminal programs and the Alt key
2024-11-22:	My new solution for quiet monitoring of our Prometheus alerts
2024-11-21:	Our Prometheus alerting problem if our central mail server isn't working
2024-11-20:	Thinking about how to tame the interaction of conditional GET and caching
2024-11-19:	Two API styles of doing special things involving text in UIs
2024-11-18:	Ubuntu LTS (server) releases have become fairly similar to each other
2024-11-17:	(Some) spammers will keep trying old, no longer in DNS IPv6 addresses
2024-11-16:	The missing text focused programming environment
2024-11-15:	IPv6 networks do apparently get probed (and implications for address assignment)
2024-11-14:	Your options for displaying status over time in Grafana 11
2024-11-13:	Implementing some Git aliases indirectly, in shell scripts
2024-11-12:	Finding a good use for keep_firing_for in our Prometheus alerts
2024-11-11:	Prometheus makes it annoyingly difficult to add more information to alerts
2024-11-10:	Syndication feed fetchers and their behavior on HTTP 429 status responses
2024-11-09:	A rough guess at how much IPv6 address space we might need
2024-11-08:	Maybe skipping 'Dependabot' commits when using '`git log`'
2024-11-07:	Complications in supporting 'append to a file' in a NFS server
2024-11-06:	Losing NFS locks and the SunOS SIGLOST signal
2024-11-05:	The general problem of losing network based locks
2024-11-04:	A rough equivalent to "return to last power state" for libvirt virtual machines
2024-11-03:	The history of Unix's ioctl and signal about window sizes
2024-11-02:	I feel that NAT is inevitable even with IPv6
2024-11-01:	Notes on the compatibility of crypted passwords across Unixes in late 2024
2024-10-31:	Pam_unix and your system's supported password algorithms
2024-10-30:	Keeping your site accessible to old browsers is non-trivial
2024-10-29:	Doing general address matching against varying address lists in Exim
2024-10-28:	The question of whether to still allow HTTP/1.0 requests or block them
2024-10-27:	Linux's /dev/disk/by-id unfortunately often puts the transport in the name
2024-10-26:	The importance of name-based virtual hosts (websites)
2024-10-25:	Using pam_access to sometimes not use another PAM module
2024-10-24:	Having an emergency backup DNS resolver with systemd-resolved
2024-10-23:	Doing basic policy based routing on FreeBSD with PF rules
2024-10-22:	Having rate-limits on failed authentication attempts is reassuring
2024-10-21:	Quoting and not quoting command substitution in the Bourne shell
2024-10-20:	Two visions of 'software supply chain security'
2024-10-19:	Forced MFA is effectively an annoying, harder to deal with second password
2024-10-18:	The Go module proxy and forcing Go to actually update module versions
2024-10-17:	Syndication feed readers now seem to leave Last-Modified values alone
2024-10-16:	Our various different types of Ubuntu installs
2024-10-15:	A surprise with /etc/cron.daily, run-parts, and files with '.' in their name
2024-10-14:	We have lots of local customizations (and how we keep track of them)
2024-10-13:	Our local changes to standard (Ubuntu) installs are easy to forget
2024-10-12:	Some thoughts on why 'inetd activation' didn't catch on
2024-10-11:	Potential pragmatic handling of partial matches for HTTP conditional GET
2024-10-10:	Linux software RAID and changing your system's hostname
2024-10-09:	The history of inetd is more interesting than I expected
2024-10-08:	OpenBSD kernel messages about memory conflicts on x86 machines
2024-10-07:	Things syndication feed readers do with 'conditional GET'
2024-10-06:	DKIM signatures from mailing list providers don't mean too much
2024-10-05:	Daemonization in Unix programs is probably about restarting programs
2024-10-04:	Traditionally, init on Unix was not a service manager as such
2024-10-03:	(Unix) daemonization turns out to be quite old
2024-10-02:	Go's new small language features from 1.22 and 1.23 are nice
2024-10-01:	Two views of what a TLS certificate verifies
2024-09-30:	Resetting the backoff restart delay for a systemd service
2024-09-29:	Brief notes on making Prometheus's SNMP exporter use additional SNMP MIB(s)
2024-09-28:	Options for adding IPv6 networking to your libvirt based virtual machines
2024-09-27:	Brief notes on how the Prometheus SNMP exporter's configurations work
2024-09-26:	The impact of the September 2024 CUPS CVEs depends on your size
2024-09-25:	Using a small ZFS recordsize doesn't save you space (well, almost never)
2024-09-24:	Go and my realization about what I'll call the 'Promises' pattern
2024-09-23:	Mostly getting redundant UEFI boot disks on modern Ubuntu (especially 24.04)
2024-09-22:	Old (Unix) workstations and servers tended to boot in the same ways
2024-09-21:	TLS certificates were (almost) never particularly well verified
2024-09-20:	Our broad reasons for and approach to mirroring disks
2024-09-19:	OpenBSD versus FreeBSD pf.conf syntax for address translation rules
2024-09-18:	Open source maintainers with little time and changes
2024-09-17:	My "time to full crawl" (vague) metric
2024-09-16:	Why my Fedora 40 systems stalled logins for ten seconds or so
2024-09-15:	Why we're interested in FreeBSD lately (and how it relates to OpenBSD here)
2024-09-14:	Getting maximum 10G Ethernet bandwidth still seems tricky
2024-09-13:	Threads, asynchronous IO, and cancellation
2024-09-12:	What admin access researchers have to their machines here
2024-09-11:	Rate-limiting failed SMTP authentication attempts in Exim 4.95
2024-09-10:	Ways ATX power supply control could work on server motherboards
2024-09-09:	How ATX power supply control seems to work on desktop motherboards
2024-09-08:	I should probably reboot BMCs any time they behave oddly
2024-09-07:	I wish (Linux) WireGuard had a simple way to restrict peer public IPs Operating system threads are always going to be (more) expensive
2024-09-05:	The problems (Open)ZFS can have on new Linux kernel versions
2024-09-04:	Using rsync to create a limited ability to write remote files
2024-09-03:	TLS Server Name Indications can be altered by helpful code
2024-09-02:	Apache's odd behavior for requests with a domain with a dot at the end
2024-09-01:	The status of putting a '.' at the end of domain names
2024-08-31:	In practice, abstractions hide their underlying details
2024-08-30:	Mercurial's extdiff extension and reporting filenames in diffs
2024-08-29:	The web fun fact that domains can end in dots and canonicalization failures
2024-08-28:	How not to upgrade (some) held packages on Ubuntu (and Debian)
2024-08-27:	Some reasons why we mostly collect IPMI sensor data locally
2024-08-26:	What's going on with 'quit' in an interactive CPython session (as of 3.12)
2024-08-25:	How to talk to a local IPMI under FreeBSD 14
2024-08-24:	JSON is usually the least bad option for machine-readable output formats
2024-08-23:	My (current) view on open source moral obligations and software popularity
2024-08-22:	I used libvirt's '`virt-install`' briefly and it worked nicely
2024-08-21:	What a POSIX shell has to do with $PWD
2024-08-20:	Some brief notes on '`numfmt`' from GNU Coreutils
2024-08-19:	It's not simple to add function keyword arguments to Go
2024-08-18:	A downside or two of function keyword arguments (and default values)
2024-08-17:	Why and how I keep around spare libvirt based virtual machines
2024-08-16:	FreeBSD's 'root on ZFS' default appeals to me for an odd reason
2024-08-15:	Workarounds are often forever (unless you work to make them otherwise)
2024-08-14:	Traceroute, firewalls, and the modern Internet: a horrible realization A note to myself about using traceroute to check for port reachability
2024-08-13:	Some thoughts on OpenSSH 9.8's PerSourcePenalties feature
2024-08-12:	Uncertainties and issues in using IPMI temperature data
2024-08-11:	ZFS properties sometimes change their default values over time
2024-08-10:	Allocating disk space (and all resources) is ultimately a political decision
2024-08-09:	The Broadcom 'bnxt' Ethernet driver and RDMA (in Ubuntu 24.04)
2024-08-08:	How Linux kernel driver modules for hardware get loaded (I think)
2024-08-07:	Maybe understanding Crowdstrike's argument arity problem
2024-08-06:	Host names in syslog messages may not be quite what you expect
2024-08-05:	Staged rollouts of things still have limitations
2024-08-04:	The speed of updates for signatures of bad things matters (a lot)
2024-08-03:	A surprise with the temperature distribution in our machine room
2024-08-02:	Modern web PKI (TLS) is very different than it used to be
2024-08-01:	OCSP Stapling always faced a bunch of hard problems
2024-07-31:	We may want /usr/bin/python to be Python 3 sooner than I expected
2024-07-30:	On not automatically reconnecting to IPMI Serial-over-LAN consoles
2024-07-29:	Handling (or not) the serial console of our serial console server
2024-07-28:	Our slowly growing Unix monoculture
2024-07-27:	Backward compatibility, even for settings, has real costs
2024-07-26:	The uncertain possible futures of Unix graphical desktops
2024-07-25:	How I almost set up a recursive syslog server
2024-07-24:	The Online Certificate Status Protocol (OCSP) is basically dead now
2024-07-23:	Seeing and matching pf rules when using tcpdump on OpenBSD's pflog interface
2024-07-22:	The challenges of working out how many CPUs your program can use on Linux
2024-07-21:	Our giant login server: solving resource problems with brute force
2024-07-20:	My home wireless network and convenience versus security
2024-07-19:	Part of (computer) security is convincing people that it works
2024-07-18:	The Linux Out-Of-Memory killer process list can be misleading
2024-07-17:	SSH has become our universal (Unix) external access protocol My self-inflicted UPS and computer conundrum
2024-07-15:	People at universities travel widely and unpredictably
2024-07-14:	The Firefox source code's 'StaticPrefs' system (as of Firefox 128)
2024-07-13:	That software forges are often better than email is unfortunate
2024-07-12:	Network switches aren't simple devices (not even basic switches)
2024-07-11:	Brute force attackers seem to switch targets rapidly if you block them
2024-07-10:	Fedora 40 probably doesn't work with software RAID 0.90 format superblocks
2024-07-09:	Some (big) mail senders do use TLS SNI for SMTP even without DANE
2024-07-08:	Using WireGuard as a router to get around reachability issues
2024-07-07:	I think (GNU) Emacs bankruptcy is inevitable in the longer term
2024-07-06:	"Out of band" network management is not trivial
2024-07-05:	Gtk 4 has decided to blow up some people's world on HiDPI displays
2024-07-04:	Structured log formats are not really "plaintext" logs
2024-07-03:	Fedora 40 and a natural but less than ideal outcome with 'alternatives'
2024-07-02:	Unix's fsync(), write ahead logs, and durability versus integrity
2024-07-01:	Modifying and setting alarm times: a phone UI irritation
2024-06-30:	The systemd journal doesn't force you to not have plain text logs
2024-06-29:	Plaintext is not a great format for (system) logs
2024-06-28:	I wish systemd didn't require two units for each socket service
2024-06-27:	Is blocking outgoing traffic by default a good firewall choice now?
2024-06-26:	The xinetd restart problem with binding ports that we run into
2024-06-25:	Security is not really part of most people's jobs
2024-06-24:	(GNU) Emacs wants personal customization in practice
2024-06-23:	Some notes on ZFS's zstd compression kstats (on Linux)
2024-06-22:	A Prometheus Blackbox gotcha: (UDP) DNS replies have a low size limit
2024-06-21:	The IMAP LIST command as it interacts with client prefixes in Dovecot
2024-06-20:	Where Thunderbird seems to get your default browser from on Linux
2024-06-19:	It seems routine to see a bunch of browser User-Agents from the same IP
2024-06-18:	Some things on how ZFS System Attributes are stored
2024-06-17:	Go's 'range over functions' iterators and avoiding iteration errors
2024-06-16:	Understanding a Python closure oddity
2024-06-15:	We don't know what's happening on our networks
2024-06-14:	Mixed content upgrades on the web in mid 2024
2024-06-13:	Using prime numbers for our Prometheus scrape intervals
2024-06-12:	The Linux kernel NFS server and reconnecting client NFS filehandles
2024-06-11:	The size of our Prometheus setup as of June 2024
2024-06-10:	The NFS server 'subtree' export problem
2024-06-09:	OpenSSH can chose (or force) the 'shell' used for a specific SSH key
2024-06-08:	Operating services versus operating an "adequate environment"
2024-06-07:	Account recovery is still a hard problem in public key management
2024-06-06:	Web applications should support being used behind a reverse proxy
2024-06-05:	Maybe understanding uname(1)'s platform and machine fields
2024-06-04:	Some history and limitations of uname(1) fields
2024-06-03:	CVEs are not what I'll call security reports
2024-06-02:	Stand-alone downloads of program assets has a security implication
2024-06-01:	Phish tests and (not) getting people to report successful phish attacks
2024-05-31:	Spammers do forge various noreply@<you> sender addresses
2024-05-30:	Phish tests aren't like fire drills
2024-05-29:	PyPy has been quietly working for me for several years now
2024-05-28:	ZFS's transactional guarantees from a user perspective
2024-05-27:	Some notes on Grafana Loki's new "structured metadata" (as of 3.0.x)
2024-05-26:	Flaky alerts are telling you something
2024-05-25:	Reasons to not expose Go's choice of default TLS ciphers
2024-05-24:	The long-overdue problem coming for some people in Go 1.23
2024-05-23:	There are multiple uses for metrics (and collecting metrics)
2024-05-22:	The Prometheus host agent's 'perf' collector can be kind of expensive
2024-05-21:	Go's old `$GOPATH` story for development and dependencies
2024-05-20:	The power of using external authentication information in a web application
2024-05-19:	My GNU Emacs MH mail folder completion in MH-E
2024-05-18:	Realizing the hidden complexity of cloud server networking
2024-05-17:	The trade-offs in not using WireGuard to talk to our cloud server
2024-05-16:	Thoughts on (not) automating the setup of our first cloud server
2024-05-15:	Turning off the X server's CapsLock modifier
2024-05-14:	The X Window System and the curse of NumLock
2024-05-13:	Some ideas on what Linux distributions can do about the new kernel situation
2024-05-12:	The Linux kernel giving CVEs to all bugfixes is sort of predictable
2024-05-11:	Where NS records show up in DNS replies depends on who you ask
2024-05-10:	It's very difficult to tell if a Linux kernel bug is a security issue
2024-05-09:	One of OCSP's problems is the dominance of Chrome
2024-05-08:	All configuration files should support some form of file inclusion
2024-05-07:	Some thoughts on when you can and can't lower OpenSSH's 'LoginGraceTime'
2024-05-06:	What affects what server host key types OpenSSH will offer to you
2024-05-05:	OpenSSH sshd's 'MaxStartups' setting and Internet-accessible machines
2024-05-04:	We have our first significant batch of servers that only have UEFI booting
2024-05-03:	UEFI, BIOS, and other confusing x86 PC (firmware) terms
2024-05-02:	Thinking about filesystem space allocation policies and SSDs
2024-05-01:	Having a machine room can mean having things in your machine room
2024-04-30:	The state of Python in Ubuntu 24.04 LTS
2024-04-29:	Our likely long term future (not) with Ubuntu (as of early 2024)
2024-04-28:	How I (used to) handle keeping track of how I configured software
2024-04-27:	Autoconf and configure features that people find valuable
2024-04-26:	I wish projects would reliably use their release announcements mechanisms
2024-04-25:	The importance of an ordinary space in a Unix shell command line
2024-04-24:	Pruning some things out with (GNU) `find` options
2024-04-23:	Libvirt's virt-viewer and (guest) screen blanking
2024-04-22:	Making virtual machine network interfaces inactive in Linux libvirt
2024-04-21:	Thoughts on potentially realistic temperature trip limit for hardware
2024-04-20:	What the original 4.2 BSD csh hashed (which is not what I thought)
2024-04-19:	Modern Linux mounts a lot of different types of virtual filesystems
2024-04-18:	On the duration of self-signed TLS (website) certificates
2024-04-17:	Limiting the maximum size of Amanda debug logs with a Linux tmpfs mount
2024-04-16:	IPMI connections have privilege levels, not just IPMI users
2024-04-15:	Having IPv6 for public servers is almost always merely nice, not essential
2024-04-14:	(Probably) forcing Git to never prompt for authentication
2024-04-13:	A corner case in Firefox's user interface for addon updates
2024-04-12:	Please don't try to hot-reload changed Python files too often
2024-04-11:	Getting the underlying disks of a Linux software RAID array
2024-04-10:	It's far from clear how grub package updates work on Ubuntu
2024-04-09:	Bash's sadly flawed smart (programmable) completion
2024-04-08:	Don't require people to change 'source code' to configure your programs
2024-04-07:	NAT'ing on the firewall versus host routes for public IPs
2024-04-06:	GNU Autoconf is not replaceable in any practical sense Solving the hairpin NAT problem with policy based routing and plain NAT
2024-04-05:	Why I think you shouldn't digitally sign things casually
2024-04-03:	GNU Emacs and the case of special space characters
2024-04-02:	An issue with Alertmanager inhibitions and resolved alerts What Prometheus Alertmanager's `group_interval` setting means
2024-04-01:	The power of being able to query your servers for unpredictable things
2024-03-31:	Some thoughts on switching daemons to be socket activated via systemd
2024-03-30:	The Prometheus scrape interval mistake people keep making
2024-03-29:	Some notes on Firefox's media autoplay settings in practice as of Firefox 124
2024-03-28:	The effects of silences (et al) in Prometheus Alertmanager
2024-03-27:	Some questions to ask about what silencing alerts means
2024-03-26:	How I would automate monitoring DNS queries in basic Prometheus
2024-03-25:	Options for diverting alerts in Prometheus
2024-03-24:	Platform peculiarities and Python (with an example)
2024-03-23:	The many possible results of turning an IP address into a 'hostname'
2024-03-22:	The Linux kernel.task_delayacct sysctl and why you might care about it
2024-03-21:	Reading the Linux cpufreq sysfs interface is (deliberately) slow
2024-03-20:	When I reimplement one of my programs, I often wind up polishing it too
2024-03-19:	About DRAM-less SSDs and whether that matters to us
2024-03-18:	Sorting out PIDs, Tgids, and tasks on Linux
2024-03-17:	Disk write buffering and its interactions with write flushes
2024-03-16:	Some more notes on Linux's `ionice` and kernel IO priorities
2024-03-15:	The problem of using basic Prometheus to monitor DNS query results
2024-03-14:	You might want to think about if your system serial numbers are sensitive
2024-03-13:	Restarting systemd-networkd normally clears your 'ip rules' routing policies
2024-03-12:	What do we count as 'manual' management of TLS certificates
2024-03-11:	Why we should care about usage data for our internal services
2024-03-10:	Scheduling latency, IO latency, and their role in Linux responsiveness
2024-03-09:	Some thoughts on usage data for your systems and services
2024-03-08:	A realization about shell pipeline steps on multi-core machines
2024-03-07:	Some notes about the Cloudflare eBPF Prometheus exporter for Linux
2024-03-06:	Where and how Ubuntu kernels get their ZFS modules
2024-03-05:	A peculiarity of the X Window System: Windows all the way down
2024-03-04:	An illustration of how much X cares about memory usage
2024-03-03:	X graphics rendering as contrasted to Wayland rendering
2024-03-02:	Something I don't know: How server core count interacts with RAM latency
2024-03-01:	Options for your Grafana panels when your metrics change names
2024-02-29:	The speed of improvement in servers may have slowed down
2024-02-28:	Detecting absent Prometheus metrics without knowing their labels
2024-02-27:	Our probably-typical (lack of) machine inventory situation
2024-02-26:	How to make your GNU Emacs commands 'relevant' for M-X
2024-02-25:	Open source culture and the valorization of public work
2024-02-24:	The Go 'range over functions' proposal and user-written container types
2024-02-23:	Fixing my problem of a stuck '`dnf updateinfo info`' on Fedora Linux
2024-02-22:	A recent abrupt change in Internet SSH brute force attacks against us
2024-02-21:	What ZIL metrics are exposed by (Open)ZFS on Linux
2024-02-20:	NetworkManager won't share network interfaces, which is a problem
2024-02-19:	The flow of activity in the ZFS Intent Log (as I understand it)
2024-02-18:	Even big websites may still be manually managing TLS certificates (or close)
2024-02-17:	We outsource our public web presence and that's fine
2024-02-16:	Options for genuine ECC RAM on the desktop in (early) 2024
2024-02-15:	(Some) X window managers deliberately use off-screen windows
2024-02-14:	Understanding a recent optimization to Go's `reflect.TypeFor`
2024-02-13:	What is in (Open)ZFS's per-pool "txgs" /proc file on Linux
2024-02-12:	Linux kernel boot messages and seeing if your AMD system has ECC
2024-02-11:	Go 1.22's go/types Alias type shows the challenge of API compatibility
2024-02-10:	My plan for backups of my home machine (as of early 2024)
2024-02-09:	Compatibility lingers long after it's needed (until it gets noticed)
2024-02-08:	Accidentally making windows vanish in my old-fashioned Unix X environment
2024-02-07:	What I'd like in a hypothetical new desktop machine in 2024
2024-02-06:	What the `max_connect` Linux NFS v4 mount parameter seems to do
2024-02-05:	We might want to regularly keep track of how important each server is
2024-02-04:	I switched to explicit imports of things in our Django application
2024-02-03:	Solving one of our Django problems in a sideways, brute force way
2024-02-02:	One of my MH-E customizations: 'narrow-to-pending' (refiles and deletes)
2024-02-01:	Our Django application is now using Python 3 and a modern Django
2024-01-31:	Using IPv6 has quietly become reliable (for me)
2024-01-30:	Putting a Python executable in venvs is probably a necessary thing
2024-01-29:	What I think goes wrong periodically with our Grafana Loki on restarts Servers are (probably) starting to drop serial ports
2024-01-27:	Getting the Python LSP server working with venvs the brute force way
2024-01-26:	Histogram data is most useful when they also provide true totals
2024-01-25:	In Go, I'm going to avoid using '`any`' as an actual type
2024-01-24:	The cooling advantage that CPU integrated graphics has
2024-01-23:	CGI programs have an attractive one step deployment model
2024-01-22:	Desktop PC motherboards and the costs of extra features
2024-01-21:	The expected size of a gap in a Prometheus range vector (sometimes)
2024-01-20:	An example of how Prometheus's delta() function will extrapolate time ranges
2024-01-19:	A Django gotcha with Python 3 and the encoding of CharFields
2024-01-18:	Notes on the Linux kernel's 'irq' pressure stall information and meaning
2024-01-17:	Some interesting metrics you can get from cgroup V2 systems
2024-01-16:	What Prometheus exporters we use (as of the end of 2023)
2024-01-15:	How we monitor that our wireless network is still there in places
2024-01-14:	Git branches as a social construct
2024-01-13:	Indexed archive formats and selective restores
2024-01-12:	What we use ZFS on Linux's ZED 'zedlets' for
2024-01-11:	An old Unix mistake you could make when signaling `init` (PID 1)
2024-01-10:	MFA today is both 'simple' and non-trivial work
2024-01-09:	How far back we want our metrics to go depends on what they're for
2024-01-08:	One of the things limiting the evolution of WebPKI is web servers
2024-01-07:	TLS certificate expiry times are fundamentally a hack
2024-01-06:	Some ballpark numbers for fun on filling filesystem cache with NFS traffic
2024-01-05:	Having a virtual machine host server has been quite useful
2024-01-04:	'Unmaintained' (open source) code represents a huge amount of value
2024-01-03:	Ten years isn't long enough for maximum age settings
2024-01-02:	Why Unix's `lseek()` has that name instead of '`seek()`'
2024-01-01:	Alerting on our NTP servers having a high NTP stratum hasn't been useful
2023-12-31:	Switching Linux software RAID disks around in (early) 2023
2023-12-30:	Email addresses are not good 'permanent' identifiers for accounts
2023-12-29:	Your kernel panics in ZFS on Linux probably aren't actual kernel panics
2023-12-28:	The various phases of Prometheus Blackbox's HTTP probe
2023-12-27:	Web CGI programs aren't particularly slow these days
2023-12-26:	Maybe learning to let new environments be themselves (more or less)
2023-12-25:	Standards often provide little guidance for handling 'bad' content
2023-12-24:	Do we actually need negative access control rules (in general)?
2023-12-23:	A DKIM signature on email by itself means very little
2023-12-22:	What I think the 'SMTP Smuggling' attack enables
2023-12-21:	Systemd will block a service's start if you manually restart it too fast
2023-12-20:	The (historical) background of 'SMTP Smuggling'
2023-12-19:	Why grub-install can give you an "unknown filesystem" error
2023-12-18:	In Go, constant variables are not used for optimization
2023-12-17:	Prometheus's `group_left()` and `group_right()` operators
2023-12-16:	The three email addresses of OpenID Connect (OIDC) in practice
2023-12-15:	What /.well-known/ URL queries people make against our web servers
2023-12-14:	Partially emulating #ifdef in Go with build tags and consts
2023-12-13:	Why systemd-resolved can give weird results for nonexistent bare hostnames
2023-12-12:	We've switched (back) to using Bind for our local DNS resolvers
2023-12-11:	Seeing how fast people will probe you after you get a new TLS certificate
2023-12-10:	Some notes on using the `logcli` program to query Grafana Loki
2023-12-09:	I recently used Grafana Loki for fast, flexible log searching
2023-12-08:	A possible path to reliable name constraints on internal TLS CAs
2023-12-07:	Mapping out my understanding of (web-based) single sign-on systems
2023-12-06:	Understanding another piece of per-cgroup memory usage accounting
2023-12-05:	Doing work that scales requires being able to scale your work
2023-12-04:	Getting some information about the Linux kernel dentry cache (dcache)
2023-12-03:	A bit more trivia on the Unix V6 shell and its control flow
2023-12-02:	Why Unix kernels have grown caches for directory entries ('name caches')
2023-12-01:	The Unix V6 shell and how control flow worked in it
2023-11-30:	My sysadmin's view of going from Centrex to VoIP (sort of)
2023-11-29:	The quietly impressive thing mail clients do when you write HTML mail
2023-11-28:	Why we scrape Prometheus Blackbox's metrics endpoint
2023-11-27:	Go's API stability and making assumptions, even in semi-official code
2023-11-26:	The HTML viewport mess
2023-11-25:	Unix shells and the current directory
2023-11-24:	A peculiarity of the GNU Coreutils version of '`test`' and '`[`'
2023-11-23:	Unix's 'test' program and the V7 Bourne shell
2023-11-22:	Understanding and sorting out ZFS pool features
2023-11-21:	Modern proxy (IPv4) ARP and proxy IPv6 NDP on Linux
2023-11-20:	Why I'm still using the "Certainly Something" addon for Firefox
2023-11-19:	Third party Emacs packages that I use (as of November 2023)
2023-11-18:	Using argparse in my Python programs encourages me to add options to them
2023-11-17:	My first Django database migration worked fine
2023-11-16:	Setting up an IPv6 gateway on an Ubuntu 22.04 server with WireGuard
2023-11-15:	WireGuard and the question of link-local IPv6 addresses
2023-11-14:	Amanda and deciding between server and client compression
2023-11-13:	Amanda has clever restores from tar archives (sometimes)
2023-11-12:	The Amanda backup system completely reads tar archives on restores
2023-11-11:	Go modules and the domain expiry problem
2023-11-10:	Backup systems and how much they do or don't know about storage formats
2023-11-09:	Brief early impressions of Emacs' evil Vim emulation
2023-11-08:	Holding packages in Debian (and Ubuntu) has gotten easier over the years
2023-11-07:	The Vim features that make me a Vim user instead of a Vi user
2023-11-06:	What client host keys OpenSSH ssh uses for host based authentication
2023-11-05:	Exim's options for how to DKIM sign various email headers
2023-11-04:	The various meanings of DKIM signing message headers
2023-11-03:	Our varying levels of what you could charitably call 'physical security'
2023-11-02:	Network firewalls and Ethernet addresses
2023-11-01:	People do change what a particular version is of a Go module
2023-10-31:	Real (email) HTML can get a bit extreme
2023-10-30:	Finding which NFSv4 client owns a lock on a Linux NFS(v4) server
2023-10-29:	One reason that ZFS can't turn a directory into a filesystem
2023-10-28:	Thinking about the sensible limits of customization of things
2023-10-27:	Alerting on sticky configuration reload failures for Prometheus
2023-10-26:	The issue of what headers to include in your DKIM signatures
2023-10-25:	There are at least two ways to 'verify' TLS client host certificates
2023-10-24:	dup()'s shared file IO offset is a necessary part of Unix
2023-10-23:	Internet network sessions can be remarkably durable
2023-10-22:	Unix /dev/fd and dup(2)
2023-10-21:	Understanding dynamic menubar menus in GNU Emacs
2023-10-20:	Changing the menu bar order of Emacs easy-menu menus
2023-10-19:	Using extra Firefox profiles to make my life better
2023-10-18:	WireGuard is pleasantly easy to set up on smartphones (if you're experienced)
2023-10-17:	(Minibuffer) completion categories in GNU Emacs and forcing them
2023-10-16:	The two places firewall NAT can happen in our network
2023-10-15:	Finally noticing a quiet speedup in my environment
2023-10-14:	Stateful versus stateless firewalls, and why stateful is attractive
2023-10-13:	OpenBSD PF-based firewalls suffer differently from denial of service attacks
2023-10-12:	Getting the active network interface(s) in a script on Ubuntu 22.04
2023-10-11:	The wisdom of being selective about python-lsp-server plugins
2023-10-10:	Keyboard keys and characters
2023-10-09:	My understanding of various sorts of completion in GNU Emacs
2023-10-08:	The tools I use to read email affect how I read it (more than I thought)
2023-10-07:	The three modern formats for email forwarded by people
2023-10-06:	Understanding the orderless package for GNU Emacs
2023-10-05:	X's two ways to send events to X clients (more or less)
2023-10-04:	You can do Apache HTTP Basic Authentication through PAM
2023-10-03:	In praise of modest, simple third party packages for GNU Emacs
2023-10-02:	What we did when we couldn't gracefully roll over an OpenVPN TLS root certificate
2023-10-01:	Brief notes on doing TOTP MFA with `oathtool`
2023-09-30:	I have questions about MFA push notification fatigue
2023-09-29:	Understanding the NMH repl command's '-cc me' and '-nocc me' options
2023-09-28:	The IMAP Sent folder can create some odd issues and confusion
2023-09-27:	Uncertainties over adding IP ratelimits to your local DNS resolvers
2023-09-26:	Some reasons to combine systemd-resolved with your private DNS resolver
2023-09-25:	Splitting our local DNS resolvers apart to serve different audiences
2023-09-24:	I wish Linux exposed a 'OOM kills due to cgroup limits' kernel statistic
2023-09-23:	Some questions about Unbound's domain-based rate limits (as of fall 2023)
2023-09-22:	Changing GNU Emacs Lisp functions through `advice-add`, not brute force
2023-09-21:	HTTP Basic Authentication and your URL hierarchy
2023-09-20:	Restarting nfs-server on a Linux NFS (v3) server isn't transparent
2023-09-19:	How Unix shells used to be used as an access control mechanism
2023-09-18:	Making a function that defines functions in GNU Emacs ELisp
2023-09-17:	Unix shells are generally not viable access control mechanisms any more
2023-09-16:	Apache's HTTP Basic Authentication could do with more logging
2023-09-15:	Insuring that my URL server and client programs exit after problems
2023-09-14:	An important difference between `intern` and `make-symbol` in GNU Emacs ELisp
2023-09-13:	A user program doing intense IO can manifest as high system CPU time
2023-09-12:	My (new) simple system to open URLs on my desktop from remote Linux machines
2023-09-11:	GNU Emacs, use-package, and key binding for mode specific keymaps
2023-09-10:	The roots of an obscure Bourne shell error message
2023-09-09:	The effects of modest TCP latency (I think) on my experience with some X programs
2023-09-08:	How changing a ZFS filesystem's recordsize affects existing files
2023-09-07:	(Unix) Directory traversal and symbolic links
2023-09-06:	What I understand about two-factor/multi-factor authentication (in 2023)
2023-09-05:	Having ClamAV reject email using the Malwarepatrol database seems unwise
2023-09-04:	An (Open)SSH Certificate Authority is sort of unlimited and sort of not
2023-09-03:	TLS CA root certificate name constraints for internal CAs
2023-09-02:	In practice, 'alerts' can have different meanings in different organizations
2023-09-01:	Alerting on high level 'user stories' failing doesn't work in all setups
2023-08-31:	The technical merits of Wayland are mostly irrelevant
2023-08-30:	Email anti-spam (and really all anti-spam) is all heuristics now
2023-08-29:	Experiencing the increase in web bandwidth usage for myself
2023-08-28:	Go 1.22's (likely) new `reflect.TypeFor()` generic function Link: quoting strings and breaking strings across multiple lines in YAML
2023-08-27:	YAML is an okay enough configuration file format
2023-08-26:	Linux NFS v4 idmapd domain handling and server/client agreement
2023-08-25:	Enabling NFS v4 on an Ubuntu 22.04 fileserver (instead of just NFS v3)
2023-08-24:	One challenge in reducing TLS certificate lifetimes down to 90 days
2023-08-23:	Giving Linux mountd a '--no-nfs-version 4' argument does nothing
2023-08-22:	We have a NFS v3 locking problem on our Ubuntu 22.04 servers
2023-08-21:	Packaging software is something that takes work
2023-08-20:	Unix is both a technology and an idea
2023-08-19:	CLAs create different issues than making (small) open source contributions
2023-08-18:	Contributor License Agreements (CLAs) impede modest contributions
2023-08-17:	What I need to SSH to old hosts on Fedora 37 (and probably later)
2023-08-16:	A pointless review of my (current) favorite mouse, the Contour optical mouse
2023-08-15:	Maybe we shouldn't default to allowing logins on machines
2023-08-14:	A brief brush with writing and using Python type hints
2023-08-13:	The tangled problems of asking for people's '(full) legal name'
2023-08-12:	Getting my backup Internet connection through BlueTooth on Linux
2023-08-11:	Some problems with 'first name' and 'last name' fields in data
2023-08-10:	Browsers barely care what HTTP status code your web pages are served with
2023-08-09:	A program's (effective) log messages can have many sources
2023-08-08:	Programs shouldn't commit to fixed and predictable log messages
2023-08-07:	Good RPC systems versus basic 'RPC systems'
2023-08-06:	Monitoring your logs is mostly a tarpit
2023-08-05:	How the rc shell handles whitespace in various contexts
2023-08-04:	On Linux, NFS v4 mounts are a different filesystem type than NFS (v3) mounts
2023-08-03:	Prometheus scrape failures can cause alerts to be 'resolved'
2023-08-02:	The Prometheus host agent's metrics for systemd unit restarts
2023-08-01:	Turning off the sidebar of Firefox's built in PDF viewer
2023-07-31:	Systemd auto-restarts of units can hide problems from you
2023-07-30:	Our alerts and monitoring can never be comprehensive
2023-07-29:	Prometheus Blackbox probes and DNS lookups
2023-07-28:	The issue with control flow in interpreters using the 'eval' pattern
2023-07-27:	On the future of free long term support for Linux distributions
2023-07-26:	There's more than one reason that people used (or use) CentOS
2023-07-25:	Where the speed limits on our Amanda backups appear to be in 2023
2023-07-24:	The 'eval' pattern for interpreting simple languages
2023-07-23:	Some cheap things are only cheap if they have enough volume
2023-07-22:	I'm not going to accurately remember our past views and thoughts
2023-07-21:	When we take things out of service, I should write up how they worked
2023-07-20:	Command hashing in Unix shells is probably no longer worth it
2023-07-19:	HTTP has become the default, universal communication protocol
2023-07-18:	Non-uniform CPU hyperthreading is here and can cause fun issues
2023-07-17:	A bit of Unix history on 'su -'
2023-07-16:	Social media posts aren't as small and simple as you might think
2023-07-15:	Static websites have a low barrier to entry
2023-07-14:	The theory versus the practice of "static websites"
2023-07-13:	Some notes on errno when tracing Linux kernel system call results
2023-07-12:	Two views of security and vulnerability scanners
2023-07-11:	How I move URLs between browsers in my Unix desktop environment
2023-07-10:	Notes on Linux's `/proc/locks` and NFS v4 locks as of Ubuntu 22.04
2023-07-09:	Polymorphism and other important aspects of inheritance
2023-07-08:	The HTTP status code for a web server's default "hello" front page
2023-07-07:	Our experience with nftables and 'iptables' on Ubuntu 22.04
2023-07-06:	Basic NFS v4 seems to just work (so far) on Ubuntu 22.04
2023-07-05:	The mere 'presence' of an URL on a web server is not a good signal
2023-07-04:	Web servers should refuse requests for random, unnecessary URLs
2023-07-03:	Our Python fileserver management code has been quite durable over the years
2023-07-02:	The evolving Unix attitudes on handling signals in your code
2023-07-01:	Cool URLs keep their contents (an obvious point that still matters)
2023-06-30:	In practice, cool URLs can become inaccessible even if they don't change
2023-06-29:	The persistence of 'san' names in our environment
2023-06-28:	You should delete the 'User-Agent' header from outgoing email
2023-06-27:	Belatedly remembering to use the two expression form of Python's `assert`
2023-06-26:	Let's Encrypt's interesting certificate issuance error
2023-06-25:	Why use 'TEST-NET' IP addresses in general documentation instead of RFC 1918 ranges
2023-06-24:	Everything that uses configuration files should report where they're located
2023-06-23:	Go 1.21 will (probably) download newer toolchains on demand by default
2023-06-22:	I don't expect to see competitive RISC-V servers any time soon
2023-06-21:	Domination has a lead time
2023-06-20:	Having non-x86 machines makes your life harder, especially in a mixed setup
2023-06-19:	Failing to draw lines between 'script' and 'program'
2023-06-18:	Link: The Difference Between Root Certificate Authorities, Intermediates, and Resellers One temptation of shell scripting is reusing other people's code
2023-06-17:	Javascript modifying cut and paste can sometimes be a good thing in browsers
2023-06-16:	CGIs combine well with Apache location-based access control
2023-06-15:	The evaporation of lots of .ga domains
2023-06-14:	Where your program's configuration files ('dotfiles') should go today
2023-06-13:	The Certificate Authority's view of Certificate Transparency and CT Logs
2023-06-12:	There are two levels of isolation when building Linux packages
2023-06-11:	The potential risks of using (Open)ZFS On Linux with at least NFS
2023-06-10:	A potential issue with outstanding query limits in your DNS resolver
2023-06-09:	(Apparent) Certificate Authorities aren't always actual CAs
2023-06-08:	Let's Encrypt (really ACME) has a decent reason for (still) using CSRs
2023-06-07:	A retrospective on my thesis about language niches, fifteen years later
2023-06-06:	I should read the Vim help more often
2023-06-05:	The Linux kernel will fix some peculiar argv usage in execve(2)
2023-06-04:	Why Prometheus exporters really need fixed TCP ports
2023-06-03:	Unix is not POSIX
2023-06-02:	GNU Grep versus the (Linux) open source ecology
2023-06-01:	Capturing data you need later when using bpftrace
2023-05-31:	DNSSEC failures are how you get people to disable DNSSEC
2023-05-30:	Some tricks for getting the data you need when using bpftrace
2023-05-29:	System administration's long slow march to configuration automation
2023-05-28:	My current editor usage (as of mid 2023)
2023-05-27:	How I set up a server for testing new Grafana versions and other things
2023-05-26:	In practice, Grafana has not been great at backward compatibility
2023-05-25:	That people produce HTML with string templates is telling us something
2023-05-24:	Encryption for stream based protocols versus 'RPC' protocols
2023-05-23:	Some views on protocols and encryption
2023-05-22:	What I see as good options today for encrypted NFS
2023-05-21:	NFS with Kerberos and NFS without Kerberos are two quite different things
2023-05-20:	Some notes on the cost of Go finalizers (in Go 1.20)
2023-05-19:	The long life of Apache httpd 2.4
2023-05-18:	What a desktop environment is on modern Linux
2023-05-17:	(Graphical) Unix has always had desktop environments Having metrics for something attracts your attention to it
2023-05-15:	The time our Linux systems spend on integer to text and back conversions
2023-05-14:	Why I use separate lexers in my recursive descent parsers
2023-05-13:	The paradox of ZFS ARC non-growth and ARC hit rates
2023-05-12:	The modern browser experience has some impressive subtle tricks
2023-05-11:	I've mostly stopped reading technical mailing lists
2023-05-10:	Mailing lists versus forums, some thoughts
2023-05-09:	Curing my home desktop from locking up in the cold (so far)
2023-05-08:	When to use drgn instead of eBPF tools like bpftrace, and vice versa
2023-05-07:	Advisory file locks and mandatory file locks are two quite different things
2023-05-06:	Finding which NFS client owns a lock on a NFS server via Linux kernel delving
2023-05-05:	Some early praise for using drgn for poking into Linux kernel internals
2023-05-04:	Flock() and fcntl() file locks and Linux NFS (v3)
2023-05-03:	Forcefully breaking NFS locks on Linux NFS servers as of Ubuntu 22.04
2023-05-02:	The types of TLS seen on our external MX (as of April 2023)
2023-05-01:	How NFS v3 servers and clients re-synchronize locks after reboots
2023-04-30:	Os.walk, the temptation of hammers, and the paralysis of choice
2023-04-29:	A crontab related mistake you can make with internal email ratelimits
2023-04-28:	More notes on Linux's `/proc/locks` and NFS as of Ubuntu 22.04
2023-04-27:	I can't recommend serious use of an all-in-one local Grafana Loki setup
2023-04-26:	Putting the 'User-Agent' in your web crawler's User-Agent
2023-04-25:	Understanding ZFS ARC hit (and miss) kstat statistics
2023-04-24:	Thinking about our passive exposure to IPv6 issues
2023-04-23:	Programming on Unix and automatic memory management
2023-04-22:	The two types of C programmers (a provocative thesis)
2023-04-21:	The traditional workaround for stuck NFS(v3) locks
2023-04-20:	Setting the ARC target size in ZFS on Linux (as of ZoL 2.1)
2023-04-19:	An interesting mistake I made with a (Go) SSH client API
2023-04-18:	When and how ZFS on Linux changes the ARC target size (as of ZoL 2.1)
2023-04-17:	ARC memory reclaim statistics exposed by ZFS on Linux (as of ZoL 2.1)
2023-04-16:	Some important ARC memory statistics exposed by ZFS on Linux (as of ZoL 2.1)
2023-04-15:	Some thoughts on OpenSSH versus SSH
2023-04-14:	The various sizes of the ZFS ARC (as of OpenZFS 2.1)
2023-04-13:	OpenSSH's (signed) certificates are not TLS X.509 certificates
2023-04-12:	The chain of landing web pages that I saw for a phish spam today
2023-04-11:	Notification sounds and system sounds on Linux should be granular
2023-04-10:	Failing to build a useful pre Go 1.21 static Go toolchain on Linux
2023-04-09:	On Linux, you can't usefully statically link programs using NSS
2023-04-08:	A Prometheus Alertmanager alert grouping conundrum
2023-04-07:	Go 1.21 will (likely) have a static toolchain on Linux
2023-04-06:	ZFS On Linux (still) needs better ways to control the ZFS ARC
2023-04-05:	Giving Firefox the tiniest URL bar bookmark 'star' button possible
2023-04-04:	How to get a bigger font for Firefox's preview of link targets (sort of)
2023-04-03:	Automated status tests need to have little or no 'noise'
2023-04-02:	You should automate some basic restore testing of your backups
2023-04-01:	Avoiding HTTP/3 (for a while) as a pragmatic default
2023-03-31:	Exploiting (or abusing) password fields for Multi-Factor Authentication
2023-03-30:	Giving Gnome-Terminal some margins makes me happier with it
2023-03-29:	The case of the very wrong email `Content-Transfer-Encoding`
2023-03-28:	An interesting yet ordinary consequence of ZFS using the ZIL
2023-03-27:	Moving from 'master' to 'main' in Git with local changes
2023-03-26:	My pragmatic shift from PS/2 keyboards and mice to USB ones
2023-03-25:	Apache 2.4's event MPM can require more workers than you'd expect
2023-03-24:	Key rotation is not the same as key revocation (or invalidation)
2023-03-23:	SSD block discard in practice on Linux systems
2023-03-22:	The problem RAID faces with discarding blocks on SSDs
2023-03-21:	ZFS on Linux and NFS(v3) server filesystem IDs
2023-03-20:	Today the default choice for a terminal program is Gnome Terminal
2023-03-19:	Easily adjusting the minimum interval on panels in Grafana dashboards
2023-03-18:	There are two facets to `dd` usage
2023-03-17:	Some reasons why CPUs might re-use unofficial NOPs for other things
2023-03-16:	NFS filehandles from Linux NFS servers can be client specific
2023-03-15:	The extra hazards of mutual TLS authentication (mTLS) in web servers
2023-03-14:	Some notes on searching the systemd journal with journalctl
2023-03-13:	What I like using Grafana Loki for (and where I avoid it)
2023-03-12:	Getting a Python 2 virtual environment (in 2023's twilight of Python 2)
2023-03-11:	As a system administrator, I work in many different environments
2023-03-10:	Some bits on Linux NFS(v3) server filesystem IDs (and on filehandles)
2023-03-09:	ZFS on Linux and when you get stale NFSv3 mounts
2023-03-08:	Debconf's questions, or really whiptail, doesn't always work in xterms
2023-03-07:	ANSI colours aren't consistent across X terminal programs
2023-03-06:	Special tcpdump filtering options for OpenBSD's pflog interface
2023-03-05:	An unexciting idea: Code changes have context
2023-03-04:	How secure is merely discarding (TRIMing) all of a SSD's blocks?
2023-03-03:	When securely erasing disks, who are you trying to stop?
2023-03-02:	Modern email addresses can be in UTF-8
2023-03-01:	A gotcha with Systemd's `DynamicUser`, supplementary groups, and NFS (v3)
2023-02-28:	Ubuntu is a Canonical product
2023-02-27:	Future Internet PKI schemes need to be bootstrapped through web PKI
2023-02-26:	Universities are often environments with distributed accounts and identities
2023-02-25:	Systemd-resolved plus LLMNR can create delays in name non-resolution
2023-02-24:	Thinking about what a 'VPN' solution is authenticating
2023-02-23:	The web single sign on versus availability problem
2023-02-22:	How to block people's automatic mail forwarding (to GMail, at least)
2023-02-21:	Grafana Loki doesn't compact log chunks and what this means for you
2023-02-20:	A bit on unspecified unique objects in Python
2023-02-19:	Using web server reverse proxying to deal with file access permissions
2023-02-18:	The size of a window is complicated in X (or can be)
2023-02-17:	Implementing 'grow down' window placement in Fvwm on X11
2023-02-16:	Linux Ext4 directories have a maximum size (in entries)
2023-02-15:	BIOS MBR booting isn't always flawless and can be odd
2023-02-14:	Things I ran into when moving from Fvwm2 to Fvwm3
2023-02-13:	Our current plague of revolving .top and .click spam email domains
2023-02-12:	The case for atomic types in programming languages
2023-02-11:	Learning about Linux fwmark masks
2023-02-10:	Things that systemd-resolved is not for (as of systemd 251)
2023-02-09:	I'm considering giving in to the systemd-resolved wave
2023-02-08:	The general 'recursive routing' problem in IP networking
2023-02-07:	What I want in Prometheus (as a whole) is aggregating alert notifications
2023-02-06:	Rsync'ing (only) some of the top level pieces of a directory
2023-02-05:	Some things on Prometheus's new feature to keep alerts firing for a while
2023-02-04:	The practical appeal of a mesh-capable VPN solution
2023-02-03:	In a university, people want to use our IPs even for external traffic
2023-02-02:	A gotcha when making partial copies of Prometheus's database with rsync
2023-02-01:	C was not created as an abstract machine (of course)
2023-01-31:	I've had bad luck with transparent hugepages on my Linux machines
2023-01-30:	One reason I still prefer BIOS MBR booting over UEFI
2023-01-29:	The CPU architectural question of what is a (reserved) NOP
2023-01-28:	I should assume contexts aren't retained in Go APIs
2023-01-27:	Some thoughts on whether and when TRIM'ing ZFS pools is useful
2023-01-26:	Some notes on using using TRIM on SSDs with ZFS on Linux
2023-01-25:	You should back up the settings for your Firefox addons periodically
2023-01-24:	Linux software RAID mirrors, booting, mdadm.conf, and disk counts for non-fun
2023-01-23:	I should always make a checklist for anything complicated
2023-01-22:	How Let's Encrypt accounts are linked to your certificates in Certbot
2023-01-21:	How Prometheus makes good use of the HTTP Accept: header
2023-01-20:	An instruction oddity in the ppc64 (PowerPC 64-bit) architecture
2023-01-19:	My twitch about adding a shim in front of a (shell script) interpreter
2023-01-18:	Some things on SSDs and their support for explicitly discarding blocks
2023-01-17:	An aggressive, stealthy web spider operating from Microsoft IP space
2023-01-16:	Backporting changes is clearly hard, which is a good reason to avoid it
2023-01-15:	Some weird effects you can get from shared Let's Encrypt accounts
2023-01-14:	Your server BMCs can need to be rebooted every so often
2023-01-13:	Ubuntu 22.04 LTS servers and phased apt updates
2023-01-12:	A browser tweak for system administrators doing (web) network debugging
2023-01-11:	Sometimes it actually is a kernel bug: bind() in Linux 6.0.16
2023-01-10:	My Git settings for carrying local changes on top of upstream development
2023-01-09:	In Python, zero is zero regardless of the number type Link: X Window System Basics
2023-01-08:	Let's Encrypt's complex authorization process and multi-name TLS certificates
2023-01-07:	Our ZFS spares handling system sort of relies on our patterns of disk usage
2023-01-06:	Setting alerts is a chance to figure out what you really care about
2023-01-05:	The different sorts of 'iconification' of windows in X
2023-01-04:	Finding people's use of /usr/bin/python with the Linux audit framework
2023-01-03:	Some thoughts on Prometheus Alertmanager's alert reminders
2023-01-02:	Debian has removed Python 2 from its next version
2023-01-01:	Research Unix V2 already had a lot of what we think of as 'Unix'
2022-12-31:	Going from a Firefox preference to the underlying configuration setting
2022-12-30:	Disabling automatic form autofilling in Firefox (which is now simple)
2022-12-29:	Some notes to myself on 'git log -G' (and sort of on -S)
2022-12-28:	Some practical notes on the systemd cgroups/units hierarchies
2022-12-27:	Our varied approaches to upgrading machines with local state
2022-12-26:	More use of Rust is inevitable in open source software
2022-12-25:	Sorting out PC chassis power switches for ATX power supplies
2022-12-24:	The systemd journal is primarily time-based
2022-12-23:	Handling numbers in Vim when they have a dash in front of them
2022-12-22:	The power of URLs you can use with query parameters and a HTTP GET request
2022-12-21:	The Prometheus cardinality issues with systemd unit-related metrics
2022-12-20:	Detecting missing or bad Go modules and module versions
2022-12-19:	Systemd unit templates don't provide a native way to have multiple parameters
2022-12-18:	My dmenu wrapper script and what it will invoke for me
2022-12-17:	A trick of my dmenu setup: a custom $PATH
2022-12-16:	A practical issue with YAML: your schema is not actually documentation
2022-12-15:	How I do static IPs and names for my NAT'd libvirt-based VMs
2022-12-14:	Your options for displaying status over time in Grafana 9
2022-12-13:	Go and the case of the half-missing import
2022-12-12:	An enforced 'real names only' policy forces people to advertise things
2022-12-11:	Prometheus Blackbox 0.23.0 has added a nice improvement to its DNS checks
2022-12-10:	Unix's special way of marking login shells goes back to V2 Unix (at least)
2022-12-09:	Sometimes an Ubuntu package of a Python module is probably good enough
2022-12-08:	Python version upgrades and deprecations
2022-12-07:	My story of using Linux libvirt/KVM to get an ad hoc remote desktop
2022-12-06:	Why being able to partially distrust a Certificate Authority is good
2022-12-05:	I've now disabled systemd-oomd on my Fedora desktops
2022-12-04:	How to lose some of your tabs in Firefox 107+ (and possibly earlier)
2022-12-03:	Using Dovecot 2.3's 'events' system to create Prometheus metrics
2022-12-02:	Apache 2.4's event MPM and oddities with `ServerLimit`
2022-12-01:	Linux Certificate Authority root stores have a too simple view of 'trust'
2022-11-30:	Using Dovecot 2.3's 'events' system to generate log messages
2022-11-29:	The uncertain question of how much RAM our servers need
2022-11-28:	The annoying question of Intel CPU support for XMP RAM profiles
2022-11-27:	Getting my unit size 'prefixes' (really suffixes) straight, sort of
2022-11-26:	Moving our /var/mail to be local on our IMAP server has gone very well
2022-11-25:	A revealing Vim addressing mistake that I made today
2022-11-24:	Unix's (technical) history is mostly old now
2022-11-23:	Unix swap configuration used to be rather simple and brute force
2022-11-22:	Twitter's 'quoted tweets' feature and how design affects behavior
2022-11-21:	Using curl to test alternate (test) servers for a web site
2022-11-20:	Floating point NaNs as map keys in Go give you weird results
2022-11-19:	Python dictionaries and floating point NaNs as keys
2022-11-18:	Go 1.21 may have a `clear(x)` builtin and there's an interesting reason why
2022-11-17:	Understanding how fast Ethernet really is (and in what units)
2022-11-16:	Monitoring if our wireless network is actually working in locations
2022-11-15:	It's useful to think about a 'ground up' recovery of your environment
2022-11-14:	Firefox will now copy non-breaking spaces from HTML and that can be a problem
2022-11-13:	I wouldn't use ZFS for swap (either for swapfiles or with a zvol)
2022-11-12:	Questionable TLS Certificate Authorities and Certificate Transparency
2022-11-11:	How Linux swap files (and swap partitions) find where to read and write
2022-11-10:	The problem of (Unix) swapfiles and server backups
2022-11-09:	Linux swap files don't seem to update their modification time when you swap
2022-11-08:	Some thoughts on organizations running their own Fediverse instance
2022-11-07:	An odd error I encountered with ZFS snapshots on Ubuntu 18.04
2022-11-06:	Go's sync.Pool has (undocumented) 'thread' locality
2022-11-05:	Our upgrade wave of Ubuntu 18.04 machines has gone fine
2022-11-04:	An email's Message-ID header isn't a good spam signal (in late 2022)
2022-11-03:	On not having a separate /boot filesystem on modern (x86) Linux
2022-11-02:	The problem of getting problem reports from (our) people
2022-11-01:	(Maybe) copying email anti-spam measures from Google and company
2022-10-31:	I wish ZFS supported per-user reservations, not just per-user quotas
2022-10-30:	Silencing KDE application notification sounds under fvwm
2022-10-29:	Importing a Python program that doesn't have a .py extension
2022-10-28:	People like file extensions whether or not they're necessary
2022-10-27:	Scripts and programs should skip having extensions like '.sh' and '.bash'
2022-10-26:	Our computer security problems are our own fault
2022-10-25:	An email phish attempt using attachment file type confusion
2022-10-24:	Filesystems and progressive deletion of things
2022-10-23:	Why I feel DNS CAA records are a real TLS security improvement in practice
2022-10-22:	TLS Certificate Transparency is about improving the (web) TLS ecology
2022-10-21:	The Prometheus `timestamp()` function can be used on expressions, sort of
2022-10-20:	The programming challenge that is a modern browser
2022-10-19:	Understanding '+incompatible' in Go module version names
2022-10-18:	We're finally fully moving away from Apache's prefork MPM (hopefully)
2022-10-17:	The proper setup of a Go module, as I understand it
2022-10-16:	What it means to see a 'bad' certificate in TLS Certificate Transparency logs
2022-10-15:	How much swap space we're using across our servers (in October 2022)
2022-10-14:	Two views of CPU utilization (a realization)
2022-10-13:	We're moving away from swap partitions on our Linux servers
2022-10-12:	We are stuck with `egrep` and `fgrep` (unless you like beating people)
2022-10-11:	When Promtail seems to make position checkpoints (as of v2.6.1)
2022-10-10:	The pragmatic effects of setting `nconnect` on NFS v3 mounts on Linux
2022-10-09:	Research Unix V7's (comparatively) long time gap from V6
2022-10-08:	Linux NFS clients (normally) make only one TCP connection to each fileserver
2022-10-07:	How old various Unix signals are
2022-10-06:	My performance intuitions and the complexities of SSD performance
2022-10-05:	The Maildir mail storage format doesn't seem to work well over NFS
2022-10-04:	Our unusual traditional /var/mail setup for people's inboxes
2022-10-03:	Universities, "Bring your own device", and security
2022-10-02:	Universities and their non-employees (part two)
2022-10-01:	YAML in practice can be looser than I expected
2022-09-30:	Your Grafana Loki setup needs security and access control
2022-09-29:	Python virtual environments can usually or often be moved around
2022-09-28:	How I've set up my libvirt based virtual machines (in late 2022)
2022-09-27:	Reaching past our firewalls with WireGuard (some thoughts)
2022-09-26:	The lsb_release program and the /etc/os-release file
2022-09-25:	What can a compromised TLS Certificate Transparency Log do?
2022-09-24:	Needing xdg-desktop-portal may be in my future (even without Wayland)
2022-09-23:	Browsers and them 'supporting' TLS certificate transparency
2022-09-22:	The TLS client's view of Certificate Transparency and CT Logs
2022-09-21:	Some notes on the readings you get from USB TEMPer2 temperature sensors
2022-09-20:	Why the ZFS ZIL's "in-place" direct writes of large data are safe
2022-09-19:	Tangled issues with what status we should use for our HTTP redirects
2022-09-18:	I believe SELinux needs active support from your distribution
2022-09-17:	Authenticated SMTP and IMAP authentication attacks and attempts we see here
2022-09-16:	The problem of network tunnels and (asymmetric) routing
2022-09-15:	The C `free()` API gives libraries and functions useful freedom
2022-09-14:	Grafana Loki doesn't duplicate a central syslog server (or vice versa) Link: USB, Thunderbolt, Displayport & docks
2022-09-13:	My Firefox addons as of Firefox 104 (they haven't changed in a while)
2022-09-12:	What's lost when running the Prometheus host agent as a non-root user on Linux
2022-09-11:	The amount of memory in basic 1U servers and our shifting views of it
2022-09-10:	C's `malloc()` and `free()` APIs are reasonable APIs for C
2022-09-09:	How we monitor the temperature of our machine rooms
2022-09-08:	Grafana's problem with the order of dashboard panel legends and Prometheus
2022-09-07:	What systemd timer directives seem to be used in practice
2022-09-06:	Machine room temperatures and the value of long Prometheus metrics history
2022-09-05:	The history of sending signals to Unix process groups
2022-09-04:	Support for 'kill -SIGNAME ...' was added in 4BSD
2022-09-03:	Our Prometheus host metrics saved us from some painful experiences
2022-09-02:	An rsyslog(d) syslog forwarding setup for Grafana Loki (via Promtail)
2022-09-01:	Go 1.19 added an `atomic.Pointer` type that's a generic type
2022-08-31:	ZFS DVA offsets are in 512-byte blocks on disk but zdb misleads you about them
2022-08-30:	ZFS DVA offsets are in bytes, not (512-byte) blocks
2022-08-29:	A thought on presentational versus semantic HTML
2022-08-28:	Getting USB TEMPer2 temperature sensor readings into Prometheus (on Linux)
2022-08-27:	Large scale Internet SSH brute force attacks seem to have stopped here
2022-08-26:	Using systemd timers to run things frequently (some early notes)
2022-08-25:	U.2, U.3, and other server NVMe drive connector types (in mid 2022)
2022-08-24:	We now have some 1U servers with U.2 NVMe SSDs and they're okay
2022-08-23:	On Ubuntu, AppArmor is quite persistent and likes to reappear on you
2022-08-22:	Some notes on Grafana annotations sourced from Prometheus metrics
2022-08-21:	ZFS DVAs and what they cover on raidz vdevs
2022-08-20:	The Ubuntu 22.04 server installer wants you to scrub reused disks first
2022-08-19:	I wish Prometheus had a table-driven label remapping feature
2022-08-18:	Rasdaemon is what you want on Linux if you're seeing kernel MCE messages
2022-08-17:	Some resources for looking at the current development version of Go
2022-08-16:	The names of disk drive SMART attributes are kind of made up (sadly)
2022-08-15:	Disk drive SMART attributes can go backward and otherwise be volatile
2022-08-14:	Our slow turnover of servers and server generations
2022-08-13:	The C `free()` API means memory allocation must save some metadata
2022-08-12:	My adventure with URLs in a Grafana that's behind a reverse proxy
2022-08-11:	My uncertainty over whether an URL format is actually legal
2022-08-10:	Some notes (to myself) about formatting text in `jq`
2022-08-09:	Ubuntu 22.04 with multiple disks and (U)EFI booting
2022-08-08:	Two example Grafana Loki log queries to get things from ntpdate logs
2022-08-07:	Our BMCs are not great at keeping accurate time
2022-08-06:	The pervasive effects of C's malloc() and free() on C APIs
2022-08-05:	How old our servers are (as of 2022)
2022-08-04:	The odd return value of the original 4.2 BSD `gethostbyname()` Link: The MGR Window System
2022-08-03:	Vim settings I'm using for editing YAML (with a sideline into Python)
2022-08-02:	I wish that systemd (and everything) would rate-limit configuration warnings
2022-08-01:	A brief history of looking up host addresses in Unix
2022-07-31:	Using Prometheus's recent '@ end()' PromQL feature to reduce graph noise
2022-07-30:	Python is my default choice for scripts that process text
2022-07-29:	How systemd names instances of templated socket service units
2022-07-28:	Print based debugging and infrequent developers
2022-07-27:	What ZFS 'individual' and 'aggregated' IO size statistics mean
2022-07-26:	To be fully useful, Prometheus histograms want their cumulative sums
2022-07-25:	ZFS pool IO statistics (and vdev statistics) are based on physical disk IO
2022-07-24:	Some pragmatic issues with Linux kernel mode setting on servers
2022-07-23:	The state of getting per-pool IO statistics in ZFS on Linux as of version 2.1
2022-07-22:	I've now used Linux nftables for firewall rules and it went okay
2022-07-21:	You can sensibly move or copy Prometheus's database with rsync
2022-07-20:	A brute force solution to nested access permissions in Apache
2022-07-19:	We won't be sending systemd logs to Grafana Loki in JSON format
2022-07-18:	Grafana Loki and what can go wrong with label cardinality
2022-07-17:	An assortment of timestamp formats found in our (Unix) logs
2022-07-16:	How to get (or recognize) a common Unix log timestamp format in things
2022-07-15:	'iptables -L' doesn't show you interface matches on rules by default
2022-07-14:	IMAP servers can have significant imbalances between disk and network IO
2022-07-13:	How Unix didn't used to support '#!', a brief history
2022-07-12:	Getting the names of your Linux software RAID devices to stick
2022-07-11:	It feels surprisingly good to block Bingbot from my blog front page
2022-07-10:	My distrust of multi-factor authentication's account recovery story
2022-07-09:	The Linux load average does mean something (although maybe not much)
2022-07-08:	Larger backup systems often operate in multiple stages
2022-07-07:	DKIM signature types (algorithms) that we see (as of July 2022)
2022-07-06:	My current mixed views on the Linux kernel netconsole
2022-07-05:	A surprise: you can only have one Linux kernel serial console
2022-07-04:	Why an empty (executable) file is generally true in Unix
2022-07-03:	Filesystems versus general tree structures
2022-07-02:	Why reproducible machines didn't used to be a priority (I think)
2022-07-01:	A quiet shift in what tech people build for their blogs
2022-06-30:	Having one is often much easier than having more than one
2022-06-29:	Notes on the Linux kernel's 'pressure stall information' and its meanings
2022-06-28:	What symmetric and asymmetric IP routing are
2022-06-27:	Wishing for a simple way to set up multi-interface symmetric routing on Linux
2022-06-26:	Modern disk sizes and powers of two
2022-06-25:	A limitation on what '`go install`' can install (as of Go 1.18)
2022-06-24:	Even for us, SSD write volume limits can matter
2022-06-23:	A mystery with Fedora 36, fontconfig, and xterm (and urxvt)
2022-06-22:	Signing email with DKIM is becoming increasing mandatory in practice
2022-06-21:	Some network speeds and network related speeds we see in mid 2022
2022-06-20:	Modern HDDs have gotten somewhat better than they used to be
2022-06-19:	What fast SSH bulk transfer speed (probably) looks like in mid-2022
2022-06-18:	Humanizing numbers in Python through a regexp substitution function
2022-06-17:	What is our Python 2 endgame going to be?
2022-06-16:	I wish Grafana dashboards and panels could have easy, natural comments
2022-06-15:	Understanding some peculiarities of per-cgroup memory usage accounting
2022-06-14:	Go programs and Linux glibc versioning
2022-06-13:	In general Unix system calls are not cancellable, just abortable
2022-06-12:	Framebuffer consoles have been around before on Unix workstations
2022-06-11:	Linux kernel mode setting on servers (and Ubuntu 22.04)
2022-06-10:	Text consoles and framebuffer consoles in Linux
2022-06-09:	How we wound up with Linux's kernel mode setting ('KMS')
2022-06-08:	The information theory reason for assuming non-secret cryptography algorithms
2022-06-07:	TLS Certificate Transparency logs don't always talk to you
2022-06-06:	Doing a selective alert about a host's additional exporters in Prometheus
2022-06-05:	Checking a few metrics (time series) at once in Prometheus's query language
2022-06-04:	Web URL paths don't quite map cleanly onto the abstract 'filesystem API'
2022-06-03:	Regular expressions are effectively a (hard) programming language
2022-06-02:	Serving static files versus dynamic web server APIs
2022-06-01:	Setting up Linux fair share CPU scheduling with systemd and cgroup v2
2022-05-31:	The basics of Linux fair share CPU scheduling in cgroup v2 ('unified cgroups')
2022-05-30:	Systemd memory limits and strict memory overcommit
2022-05-29:	My wish for per-port IP access controls in systemd .service units
2022-05-28:	It's a bit risky to give people access to your Prometheus Blackbox exporter
2022-05-27:	Modal dialogs and other things that steal keyboard focus are dangerous
2022-05-26:	Stopping an Ubuntu 22.04 desktop from suspending at the login screen
2022-05-25:	Shell scripts should be written to be clear first
2022-05-24:	Some notes on providing Python code as a command line argument
2022-05-23:	Systems should expose a (simple) overall health metric as well as specifics
2022-05-22:	Modern (public) TLS has only a limited number of intermediate certificates
2022-05-21:	Some things that make languages easy (or not) to embed in Unix shell scripts
2022-05-20:	Getting a Bourne shell "here document" into a shell variable
2022-05-19:	Moving a libvirt-based virtualization setup from one machine to another
2022-05-18:	Missing TLS intermediate certificates can create mysterious browser problems
2022-05-17:	Why I'm not all that positive on working through serial consoles
2022-05-16:	Python programs as wrappers versus filters of other Unix programs
2022-05-15:	The idea of hierarchical filesystems doesn't feel like an API to me
2022-05-14:	The web is, in a sense, designed for serving static files
2022-05-13:	The cause of an odd DNF/RPM error about conflicting files
2022-05-12:	Why I'm considering some use of NetworkManager (and I probably have to)
2022-05-11:	Traditionally there are fewer steps in setting up a static website
2022-05-10:	Seeing the speed of your USB devices under Linux the easy way
2022-05-09:	Snaps don't seem compatible with NFS home directories in Ubuntu 22.04
2022-05-08:	Checking if a machine is 'up' for scripts, well, for rsync
2022-05-07:	Solving a problem I had with the Unix date command in the right way
2022-05-06:	Filtering Prometheus metrics with deliberately repeated labels
2022-05-05:	When you install systems semi-manually, when updates get done matters
2022-05-04:	The temptation of smartctl's JSON output format given NVMe SSDs
2022-05-03:	NVMe disk drives and SMART attributes (and data)
2022-05-02:	Monitoring is too hard, as illustrated by TLS certificates expiring Link: An opinionated list of best practices for textual websites
2022-05-01:	Using Linux's libvirt for my virtualization needs has been okay
2022-04-30:	Some thoughts about your (our) site needing Javascript
2022-04-29:	Our positive experience with having our support site be basic HTML
2022-04-28:	The practical problem with /etc/pam.d on long-lived Linux systems
2022-04-27:	The root cause of my xdg-desktop-portal problems on a Fedora machine
2022-04-26:	Why your physical servers running Ubuntu 22.04 LTS can boot very slowly
2022-04-25:	Sort of making snapshots of UEFI libvirt-based virtual machines
2022-04-24:	Some things that make shell scripts have performance issues
2022-04-23:	The temptation of writing shell scripts, illustrated
2022-04-22:	The state of Python (both 2 and 3) in Ubuntu 22.04 LTS
2022-04-21:	4K HiDPI monitors come in inconvenient sizes if you want two of them
2022-04-20:	My virtualization setup so far with Linux's virt-manager and friends
2022-04-19:	Some bits on keeping isolated network interfaces organized (on Linux)
2022-04-18:	How to talk to a local IPMI under OpenBSD Where Linux's load average comes from in the kernel
2022-04-16:	"Long term support" Unixes and versions of software in them
2022-04-15:	I need (or at least want) a new virtual machine (GUI) environment
2022-04-14:	Building Firefox from source and Rust versions
2022-04-13:	A reason why Unix programs sometimes support '-?' for help
2022-04-12:	Mangling your distribution version in your Apt sources for fun and profit
2022-04-11:	How Debian's procps package is surprisingly opinionated
2022-04-10:	A Linux PAM setup and the problem of stopping authentication
2022-04-09:	Understanding the effects of PAM module results ('controls' in PAM jargon)
2022-04-08:	On the ordering of password and MFA challenges during login
2022-04-07:	What goes into an X resource and its name
2022-04-06:	Fedora now has a sensible UEFI boot setup (and has for some time)
2022-04-05:	The failure of the idea of X resources
2022-04-04:	Things I needed to change for HiDPI on Linux that weren't in my X settings
2022-04-03:	Some notes on using `snmpwalk` to poke at devices with SNMP
2022-04-02:	Sorting out IPMI and BMC terminology and technology
2022-04-01:	Some notes on finding and reading information over SNMP
2022-03-31:	The awkward timing of Fedora and Go releases
2022-03-30:	Why a (Linux) service delaying its shutdown is a bad thing
2022-03-29:	Fixing Pipx when you upgrade your system Python version
2022-03-28:	We need a way to scan Microsoft Office files for malware
2022-03-27:	Some thoughts on Go's unusual approach to identifier visibility
2022-03-26:	Unsurprisingly, the clock in your server's IPMI drifts over time
2022-03-25:	Some notes on `lslocks`, the Linux command to list current file locks
2022-03-24:	Some notes on Linux's `/proc/locks` listing of file locks
2022-03-23:	Document your mistakes and then try to block them in the future
2022-03-22:	Getting a fixed baud rate on your serial ports for logins under systemd
2022-03-21:	The modern trend of variable DNS results and its effects on troubleshooting
2022-03-20:	Prometheus: using gauge-like things as if they were counters
2022-03-19:	Some problems that Python's `cgi.FieldStorage` has
2022-03-18:	Our limited use of Python's `cgi` module
2022-03-17:	I need to remember to check for ZFS filesystems being mounted
2022-03-16:	People might want to think about saving a copy of Go 1.17
2022-03-15:	How Linux dynamic loaders can be both shared objects and executables
2022-03-14:	Where `cut` comes into Unix (and a bit on the history of `awk`)
2022-03-13:	We do see ZFS checksum failures, but only infrequently
2022-03-12:	I wish ZFS pools kept a persistent count of various errors
2022-03-11:	Filesystems can experience at least three different sorts of errors
2022-03-10:	It would be nice if Linux had a count of disk errors in sysfs
2022-03-09:	Linux disk names you can encounter in your Prometheus host metrics
2022-03-08:	Hardware can be weird, server and USB keyboard edition
2022-03-07:	The convenience of multi-purpose monitoring (in Prometheus)
2022-03-06:	What sort of server it takes to build Firefox in four and a bit minutes
2022-03-05:	Dynamic web pages can be viewed as a form of compression (sometimes)
2022-03-04:	A pragmatic driver of support for serving static files on the web is efficiency
2022-03-03:	Understanding a thing with ZFS on Linux, kernel versions, RPMs, and DKMS
2022-03-02:	A Python program can be outside of a virtual environment it uses
2022-03-01:	The problem of keeping track of hardlinks as you traverse a directory tree
2022-02-28:	Firefox (Nightly) and the case of the fading scrollbars on Unix
2022-02-27:	Python's `os.environ` is surprisingly liberal in some ways
2022-02-26:	Unix environment variables (and the environment) are a fuzzy thing
2022-02-25:	The varying sizes of images on the web today, and remembering that
2022-02-24:	I've come to think that the Git index is a good thing
2022-02-23:	Some early notes on Dovecot namespaces (in Dovecot 2.2.33, currently)
2022-02-22:	A realization about using DNS sub-names in modern protocols like DMARC
2022-02-21:	Python's Global Interpreter Lock is not there for Python programmers
2022-02-20:	The history (sort of) of service management in Unix
2022-02-19:	The important things about Unix init systems aren't booting the system
2022-02-18:	Ubuntu limits the console kernel log level even on servers
2022-02-17:	The Linux kernel's message log levels are relatively meaningless
2022-02-16:	Lurking complexities in a web server that just serves static files
2022-02-15:	A major caution when using '`rsync -a`' to copy or move directory trees
2022-02-14:	Beware of trying to compare the size of subtrees with `du`
2022-02-13:	Go generics: the question of types made from generic types and type sets
2022-02-12:	The 'any' confusion in Go generics between type constraints and interfaces
2022-02-11:	Some things on strict and relaxed DKIM alignment in DMARC
2022-02-10:	Notes on using DKIM in a DMARC world
2022-02-09:	ZFS performance and modern solid state disk systems
2022-02-08:	Some SSD write volumes from my machines
2022-02-07:	What does it mean for a filesystem to perform well on modern hardware?
2022-02-06:	Checking out a Git branch further back than the head
2022-02-05:	Go 1.18 won't have a '`constraints`' package of generics helpers
2022-02-04:	Some notes on Grafana relative time ranges
2022-02-03:	The hassles today of having servers with disks that can't be hot-swapped
2022-02-02:	Disk drives can have weird SMART values for their power on hours
2022-02-01:	The likely long-term result of good on-host (host-based) firewalls
2022-01-31:	Git 2.34 has changed how you configure fast-forward only pulls and rebasing
2022-01-30:	A thesis: most websites are implicitly designed with a short lifetime
2022-01-29:	The reason Unix has the argv[0] issue (and API)
2022-01-28:	Some things on Django's CSRF protection, sessions, and `REMOTE_USER`
2022-01-27:	The Linux kernel, simultaneous multithreading, and process scheduling Django and Apache HTTP Basic Authentication (and `REMOTE_USER`)
2022-01-25:	Giving things an IP address is dangerous (to them) Go generics are going to be both simple and complex (as of Go 1.18)
2022-01-23:	DNS queries to external sources do fail every so often out of the blue
2022-01-22:	Modern public TLS is a quite different thing than it used to be
2022-01-21:	Sorting out the situation with Intel desktop CPUs and hyper-threading
2022-01-20:	I'm using journalctl's --since option now to speed up checking logs
2022-01-19:	When I might expect simultaneous multithreading to help
2022-01-18:	Logs are invisible (at least most of the time and by default)
2022-01-17:	Pipx and a problem with changing the system Python version
2022-01-16:	HTTPS is still optional, at least sort of
2022-01-15:	You should do lint checks on your Prometheus alert (and recording) rules
2022-01-14:	Link: Histograms in Grafana (a howto) Understanding what a DKIM (spam) replay attack is
2022-01-13:	In practice, there are two types of window managers in modern X
2022-01-12:	My sunk cost fallacy relationship with my home desktop
2022-01-11:	Some things about Prometheus Alertmanager's notification metrics
2022-01-10:	The complexity of seeing if your Prometheus Alertmanager is truly healthy
2022-01-09:	I have mixed feelings about the Go `time` package's time formatting strings
2022-01-08:	Good web scraping is not just about avoiding load
2022-01-07:	In practice, Debian (and Ubuntu) have fixed minimum system UIDs and GIDs
2022-01-06:	An annoyance with Debian postinstall scripts during package upgrades
2022-01-05:	Some things about Dovecot, its index files, and the IMAP SELECT command
2022-01-04:	Some ways to implement `/dev/fd` in Unix kernels
2022-01-03:	The important Unix idea of the "virtual filesystem switch"
2022-01-02:	Why "process substitution" is a late feature in Unix shells Why I'm not interested in rolling back to snapshots of Linux root filesystems
2021-12-31:	Why I (still) use ext4 for my Linux root filesystems
2021-12-30:	Checking what features your ext4 filesystems have
2021-12-29:	Pipx's 'reinstall' command works right by reinstalling injected packages too
2021-12-28:	A realization of why email is critical infrastructure for the Internet
2021-12-27:	Link: Eric Rescorla's "DNS Security, Part II: DNSSEC" A thesis: large, significant open source projects must keep moving or die Security systems and requiring attacks instead of accidents to evade them
2021-12-25:	Our webmail is a surprisingly popular service
2021-12-24:	Sadly, my experience is that big commercial anti-malware detection is better
2021-12-23:	Running your own email is increasingly an artisanal choice, not a practical one
2021-12-22:	Using `pipx` in a PyPy installation more or less just works
2021-12-21:	Our internal network access authentication needs
2021-12-20:	Some usage notes for the Linux `ss` program
2021-12-19:	My Firefox bookmarklet to see links I've visited more reliably Some brief notes for myself on growing a LVM root filesystem
2021-12-17:	Our never-used system for user-provided NFS accessible storage In Go 1.18, generics are implemented through code specialization
2021-12-15:	User runtime directories on modern Linux, aka `/run/user/<uid>`
2021-12-14:	Finding Ubuntu (and Debian) packages that are in odd states
2021-12-13:	A bit on compilation's changing number of stages (and assembly)
2021-12-12:	How Vim's visual mode has wound up being useful for me
2021-12-11:	Some numbers from ZRAM swap on my two Fedora machines
2021-12-10:	The question (and some answers) of modern day partition sizes for Linux
2021-12-09:	Why it's good to explicitly document the purposes of things, illustrated Some NVMe drive temperature things from my drives
2021-12-08:	NVMe drives and the case of opaque bandwidth limits
2021-12-06:	Linux's `vm.admin_reserve_kbytes` sysctl is both not big enough and not sufficient
2021-12-05:	A bit on what Unix system pre-boot environments used to look like
2021-12-04:	Most computer standards broadly require good faith implementations
2021-12-03:	My views so far on bookmarklets versus addons in Firefox
2021-12-02:	On servers maybe moving to M.2 NVMe drives for their system drives
2021-12-01:	Unfortunately, damaged ZFS filesystems can be more or less unrepairable
2021-11-30:	Prometheus will make persistent connections to agents (scrape targets)
2021-11-29:	The long term relative prices of M.2 NVMe drives and 2.5" SSDs
2021-11-28:	The problem I have with Pip's dependency version handling
2021-11-27:	Two stories of how and why simultaneous multithreading works
2021-11-26:	How we use the SLURM job scheduler system on our compute servers Why region based memory allocation help with fragmentation
2021-11-25:	Computation that needs to be "secure" is everywhere in practice
2021-11-23:	I wish systemd logged information about the source of "transactions"
2021-11-22:	Why it matters to us if exploits are available for security issues
2021-11-21:	Why V7 Unix matters so much
2021-11-20:	Linux has no fair-share scheduling that really works for compute servers Why your Go programs can surprisingly be dynamically linked
2021-11-18:	What data about your NVMe drives Linux puts in sysfs
2021-11-17:	Why we have a split-horizon DNS setup
2021-11-16:	Why we have public websites on private IPs (internally)
2021-11-15:	Chrome may start restricting requests to private networks
2021-11-14:	Go 1.18 will let you set the version of the "AMD64" architecture to target
2021-11-13:	Considering "iowait" CPU time and CPU utilization
2021-11-12:	A linear, sequential boot and startup order is easier to deal with
2021-11-11:	I'm unsure of the security of simultaneous multithreading on modern x86 CPUs
2021-11-10:	People will always exploit presentation, because presentation matters
2021-11-09:	Our new way of waiting for the network to be "up" in systemd's world
2021-11-08:	Soon to expire TLS certificates aren't necessarily a problem
2021-11-07:	Systemd timer units don't have much appeal for us (over crontab entries)
2021-11-06:	Thinking about when our crontab entries run
2021-11-05:	If we use PyPy, we'll likely use our own install of it
2021-11-04:	Two different worldviews of version control systems
2021-11-03:	Thinking through the threat models when encrypting your backups
2021-11-02:	Why I maintain my private changes to upstream projects via rebasing
2021-11-01:	Rebasing changes can be common when working with version control systems
2021-10-31:	Linux puts a bunch of DMI information into sysfs for you Python 3 forced its own hand so that standard input had to be Unicode
2021-10-29:	Why browsers are driven to offer some degree of remote control Things to do in Python 3 when your Unix standard input is badly encoded
2021-10-27:	We're seeing increasingly targeted and dangerous phish spam attempts
2021-10-26:	Vim visual mode and an unfortunate restriction on the filter operation Go 1.18 will embed source version information into binaries
2021-10-24:	Companies and their stewardship of open source projects Your SMART drive database of attribute meanings needs regular updates
2021-10-22:	Python 2's status in various Linux distributions (October 2021 edition)
2021-10-21:	The easy way to see underneath NFS mount points on Linux
2021-10-20:	In the beginning, there was no way to expand C's stack size
2021-10-19:	VCS history versus large open source development
2021-10-18:	The cut and paste irritation in "smart" in-browser text editing Getting some hardware acceleration for video in Firefox 93 on my Linux home desktop
2021-10-16:	My wish for a way to activate one systemd unit when another one started
2021-10-15:	You may not want to require all of your bind mounts (in systemd)
2021-10-14:	Systemd (v237) can do quite odd things with `/etc/fstab` bind mounts
2021-10-13:	Web browsers drive what Certificate Authority root certificates are accepted
2021-10-12:	Reasons to limit your stack size even in non-threaded environments
2021-10-11:	Unknown NMIs and counting hardware CPU events in eBPF programs
2021-10-10:	TLS Certificate Transparency logs let us assess Certificate Authorities V7 Unix had no stack size limit, and when Unix acquired one
2021-10-08:	We've migrated from Yubikey 2FA to the university's MFA What Linux kernel "unknown reason" NMI messages mean
2021-10-06:	The OpenSSH server has limits on what user authentication you can use
2021-10-05:	Some early notes on using pipx for managing third-party Python programs
2021-10-04:	The "why" problem with on-host (host-based) firewalls on your machines
2021-10-03:	Modern TLS has no place left for old things, especially clients Desktops don't always use NetworkManager's programs
2021-10-01:	Firefox on Unix is moving away from X11-based remote control
2021-09-30:	Moving averages (and rates) for metrics in Prometheus (and Grafana)
2021-09-29:	My changing (citation) style of external links here on Wandering Thoughts
2021-09-28:	Avoiding flawed server ACPI information for power monitoring
2021-09-27:	Stack size is invisible in C and the effects on "portability"
2021-09-26:	The shifting view of two factor authentication at the university
2021-09-25:	Notes on updating OpenBSD machines to current, supported versions
2021-09-24:	Understanding EGL, GLX and friends in the Linux and X graphics stack Link: Examining btrfs, Linux’s perpetually half-finished filesystem Go generics have a new "type sets" way of doing type constraints
2021-09-22:	It's probably not the hardware, a sysadmin lesson
2021-09-21:	Why we care about being able to (efficiently) reproduce machines
2021-09-20:	What the '`proto`' field is about in Linux '`ip route`' output (and input)
2021-09-19:	Microsoft's Bingbot crawler is relentless for changing pages (it seems)
2021-09-18:	One major obstacle to unifying the two types of package managers
2021-09-17:	At least from an outside perspective, Ubuntu is Canonical's thing
2021-09-16:	Use virtual environments to install third-party Python programs from PyPI
2021-09-15:	Some notes on upgrading programs with Python's pip
2021-09-14:	There are (at least) two types of package managers
2021-09-13:	The rc shell's nice feature for subdirectory searching of `$PATH` Why I'm mostly not a fan of coloured text (in terminals or elsewhere)
2021-09-11:	How many Prometheus metrics a typical host here generates Some things to reduce background bandwidth usage on a Fedora machine
2021-09-09:	TLS Certificate Transparency logs come and go over time
2021-09-08:	The "web" TLS world is different from the non-public one in practice
2021-09-07:	My long-lived personal Linux installs
2021-09-06:	Why Nutch-based web spiders are now blocked here
2021-09-05:	Firefox on Linux is still not working well with WebRender for me (again)
2021-09-04:	Adding a "host" label to all of your per-host Prometheus metrics
2021-09-03:	How I try out and test new versions of Grafana
2021-09-02:	Go multi-module workspace mode, a forthcoming feature in Go 1.18
2021-09-01:	Large Unix programs were historically not all that portable between Unixes
2021-08-31:	Go doesn't have a stack the way that some other languages do
2021-08-30:	How ZFS stores symbolic links on disk
2021-08-29:	Some notes on OpenZFS's new 'draid' vdev redundancy type In Go, pointers (mostly) don't go with slices in practice
2021-08-27:	What my first Linux was, and its context Using our metrics system when I test systems before deployment
2021-08-25:	I'm turning off dnf-makecache on my Fedora machines My interest in Intel's future discrete GPUs (and my likely disappointment)
2021-08-23:	Notes on deliberately invoking actions controlled by systemd timers
2021-08-22:	What we'll likely do when Linux distributions drop Python 2 entirely Setting up Python LSP support in GNU Emacs is reasonably worth it
2021-08-20:	A home UPS has been more handy and useful than I expected Seeing what all Cinnamon keyboard shortcuts are
2021-08-19:	Configuration (and configuration files) is not and cannot be generic
2021-08-17:	It's surprising how many things assume you have available bandwidth
2021-08-16:	Browsers listening to developers or users requires them to be humble
2021-08-15:	Chrome's automatic updates and the power it holds on the web
2021-08-14:	Our experience with IPP-based, PPD-less CUPS printing
2021-08-13:	Some of my views on using YAML for human-written configuration files Prometheus alerts and the idea of "deadbands" (or maybe hysteresis) (with an implementation) Learning that Vim has insert mode keystrokes that do special things Go keeps surprising me with its careful design and specification
2021-08-12:	Prometheus, Alertmanager, and maybe avoiding flapping alerts
2021-08-11:	The meaning of "hysteresis" and how it relates to alerts
2021-08-09:	The Firefox uMatrix addon is not quite dead (so far)
2021-08-08:	The xterm terminal emulator can do a lot more than just display text
2021-08-07:	Some thoughts on new top-level domains being used for spam
2021-08-06:	Some bits of how Bash and GNU Readline's "bracketed paste" mode behaves
2021-08-05:	Using journalctl's ability to show only one service
2021-08-04:	I have mixed views on new DNS top level domains (TLDs) When you do and don't get stuck query results from a down Prometheus
2021-08-02:	Anonymous ("transparent") structures are a good thing in programming languages
2021-08-01:	Unix APIs are where I first saw C `#define` used to rename `struct` fields
2021-07-31:	Learning that you can use unions in C for grouping things into namespaces
2021-07-30:	Hardware and (Linux) driver quality can be invisible to non-specialists XHTML pages cause problems for some Firefox addons
2021-07-29:	How Go maps store their values (and keys)
2021-07-28:	Modern email is hard to search, which encourages locked up silos
2021-07-26:	Understanding plain Linux NVMe device names (in `/dev` and kernel messages)
2021-07-25:	I should probably learn command-line NetworkManager usage The tiny irritation of ZFS's '`zpool status`' nagging you about upgrades
2021-07-23:	Why it matters that map values are unaddressable in Go
2021-07-22:	Apache's mod_wsgi and the Python 2 issue it creates Improving my web reading with Martin Tournoij's "readable" Firefox bookmarklet
2021-07-21:	It's nice when programs switch to being launched from systemd user units
2021-07-19:	Making a Go program build with Go modules can be not a small change
2021-07-18:	On sending all syslog messages to one file
2021-07-17:	The minimum for syslog configurations should be to log (nearly) everything
2021-07-16:	The WireGuard VPN challenge of provisioning clients Setting up a WireGuard client with NetworkManager (using `nmcli`)
2021-07-14:	Making two Unix permissions mistakes in one Some ways to get (or not get) information about system memory ranges on Linux
2021-07-12:	Problems in the way of straightforward device naming in operating systems Understanding something about udev's normal network device names on Linux
2021-07-10:	Why Bash and GNU Readline's "bracketed paste" mode is not for us University computer accounts are often surprisingly complicated
2021-07-08:	Redirecting paths that start with two slashes in Apache A semi-surprise with Python's urllib.parse and partial URLs
2021-07-07:	The initramfs for old kernels can hide old versions of things
2021-07-06:	Unused hardware in computers can now be distinctly inactive
2021-07-05:	Losing track of part of our Amanda configuration and then recovering it
2021-07-04:	Two ways to have Amanda always make full backups of a filesystem
2021-07-03:	Some brief notes on turning Firefox bookmarklets into convenient buttons
2021-07-02:	Dealing with CSS fixed position headers and footers in Firefox
2021-06-30:	Giving your Linux network interfaces fixed names (under udevd and networkd)
2021-06-29:	Monitoring the status of Linux network interfaces with Prometheus
2021-06-28:	Be careful when matching on Ethernet addresses in systemd-networkd I should keep track of what Python packages I install through `pip`
2021-06-27:	Some notes on what's in Linux's `/sys/class/net` for network interface status
2021-06-26:	Ethernet network cables can go bad over time, with odd symptoms
2021-06-25:	A couple of Linux `top`-like programs for network traffic
2021-06-24:	Go 1.17 is deprecating the traditional use of '`go get`'
2021-06-22:	I like WireGuard partly because it doesn't have 'sessions'
2021-06-21:	A realization about our VPN and IPv6 traffic Some notes on building Firefox from source on Ubuntu
2021-06-20:	A bit on ZFS's coming raidz expansion and ZFS DVAs
2021-06-19:	The Unix background of Linux's 'file-max' and nr_open kernel limits on file descriptors
2021-06-17:	Apache directory indexes will notice and exclude blocked URLs in them In Prometheus queries, `on` and `ignoring` don't drop labels from the result
2021-06-16:	The challenge of what to set server BIOSes to do on power loss
2021-06-14:	Some notes on Firefox's media autoplay settings as of Firefox 89
2021-06-13:	A strong commitment to backwards compatibility means keeping your mistakes Rust 1.x seems to not always be backward compatible in practice
2021-06-11:	How we're dealing with our expiring OpenVPN TLS root certificate TLS certificate durations turn out to be complicated and subtle
2021-06-10:	Early notes on using the new python-lsp-server (pylsp) in GNU Emacs
2021-06-09:	The modern web design aesthetic of hiding visited links
2021-06-07:	My failure to arrange a graceful TLS root certificate rollover with OpenVPN
2021-06-06:	TLS certificates have at least two internal representations of time The case of the very old `If-Modified-Since` HTTP header
2021-06-04:	HTTP/3 needs us (and other people) to make firewall changes New versions of Bash (and readline) default to special handling of pasting into the shell (or other programs)
2021-06-02:	Fedora co-mingles its source packages with Red Hat Enterprise Linux Simple use of Let's Encrypt on OpenBSD is pleasantly straightforward (as of 6.8)
2021-05-31:	It'd be useful if TLS libraries had better and more detailed error messages I've come to like date-based names for log rotation
2021-05-30:	Go 1.17 will still support the old GOPATH mode (as well as modules)
2021-05-28:	Less can filter what it shows to you (a thing I recently learned)
2021-05-27:	Some thoughts on having set up a personal Alertmanager instance Being able to see links I've visited in Firefox is startlingly better
2021-05-26:	Working around an AMDGPU automatic fan control problem on my Radeon RX 550
2021-05-24:	Rust is a wave of the future Why we don't have management connections to our switches (an old story)
2021-05-23:	Our three generations of network implementations (over the time I've been here)
2021-05-22:	I don't know how much memory our Prometheus setup needs
2021-05-20:	The temptation to start using some Python type hints
2021-05-19:	Fedora has significantly fumbled DKMS handling for Linux kernel modules Speculating on why DKMS and other Linux things are large shell scripts
2021-05-17:	Unix job control has some dark corners and challenging cases, illustrated
2021-05-16:	Unix job control and its interactions with TTYs (and shells)
2021-05-15:	Downsampling your metrics data is a compromise (what we could call a 'hack') The size of our Prometheus setup as of May 2021
2021-05-14:	The Bourne shell and Bash aren't the right languages for larger programs
2021-05-12:	The Bourne shell lets you set variables in `if` expressions Firefox and the challenge of trying to make visited links clearly visible
2021-05-10:	Errors during SMTP conversations aren't trustworthy, illustrated
2021-05-09:	DKMS built one of my kernel modules for the wrong kernel Storing ZFS send streams is not a good backup method
2021-05-08:	It's pleasantly easy to install PyPy yourself (from their binaries)
2021-05-07:	Understanding OpenSSH's various options around keys and key algorithms
2021-05-06:	The different types of modern (2021) SSH keys (and some opinions)
2021-05-05:	It's possible for Firefox to forget about:config preferences you've set
2021-05-03:	Our future upgrade wave of Ubuntu 18.04 machines Understanding OpenSSH's future deprecation of the 'ssh-rsa' signature scheme
2021-05-02:	Realizing one general way to construct symmetric ciphers
2021-04-30:	Discovering outside people attempting to do dynamic DNS updates to us There's plenty of our work that's not being done from home
2021-04-29:	The shift from "two factor" to "multi-factor" authentication
2021-04-28:	Firefox's slow takeover of the address bar's space
2021-04-26:	The question of how to do non-annoying multi-factor authentication for SSH Maybe a local, on-machine caching DNS resolver should be standard (for us)
2021-04-25:	The question of having SATA drives behind modern SAS expanders
2021-04-24:	Why people care about SAS despite not being 'enterprise'
2021-04-23:	How I want to use pip with PyPy to install third party programs
2021-04-21:	Go 1.17 will allow converting a slice to an array pointer (some of the time)
2021-04-20:	PyPy starts fast enough for our Python 2 commands
2021-04-19:	Trying out learning more Vim on demand
2021-04-18:	Using NVMe SSDs over SATA SSDs in basic servers is an awkward sales pitch My view of Wayland here in 2021
2021-04-16:	A Firefox surprise from disabling dom.event.clipboardevents.enabled
2021-04-15:	Learning about the idea of the HTTP self-post Link: `"a2d<C-V>3gE`: Vim normal mode grammar
2021-04-14:	Some things on ZFS (on Linux) per-dataset basic IO statistics
2021-04-13:	Getting NVMe and related terminology straight (for once)
2021-04-12:	SSD versus NVMe for basic servers today (in early 2021) Counting how many times something started or stopped failing in Prometheus
2021-04-11:	Vendors put varied and peculiar things in system DMI information
2021-04-09:	Why NFS servers generally have a 'reply cache' What NFSv3 operations can be in the Linux nfsd reply cache
2021-04-07:	Rust's `rustup` tool is surprisingly nice and well behaved
2021-04-06:	Modern Linux can require a link signal before it configures IP addresses
2021-04-05:	A stable Unix updating its version of Go isn't straightforward
2021-04-04:	Some uses for Prometheus's `resets()` function You need a version of Go with module support (ideally good support)
2021-04-02:	ZFS on Linux is improving the handling of disk names on import Programs that read IPMI sensors tell you subtly different things
2021-03-31:	Understanding Prometheus' `changes()` function and what it can do for me Systemd's NSS `myhostname` module surprised me recently
2021-03-29:	Nil in Go is typed in theory and sort of untyped in practice
2021-03-28:	What tool you use to read IPMI sensor information can matter
2021-03-27:	Internet routing can now vary based on things you wouldn't expect The attractions of reading sensor information from IPMIs
2021-03-26:	Linux's hardware monitoring can lie to you
2021-03-24:	HTTPS is really multiple protocols these days
2021-03-23:	Discovering Vim's Visual (selection) mode
2021-03-22:	Portability has ongoing costs for code that's changing
2021-03-21:	My uncertainty about swapping and swap sizing for SSDs and NVMe drives My experience with x2go is that it's okay but not compelling
2021-03-20:	Paging out memory can be 'global' or 'local' these days
2021-03-19:	Remote X versus 'seamless windows' in remote desktop software
2021-03-18:	Safari is now probably the influential wild card browser for user privacy
2021-03-17:	Remote X has been a life saver over this past year
2021-03-16:	The fading HTTP Referer header and (Google) Search paywall bypasses
2021-03-15:	Different views of what are basic and advanced Vim features
2021-03-14:	I wish Prometheus had some features to deal with 'missing' metrics
2021-03-13:	Prometheus and the case of the stuck metrics
2021-03-11:	Wrangling HTTP and HTTPS versions of the same Apache virtual host What OpenSSH sshd logs when a session disconnects (on Linux)
2021-03-10:	The tradeoffs of Go version behavior in go.mod module files
2021-03-09:	Go version directives in go.mod files: some notes and crude usage numbers
2021-03-08:	Packaging Python 2 doesn't mean that Linux distributions support it
2021-03-06:	Some views and notes on ZFS deduplication today
2021-03-05:	How not to use Apache's RewriteRule directive in a reverse proxy
2021-03-04:	Systemd needs (or could use) a linter for unit files
2021-03-03:	What signal a RJ-45 serial connection is (probably) missing
2021-03-02:	The Python `ctypes` security issue and Python 2
2021-03-01:	Link: Taking This Serially The balance of power between distributions and software authors
2021-02-28:	Dot-separated DNS name components aren't even necessarily subdomains, illustrated
2021-02-27:	My Firefox addons as of Firefox 86 (and the current development version) My pragmatic sysadmin view on subdomains and DNS zones
2021-02-25:	The HTTP Referer header is fading away (at least as a useful thing)
2021-02-24:	How convenience in Prometheus labels for alerts led me into a quiet mistake How (and where) Prometheus alerts get their labels
2021-02-22:	The `mhbuild` directives I want for sending MIME attachments with MH How I set up testing alerts in our Prometheus environment
2021-02-20:	Modern software controls dependencies because it helps software authors
2021-02-19:	ZFS pool partial (selective) feature upgrades are coming in OpenZFS
2021-02-18:	Understanding what '`systemctl restart`' means and when I want to use it
2021-02-17:	TLS certificates specifying hosts via their CommonName field is more or less gone When browsers (or at least Firefox) send HTTP Basic Authentication headers
2021-02-15:	How ZFS on Linux brings up pools and filesystems at boot under systemd
2021-02-14:	Some observed read latencies for SSDs and NVMe drives under Fedora 32 Link: What was the original reason for the design of AT&T assembly syntax?
2021-02-13:	Where the default values for Python function arguments are stored
2021-02-12:	An interesting issue around using `is` with a literal in Python
2021-02-11:	Getting high IOPS requires concurrency on modern SSDs and NVMe drives
2021-02-10:	Let's Encrypt is preparing for an emergency and that's good for TLS in general The issue of IOPS versus latency on SSDs and NVMe drives
2021-02-09:	Normal situations should not be warnings (especially not repeated ones)
2021-02-07:	Strict SameSite web cookie policies probably don't do much for us
2021-02-06:	Talkd and 'mesg n': a story from the old Unix days
2021-02-05:	Limiting what branches I track from an upstream Git repository
2021-02-04:	There are limitations to what expendable addresses can help with
2021-02-03:	Junk email as a cover for more nefarious things
2021-02-02:	The small oddity in the Unix `exec*()` family
2021-02-01:	Go 1.16 will make system calls through libc on OpenBSD
2021-01-31:	The limitations on `find`'s `-exec` option and implementation convenience
2021-01-30:	I wish every program that wanted 'a SQL database' would let me use SQLite
2021-01-29:	Illustrating the importance of fully multi-core program building today Forecasting drive failures is not always as useful as it sounds
2021-01-27:	Making tracking upstream Git repositories a bit quieter `find` mostly doesn't need `xargs` today on modern Unixes
2021-01-25:	Time for Python 2 users to make sure we have a copy of Pip and other pieces
2021-01-24:	Your monitoring and alerts remember things for you Thinking through what can go badly with databases on ZFS
2021-01-22:	SMART Threshold numbers turn out to not be useful for us in practice
2021-01-21:	A lingering sign of old hopes for ZFS deduplication Real email has MIME attachments that are HTML
2021-01-20:	A realization about the Linux CPU pressure stall information
2021-01-18:	Where Firefox's text encoding menus are
2021-01-17:	Password managers automate checking the website address for you One reason to not trust SMART attribute data for consumer drives
2021-01-15:	SMART attributes can predict SSD failures under the right circumstances
2021-01-14:	Understanding WireGuard's `AllowedIPs` setting (and a bit of tcpdump)
2021-01-13:	Installing Pip in Python 2 environments that don't provide it already What you can and can't build in Go's module mode
2021-01-11:	How to make Bash fail badly on Ubuntu 16.04 by typo'ing a command name
2021-01-10:	Thinking through why you shouldn't use plaintext passwords in authentication, even inside TLS What timestamps you get back along with Prometheus query results
2021-01-08:	How to extract raw time series data from Prometheus
2021-01-07:	I got to experience the march of storage technology today
2021-01-06:	In modern email, it's easy for plaintext and HTML parts to drift apart Link: ARM support in Linux distributions demystified Unix shell pipelines have two usage patterns
2021-01-05:	TLS Certificate Authority root certificate expiry dates are not how trust in them is managed
2021-01-03:	TLS Certificate Authority root certificates and their dates The modern web and (alleged) software stagnation in the past few decades
2021-01-01:	An interesting and puzzling bit of Linux server utilization
2020-12-31:	GNU Date and several versions of RFC 3339 dates
2020-12-30:	Some ways to do a Prometheus query as of a given time A Prometheus wish: easy ways to evaluate a PromQL query at a given time
2020-12-28:	It feels like the broad Unix API is being used less these days A little puzzle with `printf()` and C argument passing
2020-12-27:	Our alerts are quiet most of the time (as they should be)
2020-12-25:	The expiry time of Certificate Authority root certificates can be nominal (or not) In Python 3, types are classes (as far as `repr()` is concerned)
2020-12-24:	In CPython, types implemented in C actually are part of the type tree
2020-12-23:	Using constant Python hash functions for fun and no real profit
2020-12-21:	The legibility of different versions of ZFS
2020-12-20:	Who I think CentOS Stream is and isn't for Go modules are soon going to be the only future
2020-12-18:	On Go, release timing, and new machines
2020-12-17:	Limiting the Nouveau kernel driver's messages via removal
2020-12-16:	Mailing lists and bounce handling (or not handling bounces) today
2020-12-15:	How to make Grafana properly display a Unix timestamp In Prometheus, it's hard to work with when metric points happened
2020-12-14:	Chrome is getting its own set of Certificate Authority roots
2020-12-12:	My views on the suitability of CentOS Stream Sometimes a problem really is just a coincidence
2020-12-11:	CentOS's switch to CentOS Stream has created a lot of confusion
2020-12-09:	A probable benefit to enabling screen blanking on LCD displays
2020-12-08:	CentOS's switch to Stream is a major change in what CentOS is
2020-12-07:	Exploring when the network is up on a machine
2020-12-06:	The deprecation of FTP in browsers and its likely effects on search engines Linux's `hostname -s` switch is now safe for many people, but the situation is messy
2020-12-04:	How to get generic interface names and IPs in OpenBSD PF Some thoughts about low power loads and power supply efficiency
2020-12-02:	Prometheus 2.23.0 now lets you display graphs in local time
2020-12-01:	A new appreciation for Firefox's 'Performance' web developer tool
2020-11-30:	Our monitoring of our OpenBSD machines, such as it is (as of November 2020) Link: wtfpython
2020-11-29:	Some thoughts on how I still miss DTrace (and also mdb) The death and life of postmaster@anywhere
2020-11-27:	Setting up self-contained Go program source that uses packages
2020-11-26:	The better way to make an Ubuntu 20.04 ISO that will boot on UEFI systems Making an Ubuntu 20.04 ISO that will boot on UEFI systems
2020-11-25:	Firefox's WebRender has mixed results for me on Linux
2020-11-23:	What containers do and don't help you with My views on when you should use the official upstream versions of software
2020-11-22:	Sometimes it's best to use the official upstream versions of software
2020-11-21:	Github based projects have RSS syndication feeds for their releases
2020-11-19:	Firefox on Linux has not worked well with WebRender for me so far Apple Silicon Macs versus ARM PCs
2020-11-17:	Grafana and the case of the infinite serial number
2020-11-16:	POSIX `write()` is not atomic in the way that you might like Unix doesn't normally do short `write()`s to files and no one expects it to
2020-11-15:	I don't expect to have an ARM-based PC any time soon
2020-11-14:	Linux servers can still wind up using SATA in legacy PATA mode
2020-11-13:	If you use Exim on Ubuntu, you probably want to skip Ubuntu 20.04
2020-11-11:	The problems inherent in building your own copies of software packages Logging fatal exceptions in my Python programs is not enough
2020-11-09:	Seriously using virtualization clashes with our funding model Getting the git tags that are before and after a commit (in simple cases)
2020-11-08:	Thinking about two different models of virtualization hosts
2020-11-07:	Turning on console blanking on a Linux machine when logged in remotely
2020-11-06:	Console blanking now defaults to off on Linux (and has for a while) It's possible that the real size of different SSDs is now consistent
2020-11-04:	In Python, using the `logging` package is part of your API, or should be You shouldn't use the Linux `dump` program any more (on extN filesystems)
2020-11-03:	Fixing blank Cinnamon sessions in VMWare virtual machines (on Fedora)
2020-11-01:	Python's `global` statement and imports in functions
2020-10-31:	A gotcha with combining single-label and multi-label Prometheus metrics Some settings you want to make to CyberPower's UPS Powerpanel daemon
2020-10-30:	A sysadmin learning experience courtesy of some UPS issues
2020-10-29:	An illustration of why running code during `import` is a bad idea (and how it happens anyway)
2020-10-28:	An issue with Pip installed packages and Python versions (on Unix)
2020-10-26:	Sometimes alerts have inobvious reasons for existing Link: [Firefox] Navigational Instruments Fifteen years of DWiki, the Python engine of Wandering Thoughts
2020-10-25:	Remotely upgrading my office workstation to Fedora 32 worked fine
2020-10-24:	Why configuration file snippets in a directory should have some extension
2020-10-23:	An inconvenience of physical hardware is that it has to be delivered
2020-10-21:	Keeping VMware Workstation VMs running when I quit from VMware A mystery uncovered by Fedora 32 changing my default font
2020-10-19:	Firefox has a little handy font-related thing on Unix (or at least Linux) What versions of PyPy I can use (October 2020 edition)
2020-10-18:	We need to start getting some experience with using Ubuntu 20.04
2020-10-17:	A potential Prometheus issue for labeled metrics for infrequent events
2020-10-16:	Go is gaining the ability to trace init calls on program startup
2020-10-15:	Go packages can have more than one `init()` function
2020-10-13:	As an outsider, I prefer issue tracking to be in its own application
2020-10-12:	If you send automated email, you should scan it with anti-spam software
2020-10-11:	Microsoft SharePoint is being used to send spam Our current usage and views of UPSes (late 2020 edition)
2020-10-10:	Wanting to be able to monitor for electrical power quality issues
2020-10-09:	Whether extra disks should be live or spare now depends on HDs versus SSDs
2020-10-08:	Sorting out what the Single Unix Specification is and covers
2020-10-07:	A handy `diff` argument handling feature that's actually very old
2020-10-06:	Linux distributions have sensible reasons to prefer periodic releases
2020-10-04:	Web page generation systems should support remapping external URLs Link: Old-School Disk Partitions Solid state disks in mirrors and other RAID setups, and wear lifetimes
2020-10-03:	A thought about the lifetimes of hard disks and solid state disks
2020-10-02:	Firefox is improving its handling of HTTP Basic Authentication (on Unix)
2020-09-30:	People still use `newgrp` (to my surprise) Using DMARC information is complicated in practice in the real world How the Unix `newgrp` command behaved back in V7 Unix
2020-09-29:	Implementing 'and' conditions in Exim SMTP ACLs the easy way (and in Exim routers too) Why the Unix `newgrp` command exists (sort of) Where (and how) you limit your concurrency in Go can matter
2020-09-28:	My likely path away from spinning hard drives on my home desktop Making product names of what you use visible to people is generally a mistake Looking at DKIM information for our 'good' email (September 2020 edition)
2020-09-27:	Remote power control for your machines comes in two flavours
2020-09-26:	We rebooted all of our servers remotely (more or less) and it all worked Using SPF on HELO/EHLO hostnames is repurposing SPF to validate a different thing
2020-09-19:	Python virtual environments transparently add themselves to `sys.path`
2020-09-17:	Python 3 venvs don't normally really embed their own copy of Python (on Unix)
2020-09-16:	How I think I want to drop modern Python packages into a single program Why I write recursive descent parsers (despite their issues)
2020-09-15:	When the Go garbage collector will panic over bad pointer values
2020-09-13:	I'm now a user of Vim, not classical Vi (partly because of windows) Rolling distribution releases versus periodic releases are a tradeoff
2020-09-12:	Some notes on what Fedora's DNF logs and where
2020-09-10:	My take on permanent versus temporary HTTP redirects in general Permanent versus temporary redirects when handling extra query parameters on your URLs
2020-09-08:	What you should do about extra query parameters on your URLs
2020-09-07:	Why Fedora version upgrades are complicated and painful for me URL query parameters and how laxness creates de facto requirements on the web
2020-09-06:	Daniel J. Bernstein's IM2000 email proposal is not a good idea
2020-09-05:	Some notes on what the CyberPower UPS 'Powerpanel' software reports to you
2020-09-04:	In practice, cool URLs change (eventually)
2020-09-02:	Why I want something like Procmail with a dedicated mail filtering language
2020-09-01:	Even in Go, concurrency is still not easy (with an example)
2020-08-31:	Why we won't like it if signing email is the solution to various email problems
2020-08-30:	All forms of signing email are generally solving the wrong problem (a thesis)
2020-08-29:	An interesting mistake with Go's `context` package that I (sort of) made
2020-08-28:	My divergence from 'proper' Vim by not using and exploring features Firefox 80 and my confusion over its hardware accelerated video on Linux
2020-08-26:	Even on SSDs, ongoing activity can slow down ZFS scrubs drastically
2020-08-25:	My home desktop is still locking up when it gets too cold (and what next)
2020-08-24:	I want a type of desktop PC (and motherboard) that's generally skipped
2020-08-23:	The Linux kernel bugzilla (and others) get spammed (of course)
2020-08-22:	Some bits on making Python's argparse module work like Unix usually does
2020-08-21:	Link: Why Did Mozilla Remove XUL Add-ons? When I stopped believing in Google's fundamental good nature
2020-08-20:	What you're looking for with a Grafana dashboard affects its settings
2020-08-19:	Potential problem points for Chrome (or any browser) to support Linux
2020-08-18:	The Prometheus host agent can disturb Linux CPU frequency measurements
2020-08-17:	Firefox and web browsers for Linux Important parts of Unix's history happened before readline support was common
2020-08-16:	"It works on my laptop" is a blame game
2020-08-15:	Go will inline functions across packages (under the right circumstances)
2020-08-14:	Go 1.15's interface optimization for small integers is invisible to Go programs
2020-08-12:	People often have multiple social identities even in the physical realm How Go 1.15 improved converting small integer values to interfaces
2020-08-10:	Disabling DNF modules on Fedora 31 so they don't mess up package updates
2020-08-09:	Unix options conventions are just that, which makes them products of culture
2020-08-08:	More problems with Fedora 31 DNF modules and package updates
2020-08-07:	How we choose our time intervals in our Grafana dashboards Our problem installing an old Ubuntu kernel set of packages
2020-08-05:	My views on some conventions for Unix command line options We may wind up significantly delaying or mostly skipping Ubuntu 20.04
2020-08-03:	Exim's change to 'taint' some Exim variables is going to cause us pain The issue of how to propagate some errors in our Django web app
2020-08-01:	Getting my head around the choice between sleeping and 'tickers'
2020-07-31:	Putting some extra 'obvious' information into our temperature alerts
2020-07-30:	Putting IPMIs on a port isolated network to deal with shared network interfaces
2020-07-29:	The problem of 'shared' IPMI network interfaces
2020-07-28:	Our ZFS spares handling system for ZFS on Linux Digital microwaves show an example of good UI doing what you wanted
2020-07-26:	Linux PAM leads to terrible error messages from things like `passwd` Keeping backup ZFS on Linux kernel modules around
2020-07-24:	My varied types of Firefox windows Some thoughts on us overlooking Illumos's `syseventadm`
2020-07-23:	C's `main()` is one of the places where Unix's user and kernel APIs differ
2020-07-21:	Contrasting the two common approaches to where programs start running
2020-07-20:	An exploration of why Python doesn't require a 'main' function
2020-07-19:	In praise of ZFS On Linux's ZED 'ZFS Event Daemon'
2020-07-18:	Using Go build directives to optionally use new APIs in the standard library
2020-07-17:	Not all sysadmin tools should be silent by default
2020-07-16:	Malware spammers put .exe Windows executables in everything
2020-07-15:	A piece of phish spam with some clever URL obfuscation
2020-07-14:	Today I learned that Python's argparse module allows you to abbreviate long command line options Link: The Anatomy of a PromQL Query
2020-07-13:	How major and minor device numbers worked in V7 Unix
2020-07-12:	Running servers and Fred Brooks on transforming programs to products Linux desktop application autostarting is different from systemd user units
2020-07-10:	The impact on middleware of expanding APIs with Go's interface smuggling Ubuntu, building current versions of Firefox, and snaps
2020-07-09:	Link: Mime type associations (on Linux)
2020-07-08:	"Interface smuggling", a Go design pattern for expanding APIs
2020-07-07:	Some thoughts on Fedora moving to btrfs as the default desktop file system I now think that blog 'per day' pages with articles are a mistake
2020-07-05:	A Go lesson learned: sometimes I don't want to use goroutines if possible
2020-07-04:	How you get multiple TLS certificate chains from a server certificate What a TLS self signed certificate is at a mechanical level
2020-07-02:	The work that's not being done from home is slowly accumulating for us Link: Code Only Says What it Does
2020-07-01:	In ZFS, your filesystem layout needs to reflect some of your administrative structure
2020-06-30:	The unfortunate limitation in ZFS filesystem quotas and refquota
2020-06-29:	How Prometheus Blackbox's TLS certificate metrics would have reacted to AddTrust's root expiry Adapting our Django web app to changing requirements by not doing much
2020-06-28:	Understanding why Django's goals are not our goals for our web application
2020-06-26:	NetworkManager and (not) dealing with conflicting network connections
2020-06-25:	What Prometheus Blackbox's TLS certificate expiry metrics are checking
2020-06-24:	Unix's design issue of device numbers being in stat() results for files
2020-06-23:	Sometimes it takes other people to show you some of your site's design flaws
2020-06-22:	Today I learned that HTML <abbr> may not do much on mobile browsers
2020-06-21:	In Go, the compiler needs to know the types of things when copying values
2020-06-20:	The additional complications in DNS updates that secondary DNS servers add
2020-06-19:	Removing unmaintained packages from your Fedora machine should require explicitly opting in People's efficiency expectations for generics in 'Go 2' and patterns of use
2020-06-17:	How applications autostart on modern Linux desktops A scrolling puzzle involving GTK+, XInput, and alternate desktops (on Fedora)
2020-06-15:	Input events on X have an old world and a new world
2020-06-14:	Product code and utility code
2020-06-13:	An interesting combination of flaws in some `/etc/mailcap` handling
2020-06-12:	The safety of GMail's POP server TLS certificate verification (or lack of it) Dual displays contrasting with virtual screens (aka multiple desktops)
2020-06-10:	A dual display setup creates a natural split between things
2020-06-09:	The practical people problem with instance diversity in the Fediverse My mixed feelings about 'swap on zram' for Linux
2020-06-07:	A Go time package gotcha with parsing time strings that use named time zones
2020-06-06:	Why sysadmins don't like changing things, illustrated
2020-06-05:	Why we put alert start and end times in our Prometheus alert messages
2020-06-04:	Formatting alert start and end times in Prometheus Alertmanager messages
2020-06-03:	In theory you (we) should have SPF records for HELO hostnames too
2020-06-02:	A subtle trap when formatting Go `time.Time` values
2020-06-01:	Watching the recent AddTrust root CA certificate expiry has been humbling
2020-05-31:	Mail forwarding is slowly dying (probably)
2020-05-30:	How we're likely to DKIM sign some of our email messages
2020-05-29:	What sort of SSH keys our users use or have listed in their authorized keys files
2020-05-28:	The surprising persistence of RSA keys in SSH
2020-05-27:	What I think OpenSSH 8.2+'s work toward deprecating 'ssh-rsa' means My various settings in X to get programs working on my HiDPI display
2020-05-25:	My failure with Xpra (probably because what I want is almost impossible)
2020-05-24:	A cheatsheet for Python's pip for how I use it Security questions and warnings are effectively confirmation requests
2020-05-22:	Mixed feelings about Firefox Addons' new non-Recommended extensions warning Working out how frequently your ICMP pings fail in Prometheus
2020-05-20:	How I work on Python 2 and Python 3 with the Python Language Server (in GNU Emacs) Switching to the new in-kernel WireGuard module was easy (on Fedora 31)
2020-05-18:	Reading the POSIX standard for Unix functions is not straightforward
2020-05-17:	Syndication feeds (RSS) and social media can be complementary Some views on having your system timezone set to UTC
2020-05-15:	Why we use city names when configuring system timezones
2020-05-14:	Exploring `munmap()` on page zero and on unmapped address space
2020-05-13:	Getting my head around what things aren't comparable in Go The modern HTTPS world has no place for old web servers
2020-05-11:	Why we have several hundred NFS filesystems in our environment
2020-05-10:	How we guarantee there's always some free space in our ZFS pools
2020-05-09:	How big our fileserver environment is (as of May 2020)
2020-05-08:	Revisiting what the ZFS recordsize is and what it does Linux software RAID resync speed limits are too low for SSDs
2020-05-06:	Modern versions of systemd can cause an unmount storm during shutdowns How to set up an Ubuntu 20.04 ISO image to auto-install a server
2020-05-04:	Notes on the autoinstall configuration file format for Ubuntu 20.04 The Go compiler has real improvements in new versions (and why)
2020-05-03:	What OSes we use here (as of May 2020)
2020-05-01:	What problems Snaps and Flatpaks are solving
2020-04-30:	The afterlife of Python 2
2020-04-29:	The problem of Ubuntu 20.04, Snaps, and where your home directory is Dealing with my worries about Django and HTTP Basic Authentication
2020-04-27:	I think you should generally be using the latest version of Go My views on SystemTap as compared to eBPF for Linux kernel instrumentation
2020-04-26:	Looking back at DTrace from a Linux eBPF world (some thoughts)
2020-04-25:	Some notes on Firefox's interstitial warning for old TLS versions
2020-04-24:	Accepting TLS certificate hostnames based on IP address checks is not safe
2020-04-23:	The Unix divide over who gets to chown things, and (disk space) quotas
2020-04-22:	More on `chown` in combination with symlinks
2020-04-20:	An important safety note about `chown` and symlinks (also chmod and chgrp)
2020-04-19:	Verifying the server hostname for a TLS certificate has two purposes GMail, POP, and TLS server certificate verification
2020-04-17:	We've disabled eBPF for normal users on our Linux machines Some bits of grep usage are where I disagree with Shellcheck
2020-04-15:	Some ways that servers make their disks not hot-swappable We're (temporarily) moving to three way mirrored disks on our servers
2020-04-13:	If you use GNU Grep on text files, use the -a (--text) option
2020-04-12:	The appeal of doing exact string comparisons with Apache's `RewriteCond` ZFS on Linux has now become the OpenZFS ZFS implementation
2020-04-10:	'Deduplicated' ZFS send streams are now deprecated and on the way out Why my commit messages for configuration files describe my changes
2020-04-08:	Why you want a Linux bootloader even on UEFI systems There can be differences in what malware variants anti-spam systems distinguish
2020-04-06:	Fedora 31 fumbles DNF modules, package updates edition
2020-04-05:	My normal process for upgrading from one Fedora version to another Why it's very bad for applications to start themselves automatically
2020-04-03:	Microsoft Teams' bad arrogance on (Fedora) Linux
2020-04-02:	We may face some issues with the timing of Ubuntu 20.04 and its effects
2020-04-01:	Why Linux bootloaders wind up being complicated
2020-03-31:	My home DSL link really is fast enough to make remote X acceptable
2020-03-30:	It's worth documenting the obvious (before it stops being obvious) Notes on Grafana 'value groups' for dashboard variables
2020-03-29:	I set up Python program options and arguments in a separate function
2020-03-28:	The Prometheus host agent's CPU utilization metrics can be a bit weird
2020-03-27:	OpenBSD's 'spinning' CPU time category
2020-03-26:	Any KVM over IP systems need to be on secure networks
2020-03-25:	The problem of your (our) external mail gateway using internal DNS views
2020-03-23:	How we set up our ZFS filesystem hierarchy in our ZFS pools Why we use 1U servers, and the two sides of them
2020-03-22:	Avoiding the 'dangling else' language problem with mandatory block markers
2020-03-20:	Wishing for a remote resilient server environment (now that it's too late)
2020-03-19:	Make sure to keep useful labels in your Prometheus alert rules Sorting out Go's '`for ... = range ..`' and when it copies things
2020-03-18:	Understanding X mouse cursors (and their several layers of history)
2020-03-17:	A problem I'm having with my HiDPI display, remote X, and (X) cursors
2020-03-16:	How Firefox could support automatically using local DNS over HTTPS servers
2020-03-15:	Why the choice of DNS over HTTPS server needs to be automatic (a sysadmin view)
2020-03-14:	The two meanings of 'DNS over HTTPS' today
2020-03-13:	Sensible heuristics for when to use DNS over HTTPS can't work for us
2020-03-12:	TLS increasingly exists in three different worlds
2020-03-11:	Some notes on the state of DNS over HTTPS in Firefox (as of March 2020)
2020-03-09:	Logging out of HTTP Basic Authentication in Firefox What makes our Ubuntu updates driver program complicated
2020-03-08:	How we sort of automate updating system packages across our Ubuntu machines
2020-03-07:	Linux's iowait statistic and multi-CPU machines
2020-03-05:	The problem of Unix iowait and multi-CPU machines
2020-03-04:	Unix's iowait% is a narrow and limited measure that can be misleading
2020-03-03:	One impact of the dropping of Python 2 from Linux distributions
2020-03-02:	More or less what versions of Go support what OpenBSD releases (as of March 2020)
2020-03-01:	The situation with Go on OpenBSD
2020-02-29:	OpenBSD versus Prometheus (and Go)
2020-02-28:	One reason for Go to prefer providing indexes in `for ... range` loops
2020-02-27:	Some alert inhibition rules we use in Prometheus Alertmanager
2020-02-26:	The magic settings to make a bar graph in Grafana The browsers are probably running the TLS show now
2020-02-25:	The basics of `/etc/mailcap` on Ubuntu (and Debian)
2020-02-23:	Webmail providers (and others) hiding user IPs was the right decision Our (unusual) freedom to use alerts as notifications
2020-02-22:	Will common motherboards ever have very many NVMe drive slots?
2020-02-21:	An appreciation for Cinnamon's workspace flipping keyboard shortcuts
2020-02-20:	Link: Stop Using Encrypted Email
2020-02-19:	Load average is now generally only a secondary problem indicator How and why we regularly capture information about running processes
2020-02-17:	The uncertainty of an elevated load average on our Linux IMAP server The case of mysterious load average spikes on our Linux login server
2020-02-16:	With sudo, complex argument validation is best in cover scripts
2020-02-14:	Unix's `/usr` split and standards (and practice) The `/bin` versus `/usr` split and diskless workstations
2020-02-12:	You can't delegate a ZFS administration permission to delete only snapshots Some git aliases that I use
2020-02-10:	Doing frequent ZFS scrubs lets you discover problems close to when they happened
2020-02-09:	I'm likely giving up on trying to read Fedora package update information Code dependencies and operational dependencies
2020-02-08:	Ways that I have lost the source code for installed programs
2020-02-07:	I frequently use dependencies because they enable my programs to exist
2020-02-05:	The drawback of having a dynamic site with a lot of URLs on today's web
2020-02-04:	What '`is`' translates to in CPython bytecode The place of the '`is`' syntax in Python
2020-02-02:	What we do to enable us to grow our ZFS pools over time Some unusual and puzzling bad requests for my CSS stylesheet
2020-01-31:	Finding out what directories exist with only basic shell builtins (a Unix shell trick)
2020-01-30:	Some notes on Python's `email.header.decode_header()`
2020-01-29:	Some effects of the ZFS DVA format on data layout and growing ZFS pools Why ZFS is not good at growing and reshaping pools (or shrinking them)
2020-01-28:	More badly encoded MIME Content-Disposition headers
2020-01-26:	The real world is mutable (and consequences for system design) How big our Prometheus setup is (as of January 2020)
2020-01-25:	A network interface losing and regaining signal can have additional effects (in Linux)
2020-01-24:	Go compared to Python for small scale system administration scripts and tools
2020-01-23:	What we've written in Go at work and how it came about (as of January 2020)
2020-01-22:	Why I've come to like that Go's type inference is limited
2020-01-20:	The value of automation having ways to shut it off (a small story)
2020-01-19:	Python 2, Apache's mod_wsgi, and its future in Linux distributions Why a network connection becoming writable when it succeeds makes sense
2020-01-18:	CUPS's page log, its use of SNMP, and (probably) why CUPS PPDs turn that off
2020-01-17:	The question of how long Python 2 will be available in Linux distributions
2020-01-15:	How Go's `net.DialContext()` stops things when the context is cancelled Stopping udev from renaming your VLAN interfaces to bad names
2020-01-13:	We may not want to use OCSP stapling in our web servers Link: Mercurial's Journey to and Reflections on Python 3
2020-01-12:	Sorting out the dates of Python 2's 'end of life' How I now think you want to configure Apache for OCSP stapling
2020-01-10:	OCSP stapling and what web servers and browsers do in the face of errors Fedora 31 has decided to allow (and have) giant process IDs (PIDs)
2020-01-08:	Why I use both uBlock Origin and uMatrix My Firefox addons as of Firefox '74' (the current development version)
2020-01-07:	eBPF based tools are still a work in progress on common Linuxes
2020-01-06:	How I move files between iOS devices and Unix machines (using SSH)
2020-01-05:	Why I prefer the script exporter for exposing script metrics to Prometheus
2020-01-04:	Three ways to expose script-created metrics in Prometheus
2020-01-03:	How job control made the `SIGCHLD` signal useful for (BSD) Unix
2020-01-01:	The good and bad of `errno` in a traditional Unix environment
2019-12-31:	Things I've stopped using in GNU Emacs for working on Go
2019-12-30:	A retrospective on our OmniOS ZFS-based NFS fileservers The history and background of us using Prometheus
2019-12-29:	Prometheus and Grafana after a year (more or less)
2019-12-28:	Our setup of Prometheus and Grafana (as of the end of 2019)
2019-12-26:	The Unix C library API can only be reliably used from C
2019-12-25:	Some reasons for Go to not make system calls through the standard C library Why udev may be trying to rename your VLAN interfaces to bad names
2019-12-23:	The BSD and Linux approaches to development put coherence in different places
2019-12-22:	OpenBSD has to be a BSD Unix and you couldn't duplicate it with Linux Filenames and paths should be a unique type and not a form of strings
2019-12-20:	My new Linux office workstation disk partitioning for the end of 2019 Splitting a mirrored ZFS pool in ZFS on Linux
2019-12-18:	Linux kernel Security Modules (LSMs) need their own `errno` value PCIe slot bandwidth can change dynamically (and very rapidly)
2019-12-17:	Browsers and the relative size of their default monospace fonts
2019-12-16:	Some pragmatics of blackbox and whitebox malware filtering
2019-12-15:	Peering into the depths of (presumed) website vulnerability probing
2019-12-14:	It's unfortunately time to move away from using '/usr/bin/python'
2019-12-13:	Working out which of your NVMe drives is in what slot under Linux
2019-12-12:	Linux makes your PCIe topology visible in sysfs (`/sys`)
2019-12-11:	Fedora is got a good choice if long term stability and usability is a high priority
2019-12-10:	It's a good idea to label all of the drives in your desktop
2019-12-09:	Firefox's peculiar handling of font choice preferences
2019-12-08:	The Go runtime scheduler's clever way of dealing with system calls
2019-12-07:	Some important things about how PCIe works out involve BIOS magic
2019-12-06:	PCIe bus addresses, `lspci`, and working out your PCIe bus topology
2019-12-05:	Looking into your system's PCIe slot topology and PCIe lane count under Linux
2019-12-04:	Desktop motherboards can have fewer useful PCIe slots than they seem to
2019-12-02:	You can have Grafana tables with multiple values for a single metric (with Prometheus) Calculating usage over time in Prometheus (and Grafana)
2019-11-30:	Operating spam and malware filtering is ultimately a social problem Counting the number of distinct labels in a Prometheus metric
2019-11-29:	The problem of multiple NVMe drives in a PC desktop today
2019-11-27:	Selecting metrics to gather mostly based on what we can use Capturing command output in a Bourne shell variable as a brute force option
2019-11-25:	In Prometheus, don't be afraid of high cardinality metrics if they're valuable enough
2019-11-24:	I use unit tests partly to verify that something works in the first place Timing durations better in Python (most of the time)
2019-11-23:	Thinking about timeouts and exceptions in Python
2019-11-22:	Our problem of checking if our L2TP VPN servers are actually working
2019-11-20:	In the old days, we didn't use multiple Unixes by choice (mostly) The fading out of multi-'architecture' Unix environments
2019-11-18:	LiveJournal and the path to NoSQL
2019-11-17:	It's good to make sure you have notifications of things The operational differences between notifications and logs
2019-11-15:	How we structure our Django web application's configuration settings
2019-11-14:	TCP/IP and a consequence of reliable delivery guarantees
2019-11-13:	How to make a rather obnoxiously bad web spider the easy way My mistake in forgetting how Apache `.htaccess` files are checked
2019-11-11:	An apparent hazard of removing Linux software RAID mirror devices
2019-11-10:	Putting a footer on automated email that says what generated it The problems with piping curl to a shell are system management ones
2019-11-08:	I have to assume that people here can be successfully phished
2019-11-07:	Some notes on getting email when your systemd timer services fail Realizing that Go constants are always materialized into values
2019-11-06:	Systemd needs official documentation on best practices
2019-11-04:	Systemd timer units have the unfortunate practical effect of hiding errors Many of our 'worklog' messages currently assume a lot of context
2019-11-02:	Using personal ruleset recipes in uMatrix in Firefox
2019-11-01:	The appeal of text templating systems for generating HTML
2019-10-31:	Some thoughts on the pragmatics of classifying phish spam as malware
2019-10-30:	Chrony has been working well for us (on Linux, where we use it)
2019-10-29:	Netplan's interface naming and issues with it
2019-10-28:	One of XHTML's practical problems was its implications for web page generation
2019-10-27:	An interesting little glitch in how Firefox sometimes handles updates to addons My common patterns in shell script verbosity (for sysadmin programs)
2019-10-26:	An incorrect superstition about running commands in the Bourne shell
2019-10-24:	Third party ClamAV signatures seem to include a lot of phish and other spam
2019-10-23:	The DBus daemon and out of memory conditions (and systemd)
2019-10-22:	Groups of processes are a frequent and fundamental thing in Unix
2019-10-21:	Filesystem size limits and the complication of when errors are detected
2019-10-20:	A small irritation with Go's `crypto/tls` package
2019-10-19:	Ubuntu LTS is (probably) still the best Linux for us and many people
2019-10-18:	My little irritation with Firefox's current handling of 'Do-Not-Track' Remembering that Django template code is not quite your Django Python code
2019-10-16:	Some magical weirdness in Django's HTML form classes
2019-10-15:	The Ubuntu package roulette
2019-10-14:	Googlebot is both quite fast and very determined to crawl your pages
2019-10-13:	If you don't test it in your automated testers, it's broken Magic is fine if it's all magic: why I've switched to use-package in GNU Emacs
2019-10-11:	A YAML syntax surprise and trick in Prometheus Alertmanager configuration
2019-10-10:	Some additional information on ZFS performance as you approach quota limits
2019-10-09:	Limiting the size of things in a filesystem is harder than it looks
2019-10-08:	How we implement reboot notifications when our machines reboot in Prometheus
2019-10-07:	Why we generate alert notifications about our machines having rebooted
2019-10-06:	Automating our 'bookable' compute servers with SLURM has created generic 'cattle' machines
2019-10-05:	The wikitext problem with new HTML elements such as `<details>`
2019-10-04:	Vim, its defaults, and the problem this presents sysadmins
2019-10-03:	Making changes to multiple files at once in Vim
2019-10-02:	It's useful to record changes that you tried and failed to do
2019-10-01:	My interest in and disappointment about HTML5's new `<details>` element
2019-09-30:	Using alerts as tests that guard against future errors Link: The asymmetry of Internet identity ZFS performance really does degrade as you approach quota limits
2019-09-29:	Understanding when to use and not use the `-F` option for `flock(1)`
2019-09-27:	Some field notes on imposing memory resource limits on users on Ubuntu 18.04 A file permissions and general deployment annoyance with Certbot
2019-09-25:	It's always convenient when malware is clear about its nature (7z edition) Our workaround for Ubuntu 16.04 and 18.04 failing to reliably reboot some of our servers
2019-09-24:	How we implement per-user CPU and memory resource limits on Ubuntu
2019-09-22:	The increasing mess of `libreadline` versions in Linux distributions
2019-09-21:	Why chroot is a security feature for (anonymous) FTP
2019-09-20:	Modernizing (a bit) some of our HTML form <input> elements TLS server certificate verification has two parts (and some consequences)
2019-09-18:	Firefox, DNS over HTTPS, and us Converting a Go pointer to an integer doesn't quite do what it looks like
2019-09-17:	Finding metrics that are missing labels in Prometheus (for alert metrics)
2019-09-16:	The problem of 'triangular' Network Address Translation
2019-09-14:	Some notes on the structure of Go binaries (primarily for ELF)
2019-09-13:	Bidirectional NAT and split horizon DNS in our networking setup
2019-09-12:	The mystery of why my Fedora 30 office workstation was booting fine
2019-09-11:	Making your own changes to things that use Go modules
2019-09-10:	Catching Control-C and a gotcha with shell scripts
2019-09-09:	A safety note about using (or having) `go.mod` inside `$GOPATH` in Go 1.13
2019-09-08:	Jumping backward and forward in GNU Emacs
2019-09-07:	CentOS 7 and Python 3
2019-09-06:	Programs that let you jump around should copy web browser navigation Go modules and the problem of noticing updates to dependencies
2019-09-04:	If you use the rarfile module, make sure you're using version 3.0 (or later) Using Wireshark's Statistics menu to get per-host traffic volume
2019-09-02:	Another way to do easy configuration for lots of Prometheus Blackbox checks
2019-09-01:	Some limitations of wifi MAC address randomization
2019-08-31:	The sorts of email attachments that we get these days have become boring
2019-08-30:	ZFS is not a universal filesystem that is always good for all workloads How I'm dealing with my Python indentation problem in GNU Emacs
2019-08-28:	A wifi MAC address randomization surprise in a new Android gadget Allowing some Alias directives to override global Redirects in Apache
2019-08-26:	A lesson of (alert) scale we learned from a power failure
2019-08-25:	Text UIs and the problem of discoverability
2019-08-24:	Apache, Let's Encrypt, and site-wide reverse proxies and HTTP redirections
2019-08-23:	What happens in ZFS when you have 4K sector disks in an `ashift=9` vdev Link: GNOME Terminal Cursor Blinking Saga
2019-08-22:	Pruning deleted remote Git branches (manually or automatically)
2019-08-21:	Making sense of OpenBSD '`pfctl -ss`' output for firewall state tables
2019-08-20:	Saying goodbye to Flash (in Firefox, and in my web experience)
2019-08-19:	Go 2 Generics: contracts are now boring (and that's good)
2019-08-18:	Early notes on using LSP-based editing in GNU Emacs for Python
2019-08-17:	A situation where Python has undefined values
2019-08-16:	A gotcha with Fedora 30's switch of Grub to BootLoaderSpec based configuration Systemd and waiting until network interfaces or addresses are configured
2019-08-15:	Getting LSP-based editing working for Go in GNU Emacs
2019-08-13:	Changes to Go and the appearance of finality
2019-08-12:	Linux can run out of memory without triggering the Out-Of-Memory killer
2019-08-11:	Roughly when the Linux Out-Of-Memory killer triggers (as of mid-2019)
2019-08-10:	One core problem with DNSSEC
2019-08-09:	Turning off DNSSEC in my Unbound instances Non-uniform caches are harder to make work well
2019-08-07:	What has to happen with Unix virtual memory when you have no swap space Rewriting my iptables rules using ipsets
2019-08-05:	`dup(2)` and shared file descriptors
2019-08-04:	Some notes on understanding how to use `flock(1)`
2019-08-03:	Sharing file descriptors with child processes is a clever Unix decision Link: ASCII table and history (Or, why does Ctrl+i insert a Tab in my terminal?)
2019-08-02:	If you can, you should use `flock(1)` for shell script locking Getting NetworkManager to probably verify TLS certificates for 802.1x networks
2019-08-01:	How not to set up your DNS (part 24)
2019-07-31:	How `mountd` and `exportfs` handle NFS export permissions on Linux Link: A program to read AMD Ryzen RAPL information on Linux
2019-07-30:	I think it's time to explicitly set Go's `$GO111MODULE` environment variable
2019-07-29:	The practical difference between CPU TDP and observed power draw illustrated
2019-07-28:	A note on using the Go Prometheus client package to exposed labeled metrics What I want out of my window manager
2019-07-26:	Some things on the GUID checksum in ZFS pool uberblocks How '`zpool import`' generates its view of a pool's configuration
2019-07-24:	I think I like systemd's `DynamicUser` feature (under the right circumstances) ZFS pool imports happen in two stages of pool configuration processing
2019-07-22:	Why file and directory operations are synchronous in NFS
2019-07-21:	Why we're going to be using Certbot as our new Let's Encrypt client Wireless networks have names and thus identify themselves
2019-07-19:	Some brief views on iOS clients for Mastodon (as of mid 2019)
2019-07-18:	Switching Let's Encrypt clients is currently quite disruptive
2019-07-17:	Django 1.11 has a bug that causes intermittent CSRF validation failures
2019-07-16:	Go's proposed `try()` will be used and that will change how code is written
2019-07-15:	ZFS on Linux still has annoying issues with ARC size
2019-07-14:	We're going to be separating our redundant resolving DNS servers
2019-07-13:	Our switches can wind up in weird states after a power failure
2019-07-12:	Browers can't feasibly stop web pages from talking to private (local) IP addresses Reflections on almost entirely stopping using my (work) Yubikey
2019-07-10:	I brought our Django app up using Python 3 and it mostly just worked
2019-07-09:	Systemd services that always restart should probably set a restart delay too
2019-07-08:	SMART drive self-tests seem potentially useful, but not too much
2019-07-07:	Straightforward web applications are now very likely to be stable in browsers
2019-07-06:	Clearing disk errors (or SMART complaints) for Linux software RAID arrays
2019-07-05:	My plan for two-stage usage of Certbot when installing web server hosts
2019-07-04:	Django's goals are probably not our goals for our web application
2019-07-03:	Converting a variable to a single-element slice in Go via `unsafe` Finding out what 32-bit x86 Linux programs your users are running
2019-07-01:	The power of option types is in what they do to the rest of the language
2019-06-30:	Understanding why 'root window' X under Wayland may matter
2019-06-29:	Being realistic about what we're going to do with our Django app
2019-06-28:	Using Prometheus's statsd exporter to let scripts make metrics updates
2019-06-27:	Our last OmniOS fileserver is now out of production (and service)
2019-06-26:	The death watch for the X Window System (aka X11) has probably started A hazard of our old version of OmniOS: sometimes powering off doesn't
2019-06-24:	The convenience (for me) of people writing commands in Python
2019-06-23:	What it takes to run a 32-bit x86 program on a 64-bit x86 Linux system
2019-06-22:	Google Groups entirely ignores SMTP time rejections We get a certain amount of SMTP MAIL FROM's in UTF-8 with odd characters
2019-06-21:	One of the things a metrics system does is handle state for you
2019-06-19:	How Bash decides it's being invoked through sshd and sources your .bashrc A Let's Encrypt client feature I always want for easy standard deployment
2019-06-17:	Sometimes, the problem is in a system's BIOS My Mastodon remark about tiling window managers
2019-06-16:	Firefox and my views on the tradeoffs of using DNS over HTTPS
2019-06-15:	Some notes on Intel's CPUID and how to get it for your CPUs
2019-06-14:	Intel's approach to naming Xeon CPUs is pretty annoying Intel's MDS issues have now made some old servers almost completely useless to us
2019-06-12:	My weird problem with the Fedora 29 version of Firefox 67 An interesting Fedora 29 DNF update loop with the createrepo package
2019-06-10:	Keeping your past checklists doesn't help unless you can find them again
2019-06-09:	Go recognizes and specially compiles some but not all infinite loops
2019-06-08:	Hardware Security Modules are just boxes running opaque and probably flawed software Our current approach for updating things like build instructions
2019-06-06:	Feed readers and their interpretation of the Atom 'title' element
2019-06-05:	The HTML <pre> element doesn't do very much Go channels work best for unidirectional communication, not things with replies
2019-06-03:	Almost all of our OmniOS machines are now out of production
2019-06-02:	Exploring the start time of Prometheus alerts via `ALERTS_FOR_STATE` I haven't customized my Vim setup and I'm not sure I should try to (yet)
2019-05-31:	Some things on how ZFS dnode object IDs are allocated (which is not sequentially) Some things about where icons for modern X applications come from
2019-05-30:	Conditional expressions in any form are an attractive thing
2019-05-28:	Distribution packaging of software needs to be informed (and useful) An interesting report on newly used domain names and their usage in spam
2019-05-27:	Something that Linux distributions should not do when packaging things
2019-05-26:	Why I no longer have strong feelings about changes to Python
2019-05-25:	Blocking JavaScript by default is not an easy path
2019-05-24:	The problem of paying too much attention to our dashboards
2019-05-23:	I will probably never give my shell dotfiles the major reform they could use On programming languages belonging (or not) to their community
2019-05-22:	Go is Google's language, not ours
2019-05-20:	Understanding how to pull in labels from other metrics in Prometheus
2019-05-19:	DKIM signed email as a signal (of something)
2019-05-18:	Binding keys to actions in xterm, and my bindings as an example
2019-05-17:	My new favorite tool for looking at TLS things is `certigo` One of our costs of using OmniOS was not having 10G networking
2019-05-16:	Go has no type for types in the language
2019-05-15:	An infrequent odd kernel panic on our Ubuntu 18.04 fileservers
2019-05-13:	Fixing Alpine to work over NFS on Ubuntu 18.04 (and probably other modern Linuxes)
2019-05-12:	What we'll want in a new Let's Encrypt client Committed address space versus active anonymous pages in Linux: a mystery
2019-05-10:	Some thoughts on Red Hat Enterprise 8 including Python 2 and what it means Firefox versus Chrome (my 2019 view)
2019-05-08:	Some general things and views on DNS over HTTPS A Linux machine with a strict overcommit limit can still trigger the OOM killer
2019-05-07:	Some weird and dubious syndication feed fetching from SBL-listed IPs
2019-05-05:	TLS certificate rollover outside of the web is complex and tangled What usually identifies an intermediate or root TLS certificate
2019-05-03:	In Go, unsafe type conversions are still garbage collection safe Some implications of using `offset` instead of `delta()` in Prometheus
2019-05-01:	One of my problems with YAML is its sheer complexity
2019-04-30:	My problem with YAML's use of whitespace
2019-04-29:	Notifications and interruptions, and my view on them
2019-04-28:	A gotcha with stale metrics and *_over_time() in Prometheus
2019-04-27:	Some useful features of (GNU) `date` for things like time conversion
2019-04-26:	Brief notes on making Prometheus instant queries with `curl` Various aspects of Python made debugging my `tarfile` problem unusual
2019-04-24:	How we're making updated versions of a file rapidly visible on our Linux NFS clients The appeal of using plain HTML pages
2019-04-22:	Go 2 Generics: The usefulness of requiring minimal contracts You might as well get an x86 CPU now, despite Meltdown and its friends
2019-04-21:	My view on upgrading Prometheus (and Grafana) on an ongoing basis
2019-04-19:	V7 Unix programs are often not written the way you would expect Links: A Practitioner's Guide to System Dashboard Design (with a bonus)
2019-04-18:	One reason `ed(1)` was a good editor back in the days of V7 Unix A pattern for dealing with missing metrics in Prometheus in simple cases
2019-04-17:	Private browsing mode versus a browser set to keep nothing on exit
2019-04-15:	How Linux starts non-system software RAID arrays during boot under systemd
2019-04-14:	A VPN for me but not you: a surprise when tethering to my phone
2019-04-13:	Remembering that Prometheus expressions act as filters WireGuard was pleasantly easy to get working behind a NAT (or several)
2019-04-12:	Getting (and capturing) spam can sometimes be useful to see what's in it
2019-04-10:	The `tarfile` module is too generous about what is considered a tar file A Git tool that I'd like and how I probably use Git differently from most people
2019-04-08:	An example of a situation where Go interfaces can't substitute for generics
2019-04-07:	Why selecting times is still useful even for dashboards that are about right now A ZFS resilver can be almost as good as a scrub, but not quite
2019-04-05:	I won't be trying out ZFS's new TRIM support for a while It's always DNS (a story of our circular dependency)
2019-04-03:	A sign of people's fading belief in RSS syndication NVMe and an interesting technology change
2019-04-01:	Our plan for handling TRIM'ing our ZFS fileserver SSDs
2019-03-31:	Our likely ZFS fileserver upgrade plans (as of March 2019) Erasing SSDs with `blkdiscard` (on Linux)
2019-03-29:	Our current approach for significantly upgrading or modifying servers My NVMe versus SSD uncertainty (and hesitation)
2019-03-27:	A new and exciting failure mode for Linux UEFI booting
2019-03-26:	Drifting away from OmniOS (CE)
2019-03-25:	The mystery of my desktop that locks up when it gets too cold
2019-03-24:	Prometheus's `delta()` function can be inferior to subtraction with `offset` Link: What has your microcode done for you lately? A bit more on ZFS's per-pool performance statistics
2019-03-22:	Sometimes the simplest version of a graph is a text table
2019-03-21:	What sorts of good email attachments our users get (March 2019 edition)
2019-03-20:	The types of attachments we see in malware email (March 2019 edition)
2019-03-19:	ZFS Encryption is still under development (as of March 2019)
2019-03-18:	Prometheus subqueries pick time points in a surprising way
2019-03-17:	Going from a bound instance method to its class instance in Python
2019-03-16:	Callable class instances versus closures in Python Staying away from Google Chrome after six months or so
2019-03-14:	The plague of 'you've logged in to our site again' notification emails
2019-03-13:	Peculiarities about Unix's `statfs()` or `statvfs()` API
2019-03-12:	An easy optimization for restricted multi-metric queries in Prometheus
2019-03-11:	Testing Prometheus alert conditions through subqueries
2019-03-10:	What the default query step is for Prometheus subqueries Turning something into a script encourages improving it
2019-03-08:	Exploring how and why interior pointers in Go keep entire objects alive
2019-03-07:	Exploring the mild oddity that Unix pipes are buffered Our problem with Netplan and routes on Ubuntu 18.04
2019-03-06:	Using Prometheus subqueries to look for spikes in rates
2019-03-04:	A surprisingly arcane little Unix shell pipeline example
2019-03-03:	Understanding a change often requires understanding how the code behaves Really understanding diffs requires knowing their context too
2019-03-01:	What you get when you do a DNS A record lookup for a CNAME'd name
2019-02-28:	Taking advantage of the Linux kernel NFS server's group membership cache
2019-02-27:	How to see and flush the Linux kernel NFS server's group membership cache Using Prometheus subqueries to do calculations over time ranges
2019-02-25:	`ntpdate` has a surprising restriction on what it will sync to Link: Vim anti-patterns
2019-02-24:	Process states from `/proc/[pid]/stat` versus `/proc/stat`'s running and blocked numbers The modern danger of locales when you combine sort and cron
2019-02-22:	Using default function arguments to avoid creating a class
2019-02-21:	An advantage of tablets and two-in-one devices over small laptops
2019-02-20:	What `/proc/[pid]/stat`'s process state means and where it comes from The cliffs in the way of adding tests to our Django web app
2019-02-18:	When cloning git repos, things go faster if you start from a good base
2019-02-17:	Why I like middle mouse button paste in xterm so much Some notes on heatmaps and histograms in Prometheus and Grafana
2019-02-15:	Accumulating a separated list in the Bourne shell
2019-02-14:	A pleasant surprise with a Thunderbolt 3 10G-T Ethernet adapter
2019-02-13:	An unpleasant surprise with part of Apache's `AllowOverride` directive
2019-02-12:	Using `grep` with `/dev/null`, an old Unix trick
2019-02-11:	Thinking about the merits of 'universal' URL structures
2019-02-10:	Open protocols can evolve fast if they're willing to break other people
2019-02-09:	'Scanned' versus 'issued' numbers for ZFS scrubs (and resilvers)
2019-02-08:	Making more use of keyboard control over window position and size
2019-02-07:	A touchpad is not a mouse, or at least not a good one
2019-02-06:	Using a single git repo to compare things between two upstreams
2019-02-05:	A problem with strict memory overcommit in practice
2019-02-04:	Hand-building an updated upstream kernel module for your (Fedora) kernel
2019-02-03:	My temptation of getting a personal laptop
2019-02-02:	A little appreciation for Vim's 'g' command
2019-02-01:	A bit of Sun's history that still lingers on in Illumos
2019-01-31:	What getopt package I use for option handling in my Go programs
2019-01-30:	ZFS On Linux's kernel modules issues are not like NVidia's How having a metrics system centralized information and got me to check it
2019-01-28:	Go 2 Generics: some features of contracts that I like The potential risk to ZFS created by the shift in its userbase
2019-01-27:	How to handle Unicode character decoding errors depends on your goals
2019-01-25:	A piece of email malware that wanted to make sure we rejected it The Linux kernel's pstore error log capturing system, and ACPI ERST
2019-01-23:	Consider setting your Linux servers to reboot on kernel problems A little surprise with Prometheus scrape intervals, timeouts, and alerts
2019-01-22:	Things you can do to make your Linux servers reboot on kernel problems
2019-01-21:	Two annoyances I have with Python's imaplib module
2019-01-20:	A few notes on using SSL in Python 3 client programs
2019-01-19:	A surprise potential gotcha with `sharenfs` in ZFS on Linux
2019-01-18:	Linux CPU numbers are not necessarily contiguous
2019-01-17:	Why C uninitialized global variables have an initial value of zero
2019-01-16:	Perhaps you no longer want to force a server-preferred TLS cipher order on clients
2019-01-14:	Why your fresh new memory pages are zero-filled
2019-01-13:	Two views of ZFS's GPL-incompatibility and the Linux kernel The risk that comes from ZFS on Linux not being GPL-compatible Even thinking about spam makes me angry
2019-01-12:	I have somewhat mixed feelings about Python 3's `socket` module errors
2019-01-11:	A new drawback of using my custom-compiled Firefox
2019-01-10:	Why I still have a custom-compiled Firefox (early 2019 edition)
2019-01-09:	On right and wrong ways to harvest system-level performance stats
2019-01-08:	Link: The IOCCC 2018 "Best of show" program
2019-01-07:	Daemons and the pragmatics of unexpected error values from system calls
2019-01-06:	`accept(2)`'s problem of trying to return two different sorts of errors Linux network-scripts being deprecated is a problem for my home PPPoE link
2019-01-05:	Some things on ZFS's per-pool performance statistics
2019-01-04:	Planning ahead in documentation worked out for us
2019-01-02:	You shouldn't allow Firefox to recommend things to you any more How I get a copy of the Ubuntu kernel source code (as of Ubuntu 18.04)
2018-12-31:	Our Linux ZFS fileservers work much like to our OmniOS ones Thinking about DWiki's Python 3 Unicode issues
2018-12-30:	Our third generation ZFS fileservers and their setup
2018-12-28:	An odd MIME Content-Disposition or two
2018-12-27:	Having metrics has taught me I didn't really know how our systems behave The many return values of `read()` (plus some other cases)
2018-12-26:	The problem of screenshots when you have a HiDPI display
2018-12-24:	Some notes on ZFS prefetch related stats Plaintext parts of email are fading away (in spam and non-spam)
2018-12-23:	How I wound up finding a bug in GNU Tar
2018-12-21:	Moving to Fedora 29 has not been one of the smooth upgrades for me Working around an irritating recent XTerm change in behavior
2018-12-20:	FreeBSD ZFS will be changing to be based on ZFS on Linux
2018-12-19:	My unusual Linux setup of an untagged network and tagged VLANs on the same interface
2018-12-17:	My current trick for keeping reasonably ready virtual machine images Exploring casual questions with our new metrics system
2018-12-16:	The Go 2 Error Handling proposal will likely lead to more use of `error` in return types
2018-12-15:	Python 3's approach to filenames and arguments is pragmatically right
2018-12-14:	Link: Everything you should know about certificates and PKI but are too afraid to ask Why our Grafana URLs always require HTTP Basic Authentication
2018-12-13:	Some new-to-me features in POSIX (or Single Unix Specification) Bourne shells
2018-12-12:	One situation where you absolutely can't use `irate()` in Prometheus
2018-12-10:	Why I'm usually unnerved when modern SSDs die on us A spate of somewhat alarming flaky SMART errors on Crucial MX500 SSDs
2018-12-09:	Firefox, WebExtensions, and Content Security Policies
2018-12-08:	Link: HTTPS in the real world
2018-12-07:	Why we like HTTP Basic Authentication in Apache so much Modern Bourne shell arithmetic is pretty pleasant
2018-12-05:	Some basic ZFS ARC statistics and prefetching The brute force cron-based way of flexibly timed repeated alerts
2018-12-03:	Wget is not welcome here any more (sort of) Linux disk IO stats in Prometheus
2018-12-02:	Checking to see if a process is alive (on Linux)
2018-11-30:	Today I (re-)learned that `top`'s output can be quietly system dependent I've learned that sometimes the right way to show information is a simple one
2018-11-29:	Go 2 Generics: Interfaces are not the right model for type constraints
2018-11-28:	Go 2 Generics: A way to make contracts more readable for people (if not programs)
2018-11-26:	(Open)SSH quiet connection disconnects in theory and in practice
2018-11-25:	Firefox's middle-click behavior on HTML links on Linux How we monitor our Prometheus setup itself
2018-11-23:	Some Linux disk IO stats you can calculate from kernel information Qualified praise for the Linux `ss` program
2018-11-21:	Some views on more flexible (Illumos) kernel crash dumps What I really miss when I don't have X across the network
2018-11-20:	When Prometheus Alertmanager will tell you about resolved alerts
2018-11-18:	Old zombie Linux distribution versions aren't really doing you any favours Some notes about kernel crash dumps in Illumos
2018-11-16:	Restisting the temptation to rely on Ubuntu for Django 1.11 Go 2 Generics: Contracts are too clever
2018-11-14:	Linux iptables compared to OpenBSD PF (through a real example)
2018-11-13:	Our pragmatic attachment to OpenBSD PF for our firewall needs
2018-11-12:	What Python 3 versions I can use (November 2018 edition)
2018-11-11:	Easy configuration for lots of Prometheus Blackbox checks The needs of Version Control Systems conflict with capturing all metadata OpenSSH 7.9's new key revocation support is welcome but can't be a full fix
2018-11-10:	Why Prometheus turns out not be our ideal alerting system Character by character TTY input in Unix, then and now
2018-11-09:	Getting CPU utilization breakdowns efficiently in Prometheus
2018-11-08:	The future of our homedir-based mail server system design
2018-11-07:	What email messages to not send autoreplies to (late 2018 edition)
2018-11-06:	Our self-serve system for 'vacation' autoreplies and its surprising advantage
2018-11-05:	`rate()` versus `irate()` in Prometheus (and Grafana)
2018-11-04:	DKIM provides sender attribution (for both spam and not necessarily spam) My view on Debian versus Ubuntu LTS for us today
2018-11-02:	Metadata that you can't commit into a VCS is a mistake (for file based websites)
2018-11-01:	In Linux, hitting a strict overcommit limit doesn't trigger the OOM killer
2018-10-31:	Do I feel uncertain about CentOS's future now? Yes, a bit OpenSSH has broader key revocation than I thought
2018-10-29:	Shooting myself in the foot by cargo-culting Apache configuration bits
2018-10-28:	How I'm visualizing health check history in Grafana Link: HiDPI on dual 4K monitors with Linux The obviousness of inheritance blinded me to the right solution
2018-10-26:	What 'dependency' means in Unix init systems is underspecified
2018-10-25:	I should always give my Python classes a `__str__` method
2018-10-24:	You can sort of use `zdb` as a substitute for a proper ZFS `fsck`
2018-10-23:	ZFS scrubs check (much) less than you probably think they do
2018-10-22:	Some DKIM usage statistics from our recent inbound email (October 2018 edition) Using group_* vector matching in Prometheus for database lookups
2018-10-21:	Some tradeoffs of having a Certificate Authority in your model
2018-10-20:	The original Unix `ed(1)` didn't load files being edited into memory
2018-10-18:	Some things on delays and timings for Prometheus alerts Link: Vectorized Emulation [of CPUs and virtual machines] Why you should be willing to believe that `ed(1)` is a good editor
2018-10-17:	When metrics disappear on updates with Prometheus Pushgateway
2018-10-16:	Quickly bashing together little utilities with Python is nice
2018-10-15:	The external delivery delays we see on our central mail machine Garbage collection and the underappreciated power of good enough
2018-10-13:	Getting a CPU utilization breakdown in Prometheus's query language, PromQL How Prometheus's query steps (aka query resolution) work
2018-10-12:	My unusual use for Firefox's Private Browsing mode
2018-10-11:	Some notes on Prometheus's Blackbox exporter
2018-10-10:	Even systemd services and dependencies are not self-documenting
2018-10-09:	Something systemd is missing for diagnosing oddly slow boots
2018-10-07:	It's good to check systemd for new boot-time things every so often
2018-10-06:	A deep dive into the OS memory use of a simple Go program Go basically never frees heap memory back to the operating system
2018-10-05:	My non-approach to password management tools
2018-10-03:	Thinking about what we want to be alerted about
2018-10-02:	Thinking about what we probably want for monitoring, metrics, etc An irritating limitation or two of addons in Firefox Quantum
2018-09-30:	My Firefox addons as of Firefox '64' (the current development version) Why updating my Fedora kernels is a complicated multi-step affair
2018-09-28:	Addressable values in Go (and unaddressable ones too) Using a very old ZFS filesystem can give you a kernel panic on Linux
2018-09-27:	Learning about Go's unaddressable values and slicing
2018-09-25:	A problem with unmounting FUSE mount points that are on NFS filesystems
2018-09-24:	Why I don't set master passwords in programs Walking away from Google Chrome
2018-09-22:	The `ed(1)` command in the Single Unix Specification (and the SVID) Some differences between various versions of `ed(1)`
2018-09-21:	Your databases always have a schema Why I mostly don't use `ed(1)` for non-interactive edits in scripts
2018-09-20:	Ubuntu pretty much is the 'universe' repository for us
2018-09-19:	The Extended Validation TLS certificate endgame is here (to my surprise)
2018-09-17:	Python 3 supports not churning memory on IO The importance of explicitly and clearly specifying things
2018-09-16:	CPython has a fairly strongly predictable runtime, which can be handy
2018-09-15:	How to use uBlock Origin to block Javascript by default
2018-09-14:	How you migrate ZFS filesystems matters
2018-09-13:	I don't like getters and setters and prefer direct field access
2018-09-12:	A surprise discovery about procmail (and wondering about what next)
2018-09-11:	The Linux kernel's internals showing through in the specifics of an NFS bug
2018-09-09:	Why I don't think browsers will ever standardize how 'Reader Mode' works Cookie management models in Firefox Quantum in practice
2018-09-07:	My view of the current state of Go's dependency management (as of Go 1.11) I've slowly been improving my web experience by trusting uMatrix more
2018-09-06:	Our future IPv6 access control problems due to non-DHCP6 machines
2018-09-04:	Some views on the Go 2 Error Inspection early draft proposal ZFS quietly discards all-zero blocks, but only sometimes
2018-09-02:	Link: "The History of a Security Hole" (in various *BSD kernels) An extravagant and dense piece of malware-laden email If one phish spam doesn't succeed, maybe another will NFS directory reading and directory file type information
2018-08-31:	Link: A deep dive into the Go memory allocator Configurations can quietly drift away from working over time, illustrated Making Ubuntu bug reports seems to be useless (or pointless)
2018-08-29:	Our problem with (Amanda) backups of many files, especially incrementals How I recently used vendoring in Go
2018-08-28:	An illustration of why it's hard to port outside code into the Linux kernel
2018-08-26:	A little bit of the one-time MacOS version still lingers in ZFS How ZFS maintains file type information in directories
2018-08-25:	The history of file type information being available in Unix directories
2018-08-24:	Incremental development in Python versus actual tests
2018-08-23:	It's time for me to buckle down and add tests to our Django web app
2018-08-22:	Why `ed(1)` is not a good editor today
2018-08-20:	Explicit manipulation versus indirect manipulation UIs It's worth testing that obvious things actually do work
2018-08-19:	Why I'm mostly not interest in exploring new fonts (on Unix)
2018-08-17:	Some malware apparently believes in covering its bases Some Firefox addons I'm experimenting with (as of Firefox 62 or so)
2018-08-16:	It matters where (or when) your programs ask questions
2018-08-14:	Go's net package doesn't have opaque errors, just undocumented ones Our problem with HTTPS and user-created content
2018-08-12:	The evolution of our account creation script A recent spate of ZIP attachments with everything
2018-08-10:	Fetching really new Fedora packages with Bodhi The benefits of driving automation through cron One simple general pattern for making sure things are alive
2018-08-08:	Systemd's `DynamicUser` feature is (currently) dangerous A timesyncd total failure and systemd's complete lack of debugability
2018-08-06:	Link: Where Vim Came From Linux's `/dev/disk/by-path` names for disks change over time
2018-08-05:	Some more notes on Firefox 63 and perhaps later media autoplay settings Why email is often not as good as modern communication protocols
2018-08-03:	Firefox now implements its remote control partly over D-Bus How I want to use Go's versioned modules
2018-08-02:	Ubuntu 18.04's problem with Amanda's `amrecover`
2018-07-31:	The hidden danger of using `rsync` to copy files instead of `cp`
2018-07-30:	My own configuration files don't have to be dotfiles in `$HOME` Being reminded that an obvious problem isn't necessarily obvious
2018-07-29:	Our ZFS fileservers aren't happy when you do NFS writes to a full filesystem
2018-07-28:	Word-boundary regexp searches are what I usually want
2018-07-27:	Today I saw a spammer parasite itself on another spammer (probably)
2018-07-25:	One advantage of Go modules will be less mess in `$HOME/go/src`
2018-07-24:	I doubt Chrome's new 'not secure' warning about HTTP sites will change much (at least right away)
2018-07-23:	Some notes on lifting Python 2 code into Python 3 code The irritatingly many executable formats of Windows
2018-07-22:	The problem with some non-HiDPI aware applications (is that they're very small)
2018-07-21:	How we're handling NFS exports for our ZFS on Linux systems
2018-07-20:	Linux's NFS exports permissions model compared to Illumos's
2018-07-19:	Sometimes it actually is a Linux kernel bug
2018-07-17:	Some things on Illumos NFS export permissions
2018-07-16:	Why people are probably going to keep using today's Unixes
2018-07-15:	When I'll probably be able to use Python assignment expressions Understanding ZFS System Attributes
2018-07-14:	The challenge of storing file attributes on disk
2018-07-13:	ZFS on Linux's `sharenfs` problem (of what you can and can't put in it)
2018-07-11:	You should probably write down what your math actually means
2018-07-10:	Some thoughts on performance shifts in moving from an iSCSI SAN to local SSDs Remembering that Python lists can use tuples as the sort keys
2018-07-08:	TLS Certificate Authorities and 'trust' We've decided to write our future Python tools in Python 3
2018-07-06:	Having your SSH server on an alternate port provides no extra security today I'm seeing occasional mysterious `POST` requests without `Content-Type`s
2018-07-04:	How and why we sell storage to people here The hardware and basic setup for our third generation of ZFS fileservers
2018-07-03:	The history of our custom NFS mount authorization system (or some of it)
2018-07-01:	Understanding the first imperative of a commercial Certificate Authority
2018-06-30:	My interesting experience with rapid repeated PID rollover on Linux
2018-06-29:	What 'PID rollover' is on Unix systems How ZFS makes things like '`zfs diff`' report filenames efficiently
2018-06-27:	My Ryzen-based Linux office machine appears to finally be stable I think it's still reasonable to run personal servers on the Internet
2018-06-25:	Twitter probably isn't for you or me any more
2018-06-24:	What ZFS block pointers are and what's in them A broad overview of how ZFS is structured on disk
2018-06-22:	When you make changes, ZFS updates much less stuff than I thought Running servers (and services) well is not trivial
2018-06-20:	Revising my view on Python 3 for new code again: you should use it The time to be compatible with both Python 2 and Python 3 is past
2018-06-18:	Getting Xorg to let you terminate the X server with Ctrl + Alt + Backspace
2018-06-17:	The history of terminating the X server with Ctrl + Alt + Backspace A broad overview of how modern Linux systems boot
2018-06-16:	The 'on premise' versus 'off premise' approach to environments
2018-06-15:	Default X resources are host specific (which I forgot today)
2018-06-14:	Clearing cached HTTP redirections or HSTS status in Firefox
2018-06-13:	Link: A Child’s Garden of Inter-Service Authentication Schemes Link: About the memory management in the Bourne shell The mess Ubuntu 18.04 LTS has made of libreadline
2018-06-11:	A website's design shows its actual priorities
2018-06-10:	People receiving email don't feel it should be their job to stop spam
2018-06-09:	What ZFS messages about 'permanent errors in <0x95>:<0x0>' mean How to run a mail sending service that will probably never send spam
2018-06-08:	Networks form through usage and must be maintained through it
2018-06-07:	The history of Unix's confusing set of low-level ways to allocate memory
2018-06-06:	The downsides of processing files using too large a buffer size
2018-06-04:	The superficial versus deep appeal of ZFS What I use Github for and how I feel about it
2018-06-03:	Why I believe that HTTPS-only JavaScript APIs make sense
2018-06-02:	Intel versus AMD for me (in 2018)
2018-05-31:	What is the long term future for Extended Validation TLS certificates? Extended Validation TLS certificates are basically invisible
2018-05-30:	Taking over program names in Linux is generally hard
2018-05-28:	An incomplete list of reasons why I force-quit iOS apps
2018-05-27:	ZFS pushes file renamings and other metadata changes to disk quite promptly Most modern web spiders are parasites
2018-05-25:	Some notes on Go's `runtime.KeepAlive()` function There's real reasons for Linux to replace ifconfig, netstat, et al
2018-05-24:	Registering for things on the Internet is dangerous these days
2018-05-23:	Almost no one wants to run their own infrastructure
2018-05-21:	Bad versions of packages in the context of minimal version selection
2018-05-20:	'Minimal version selection' accepts that semantic versioning is fallible Modern CPU power usage varies unpredictably based on what you're doing
2018-05-18:	ZFS `spare-N` spare vdevs in your pool are mirror vdevs How I usually divide up NFS (operation) metrics
2018-05-17:	I'm worried about Wayland but there's not much I can do about it
2018-05-16:	How you run out of inodes on an extN filesystem (on Linux)
2018-05-15:	I have a boring desktop and I think I'm okay with that
2018-05-13:	My GDPR pessimism
2018-05-12:	ZFS on Linux's development version now has much better pool recovery for damaged pools Sorting out some of my current views on operator overloading in general
2018-05-11:	Notice to web spiders: an email address in your user-agent isn't good enough
2018-05-10:	Python modules use operator overloading in two different ways
2018-05-09:	Yubico fails to care that people give you email addresses for specific purposes
2018-05-08:	How we're going to be doing custom NFS mount authorization on Linux
2018-05-07:	One reason why Python doesn't let you overload the boolean AND and OR operations
2018-05-06:	Firefox turns out to need some degree of 'autoplay' support
2018-05-05:	Modern Unix GUIs now need to talk to at least one C library
2018-05-04:	Why you can't put zero bytes in Unix command line arguments
2018-05-03:	Using `grep` to hunt around for null bytes in text files
2018-05-02:	An interaction of low ZFS `recordsize`, compression, and advanced format disks
2018-04-30:	You probably need to think about how to handle core dumps on modern Linux servers Microsoft's Bingbot crawler is on a relative rampage here
2018-04-29:	My new 4K HiDPI display really does make a visible difference
2018-04-28:	What sorts of good email attachments our users get (April 2018 edition)
2018-04-27:	Some notes on Firefox's current media autoplay settings
2018-04-26:	The shifting goals of our custom NFS mount authorization system
2018-04-25:	An implementation difference in NSS netgroups between Linux and Solaris
2018-04-24:	What the core practical problems with HiDPI seem to be on Linux
2018-04-23:	ZFS's recordsize as an honest way of keeping checksum overhead down
2018-04-22:	Thinking about why ZFS only does IO in `recordsize` blocks, even random IO
2018-04-20:	The increasingly surprising limits to the speed of our Amanda backups Spam from Yahoo Groups has quietly disappeared
2018-04-18:	The sensible way to use Bourne shell 'here documents' in pipelines A CPU's TDP is a misleading headline number
2018-04-17:	Link: Parsing: a timeline Go and the pragmatic problems of having a Python-like `with` statement
2018-04-16:	Some notes and issues from trying out `urxvt` as an `xterm` replacement
2018-04-15:	The unfortunate configuration choice Grub2 makes in UEFI configurations
2018-04-13:	For the first time, my home PC has no expansion cards A learning experience about the performance of our IMAP server
2018-04-12:	I'm hoping that RHEL 8's decision on Python 2 isn't Ubuntu 20.04's decision
2018-04-10:	Our real problem with a removal of Python 2 is likely to be our users
2018-04-09:	Power consumption numbers for my 2018 home and work machines
2018-04-08:	The interesting question of whether Ubuntu 20.04 LTS will include Python 2 A learning experience with iOS's fingerprint recognition
2018-04-07:	Some numbers for how well various compressors do with our `/var/mail` backup
2018-04-06:	Using Go finalizers can be a better option than not using them
2018-04-05:	Switching over to Firefox Quantum was relatively painless
2018-04-04:	Today's learning experience is that gzip is not fast
2018-04-03:	Sorting out my systemd mistake with a script-based service unit
2018-04-02:	Link: Closing the Loop: The Importance of External Engagement in Computer Science Research I've retired my filtering HTTP proxy
2018-03-31:	Using a local database to get consistent device names is a bad idea My new Linux home machine for 2018
2018-03-30:	My current set of Firefox Quantum (57+) addons Sometimes, not trying to reject some sort of spam is the right answer
2018-03-29:	The problem with Linux's 'predictable network interface names'
2018-03-28:	The correlation between Spamhaus Zen listings and attachment types (March 2018 edition)
2018-03-27:	My uncertainties around X drivers for modern Intel integrated graphics
2018-03-26:	`xprt:` data for NFS mounts in `/proc/self/mountstats` is per-fileserver, not per-mount
2018-03-25:	Our revised Dovecot IMAP configuration migration plans (and processes)
2018-03-24:	Our current ugly hacks to Dovecot to help mitigate our IMAP problems
2018-03-23:	Some things about Dovecot, its index files, and the IMAP LIST command
2018-03-22:	Why seeing what current attributes a Python object has is hard
2018-03-21:	You probably don't want to run Firefox Nightly any more
2018-03-20:	Python and the 'bags of unstructured data' approach
2018-03-19:	Some exciting ZFS features that are in OmniOS CE's (near) future
2018-03-18:	Why I use Facebook (a story of web development)
2018-03-17:	Much better ZFS pool recovery is coming (in open source ZFS)
2018-03-16:	Wrestling with metrics to get meaningful, useful ones
2018-03-14:	What I think I want out of a hypothetical `nfsiotop` for Linux Why Let's Encrypt's short certificate lifetimes are a great thing
2018-03-12:	A spammer misses a glorious opportunity Linux is good at exposing the truth of how motherboards are wired
2018-03-11:	A bad web scraper operating out of OVH IP address space
2018-03-09:	In Fedora, your initramfs contains a copy of your sysctl settings Some questions I have about DDR4 RAM speed and latency in underclocked memory
2018-03-07:	Some things I mean when I talk about 'forged HTTP referers' The lie in Ubuntu source packages (and probably Debian ones as well)
2018-03-05:	Getting chrony to not try to use IPv6 time sources on Fedora
2018-03-04:	The value locked up in the Unix API makes it pretty durable The practical Unix API is more than system calls (or POSIX)
2018-03-02:	Frequent versus infrequent developers (in languages and so on) A sysadmin's perspective on Go vendoring and `vgo`
2018-02-28:	egrep's `-o` argument is great for extracting unusual fields Using Python 3 for example code here on Wandering Thoughts
2018-02-26:	Meltdown and Spectre have made this a bad time to get a new x86 CPU It feels good to have a fallback option for home computing
2018-02-25:	What Python does when you subclass a `__slots__` class is the right answer
2018-02-24:	The question of what will be sending email spam over IPv6
2018-02-23:	Github and publishing Git repositories
2018-02-21:	Sorting out what `exec` does in Bourne shell pipelines
2018-02-20:	How switching to uMatrix for JavaScript blocking has improved my web experience I've now received my first spam email over IPv6
2018-02-19:	Some consumer SSDs are moving to a 4k 'advance format' physical block size
2018-02-18:	Memories of MGR
2018-02-17:	Using `lsblk` to get extremely useful information about disks
2018-02-16:	How I tend to label bad hardware
2018-02-15:	DTrace being GPL (and thrown into a Linux kernel) is just the start
2018-02-14:	Some things about ZFS block allocation and ZFS (file) record sizes
2018-02-12:	Writing my first addon for Firefox wasn't too hard or annoying
2018-02-11:	Sending emails to your inbox is a dangerous default Access control security requires the ability to do revocation
2018-02-10:	The interesting error codes from Linux program segfault kernel messages
2018-02-09:	My failure to migrate my workstation from MBR booting to UEFI
2018-02-08:	What the Linux kernel's messages about segfaulting programs mean on 64-bit x86
2018-02-07:	Consumer SSDs and their nominal physical block sizes, now and in the future
2018-02-05:	I should remember that sometimes C is a perfectly good option
2018-02-04:	A surprise in how ZFS grows a file's record size (at least for me) More notes on using uMatrix in Firefox 56 (in place of NoScript)
2018-02-02:	Some practical tradeoffs involved in using HTTPS instead of HTTP X's network transparency was basically free at the time
2018-01-31:	Mozilla's Looking Glass 'retrospective' is unfortunately inadequate How the IPs sending us malware break down (January 2018 edition)
2018-01-30:	Reverse engineering some settings for Google Search
2018-01-28:	Adding 'view page in no style' to the WebExtensions API in Firefox Quantum Adding 'view page in no style' to Firefox Quantum's context menu The limitations of Firefox's Reader mode
2018-01-26:	A misbehaving SMTP sender can fool me about malware volume X's network transparency has wound up mostly being a failure
2018-01-24:	What the Linux `rcu_nocbs` kernel argument does (and my Ryzen issues again) Some early notes on using uMatrix to replace NoScript in Firefox 56
2018-01-22:	The addons that I would likely use with Firefox Quantum (57+) Doing something when a Cinnamon-based laptop suspends or hibernates
2018-01-21:	The temptation of Firefox Quantum for me
2018-01-19:	I'm one of those people who never log out from their desktop
2018-01-18:	Why Go cares about the difference between `unsafe.Pointer` and `uintptr` A recent performance surprise with X on my Fedora Linux desktop
2018-01-17:	My new Ryzen desktop is causing Linux to hang (and it's frustrating)
2018-01-16:	You could say that Linux is AT&T's fault
2018-01-15:	Meltdown and the temptation of switching to Ryzen for my new home machine
2018-01-14:	Our small tools for running commands on multiple machines
2018-01-13:	Some plans for migrating my workstation from MBR booting to UEFI
2018-01-12:	Open source software licenses matter
2018-01-10:	Linux's glibc monoculture is not a bad thing Glibc and the Linux API
2018-01-09:	Differences between keywords and constants in Python
2018-01-08:	Link: Some fascinating details of cellular data transmission
2018-01-07:	The challenges of having true constants in Python Link: The Python decorators they won't tell you about
2018-01-06:	What's happening when you change `True` and `False` in Python 2 What ZFS gang blocks are and why they exist
2018-01-05:	Confirming the behavior of file block sizes in ZFS
2018-01-04:	The goals and problems of our Dovecot IMAP configuration migration
2018-01-03:	A brief review of the Dell XPS 13 as a Fedora laptop
2018-01-02:	Some notes on relative imports and `vendor/` in Go
2017-12-31:	Is the C runtime and library a legitimate part of the Unix API? Understanding IMAP path prefixes in clients and servers
2017-12-30:	Some details of ZFS DVAs and what some of their fields store
2017-12-29:	To get much faster, an implementation of Python must do less work
2017-12-28:	How our IMAP server wound up running out of inodes
2017-12-27:	When you have fileservers, they naturally become the center of the world
2017-12-26:	I continue to have strong confidence in ZFS On Linux
2017-12-25:	There were Unix machines with real DirectColor graphics hardware
2017-12-24:	The interestingly different display colour models of X10 and X11
2017-12-23:	Our next generation of fileservers will not be based on Illumos
2017-12-22:	Our next generation of fileservers will not use any sort of SAN
2017-12-21:	Checking RAM DIMM information from inside Linux
2017-12-20:	I feel that Firefox forks that would be useful to me are doomed
2017-12-19:	Attachment types that we see in email from Zen-listed IP addresses
2017-12-18:	What file types we see inside ZIP archives with only a single file in email
2017-12-17:	Some questions someone should ask Mozilla
2017-12-15:	Mozilla betrays Firefox users and its nominal principles How we automate acmetool
2017-12-14:	How Python makes it hard to write well structured little utilities
2017-12-13:	Our Apache file serving problem on our general purpose web server
2017-12-12:	Some notes on systemd-resolved, the systemd DNS resolver
2017-12-11:	Some things about booting with UEFI that are different from MBR booting
2017-12-10:	Let's Encrypt and a TLS monoculture
2017-12-09:	You don't have to authorize a machine for Let's Encrypt from the machine We've switched over to using Let's Encrypt as much as possible
2017-12-08:	Some thoughts on what StartCom's shutdown means in general
2017-12-06:	My upgrade to Fedora 27, Secure Boot, and a mistake made somewhere In practice, Go's slices are two different data structures in one
2017-12-04:	Some notes on using Go to check and verify SSH host keys
2017-12-03:	Some notes and considerations on SSH host key verification My new Linux office workstation for fall 2017
2017-12-01:	I'm basically giving up on syslog priorities
2017-11-30:	We're broadly switching to synchronizing time with systemd's timesyncd The cost of memory access across a NUMA machine can (probably) matter
2017-11-29:	Sometimes the right thing to do about a spate of spam is nothing (probably)
2017-11-27:	Code stability in my one Django web application The `dig` program now needs some additional options for useful DNS server testing
2017-11-26:	One way of capturing debugging state information in a systemd-based system
2017-11-25:	Sequential scrubs and resilvers are coming for (open-source) ZFS
2017-11-24:	Shooting myself in the foot by using `exec` in a shell script
2017-11-23:	Understanding a tricky case of Bourne shell redirection and command parsing
2017-11-22:	Delays on SMTP replies discourage apparently SMTP AUTH scanners
2017-11-20:	Major version changes are often partly a signal about support
2017-11-19:	StartCom gives up on its Certificate Authority business Getting some information about the NUMA memory hierarchy of your server
2017-11-18:	AMD Ryzens, their memory speed peculiarities, and ECC
2017-11-17:	When you should run an NTP daemon on your servers
2017-11-16:	I think you should mostly not run NTP daemons on your machines
2017-11-15:	I've switched from ntpd to chrony as my NTP daemon
2017-11-14:	We may have reached a point where (new) ARM servers will just work for Linux
2017-11-13:	X11 PseudoColor displays could have multiple hardware colormaps
2017-11-12:	The fun of X11 PseudoColor displays and window managers
2017-11-11:	What X11's TrueColor means (with some history)
2017-11-10:	A systemd mistake with a script-based service unit I recently made
2017-11-09:	Why I'm not enthused about live patching kernels and systems
2017-11-08:	What it means to support ECC RAM (especially for AMD Ryzen)
2017-11-07:	Link: Citation Needed [on array indexing in programming languages] My new Linux machine for fall 2017 (planned)
2017-11-05:	How `collections.defaultdict` is good for your memory usage Some early notes on WireGuard
2017-11-04:	Why I've switched from GRE-over-IPSec to using WireGuard
2017-11-03:	Illumos `mountd` caches netgroup lookups (relatively briefly)
2017-11-02:	I think Certificate Transparency is better for the web than HTTP Key Pinning
2017-10-31:	We've now seen malware in a tar archive
2017-10-30:	There are two sorts of TLS certificate mis-issuing The Illumos NFS server's caching of filesystem access permissions
2017-10-29:	There are several ways to misread specifications
2017-10-28:	Why I plan to pick a relatively high-end desktop CPU for my next PC
2017-10-27:	HD usage can be limited by things other than cost per TB
2017-10-26:	The 'standard set' of Unix programs is something that evolves over time
2017-10-25:	Having different commands on different systems does matter
2017-10-24:	Our frustrations with OmniOS's 'KYSTY' minimalism
2017-10-23:	I've now seen something doing SMTP probing of IPv6 addresses
2017-10-22:	Understanding what our wireless password protects
2017-10-21:	Multi-Unix environments are less and less common now
2017-10-20:	Ext4, SSDs, and RAID stripe parameters
2017-10-18:	Using Shellcheck is good for me I still like Python and often reach for it by default
2017-10-17:	My current grumpy view on key generation for hardware crypto keys
2017-10-16:	Getting ssh-agent working in Fedora 26's Cinnamon desktop environment
2017-10-15:	Unbalanced reads from SSDs in software RAID mirrors in Linux
2017-10-14:	A surprise about which of our machines has the highest disk write volume
2017-10-13:	Working to understand PCI Express and how it interacts with modern CPUs
2017-10-12:	I'm looking forward to using systemd's new IP access control features
2017-10-11:	Understanding M.2 SSDs in practice and how this relates to NVMe
2017-10-10:	An interesting way to leak memory with Go slices
2017-10-09:	JavaScript as the extension language of the future
2017-10-08:	Thinking about whether I'll upgrade my next PC partway through its life
2017-10-07:	I'm trying out smooth scrolling in my browsers
2017-10-06:	Spam issues need to be considered from the start
2017-10-05:	Google is objectively running a spammer mailing list service
2017-10-04:	My new worry about Firefox 56 and the addons that I care about
2017-10-03:	Some thoughts on having both Python 2 and 3 programs
2017-10-02:	My experience with using Fedora 26's standard font rendering (and fonts)
2017-09-30:	The origin of POSIX as I learned the story (or mythology)
2017-09-29:	Shell builtin versions of standard commands have drawbacks More on systemd on Ubuntu 16.04 failing to reliably reboot some of our servers
2017-09-27:	Putting cron jobs into systemd user slices doesn't always work (on Ubuntu 16.04) ZFS's `recordsize`, holes in files, and partial blocks
2017-09-26:	Using `zdb` to peer into how ZFS stores files on disk
2017-09-25:	What I use printf for when hacking changes into programs
2017-09-24:	Reading code and seeing what you're biased to see, illustrated
2017-09-23:	A clever way of killing groups of processes
2017-09-22:	Using a watchdog timer in system shutdown with systemd (on Ubuntu 16.04)
2017-09-21:	My potential qualms about using Python 3 in projects
2017-09-20:	Wireless is now critical (network) infrastructure
2017-09-18:	Looking back at my mixed and complicated feelings about Solaris Sorting out the world of modern USB (at least a bit)
2017-09-17:	Why I didn't use the `attrs` module in a recent Python project
2017-09-15:	Ignoring the domain when authenticating your Dovecot users Firefox 57 and the state of old pre-WebExtensions addons
2017-09-14:	Sorting out systemd's `system.conf`, `user.conf`, and `logind.conf`
2017-09-13:	System shutdown is complicated and involves policy decisions
2017-09-12:	The different contexts of stopping a Unix daemon or service
2017-09-11:	Giving users what they want and expect, IMAP edition
2017-09-10:	I failed to notice when my network performance became terrible
2017-09-09:	Letting go of having an optical drive in my machine
2017-09-08:	My view of the problem with Extended Validation TLS certificates
2017-09-07:	Systemd, NFS mounts, and shutting down your system
2017-09-06:	Systemd on Ubuntu 16.04 can't (or won't) reliably reboot your server
2017-09-05:	If spam false positives are inevitable, should we handle them better?
2017-09-04:	The idea of 'spam levels' may be a copout
2017-09-03:	A fundamental limitation of systemd's per-user fair share scheduling
2017-09-02:	Putting cron jobs into systemd user slices
2017-08-31:	With git, it's useful to pick the right approach to your problem People probably aren't going to tell you when your anti-spam systems are working
2017-08-30:	We've wound up using the spam scores from some other mail systems
2017-08-28:	OpenSSH has an annoyingly misleading sshd error log message The types of attachments we see for malware-laden email
2017-08-27:	Is bootstrapping Go from source faster using Go 1.9 or Go 1.8?
2017-08-25:	The probable coming explosion of Firefox 57 Fedora 26 and a font rendering dilemma for me
2017-08-23:	Why Go changes its minimum version requirements for OSes (and hardware) An unexpected risk of using Go is it ending support for older OS versions
2017-08-22:	Understanding rainbow tables
2017-08-21:	Hashed Ethernet addresses are not anonymous identifiers
2017-08-20:	The surprising longevity of Unix manpage formatting
2017-08-19:	Subnets and early Unix implementations of TCP/IP networking
2017-08-18:	How ZFS on Linux names disks in ZFS pools
2017-08-16:	The three different names ZFS stores for each vdev disk (on Illumos) Things I do and don't know about how ZFS brings pools up during boot
2017-08-15:	How to get per-user fair share scheduling on Ubuntu 16.04 (with systemd)
2017-08-14:	Chrome extensions are becoming a reason not to use Chrome
2017-08-13:	Sorting out slice mutability in Go
2017-08-12:	Notes on cgroups and systemd's interaction with them as of Ubuntu 16.04
2017-08-11:	Some notes from my brief experience with the Grumpy transpiler for Python Link: Linux Load Averages: Solving the Mystery
2017-08-10:	On the Internet, merely blocking eavesdropping is a big practical win
2017-08-09:	How encryption without authentication would still be useful on the web
2017-08-08:	We care more about long term security updates than full long term support
2017-08-07:	There will be no LTS release of the OmniOS Community Edition
2017-08-06:	Our decision to restrict what we use for developing internal tools
2017-08-05:	I've been hit by the startup overhead of small programs in Python
2017-08-04:	The problem with distributed authentication systems for big sites
2017-08-03:	Imposing temporary CPU and memory resource limits on a user on Ubuntu 16.04
2017-08-02:	Why I'll never pick the 'sign in with a Facebook or Google account' option
2017-07-31:	Using policy based routing to isolate a testing interface on Linux Link: How does "the" X11 clipboard work? Modern web page design and superstition
2017-07-30:	Some terrible article page design elements on the modern web
2017-07-29:	The differences between how SFTP and `scp` work in OpenSSH
2017-07-28:	Our (Unix) staff groups problem
2017-07-26:	The continuity of broad systems or environments in system administration Why I care about Apache's mod_wsgi so much
2017-07-25:	If you're going to use PyPy, I think you need servers
2017-07-24:	Trying to understand the ZFS `l2arc_noprefetch` tunable
2017-07-23:	Understanding a bit about the SSH connection protocol
2017-07-21:	When the SSH protocol does and doesn't do user authentication
2017-07-20:	I'm cautiously optimistic about the new OmniOS Community Edition HTTPS is a legacy protocol
2017-07-19:	I've become resigned to Firefox slowly leaking memory
2017-07-18:	Python's complicating concept of a callable
2017-07-17:	Link: NASA DASHlink - Real System Failures Why I think Emacs readline bindings work better than Vi ones
2017-07-16:	Why upstreams can't document their program's behavior for us
2017-07-14:	Some people feel that all permanent SMTP failures are actually temporary Link: ZFS Storage Overhead SELinux's problem of keeping up with general Linux development
2017-07-12:	Understanding the .io TLD's DNS configuration vulnerability Recursive DNS servers send the whole original query to authoritative servers
2017-07-11:	The BSD r* commands and the history of privileged TCP ports
2017-07-10:	Ubuntu's 'Daily Build' images aren't for us
2017-07-09:	Why we're not currently interested in PXE-based Linux installs
2017-07-08:	I wish you could easily update the packages on Ubuntu ISO images
2017-07-07:	Programming Bourne shell scripts is tricky, with dim corners
2017-07-06:	Link: Survey of [floating point] Rounding Implementations in Go My current views on Shellcheck
2017-07-05:	How I shot my foot because the Bourne shell is different
2017-07-04:	LinkedIn is still trying to send me email despite years of rejections
2017-07-02:	Re-applying CPU thermal paste fixed my CPU throttling issues Moving to smaller fileservers for us probably means no more iSCSI SAN
2017-06-30:	Our current generation fileservers have turned out to be too big Why big Exim queues are a problem for us in practice
2017-06-29:	The TLDs of sender addresses for a week of our spam (June 2017 edition)
2017-06-28:	I don't think you should increase ZFS on Linux's write buffering
2017-06-26:	Our MTAs should probably be able to create backpressure
2017-06-25:	Thinking through issues a mail client may have with SMTP-time rejections One tradeoff in email system design is who holds problematic email
2017-06-23:	In praise of uBlock Origin's new 'element zapper' feature Links: Git remote branches and Git's missing terminology (and more) My situation with Twitter and my Firefox setup (in which I blame pseudo-XHTML)
2017-06-22:	Why we're not running the current version of Django
2017-06-21:	The oddity of CVE-2014-9940 and the problem of recognizing kernel security patches
2017-06-19:	Plan for manual emergency blocks for your overall mail system How I'm currently handling the mailing lists I read
2017-06-17:	One reason you have a mysterious Unix file called `2` (or `1`)
2017-06-16:	Go interfaces and automatically generated functions The (current) state of Firefox Nightly and old extensions
2017-06-15:	Why I am not installing your app on my phone
2017-06-14:	The difference between ZFS scrubs and resilvers
2017-06-12:	Resilvering multiple disks at once in a ZFS pool adds no real extra overhead
2017-06-11:	Why filing away mailing lists for a while has improved my life How to see raw USB events on Linux via usbmon
2017-06-10:	One downside of the traditional style of writing Unix manpages
2017-06-09:	My `.procmailrc` has quietly sort of turned into a swamp
2017-06-08:	In practice, putting SSDs into 3.5" drive bays is a big hassle
2017-06-06:	A humbling experience of misreading some simple (Go) code The IPv6 address lookup problem (and brute force solution)
2017-06-05:	Another case of someone being too clever in their `User-Agent` field
2017-06-04:	Link: The evolution of Unix's overall architecture Why the `popen()` API works but more complex versions blow up
2017-06-03:	The Python Gilectomy project's performance problem
2017-06-02:	My views on the JSON Feed syndication feed format
2017-05-31:	How a lot of specifications are often read Why one `git fetch` default configuration bit is probably okay
2017-05-29:	Configuring Git worktrees to limit what's fetched on pulls
2017-05-28:	My thoughts on git worktrees for me (and some notes on things I tried) Specifications are ultimately defined by their implementations
2017-05-26:	Why globally unique IDs are useful for syndication feed entries
2017-05-25:	Using Linux's Magic Sysrq on modern keyboards without a dedicated Syrq key URLs are terrible permanent identifiers for things
2017-05-24:	Exploiting Python's Global Interpreter Lock for atomic operations is fun
2017-05-22:	Safely using Python's Global Interpreter Lock is quite tricky and subtle
2017-05-21:	We use jQuery and I've stopped feeling ashamed about it A 'null MX' is also useful for blocking forged senders from non-email domains
2017-05-20:	We now have an officially standardized 'null MX' record
2017-05-19:	I'm not sure what I feel about this web spider's User-Agent value
2017-05-18:	A shift in the proper sizes of images on web pages
2017-05-17:	Unfortunately I don't feel personally passionate about OmniOS
2017-05-15:	Thinking about how much asynchronous disk write buffering you want How we failed at making all our servers have SSD system disks
2017-05-14:	People don't like changes (in computer stuff)
2017-05-13:	People don't patch systems and that's all there is to it
2017-05-12:	Where bootstrapping Go with a modern version of Go has gotten faster
2017-05-11:	The challenges of recovering when unpacking archives with damage
2017-05-10:	Building the Go compiler from source from scratch (on Unix)
2017-05-08:	Some things I've decided to do to improve my breaks and vacations
2017-05-07:	ZFS's `zfs receive` has no error recovery and what that implies A mistake I made when setting up my ZFS SSD pool on my home machine
2017-05-05:	The temptation of a Ryzen-based machine for my next office workstation Digging into BSD's choice of Unix group for new directories and files
2017-05-04:	My views on using LVM for your system disk and root filesystem
2017-05-03:	Sometimes, `chmod` can fail for interesting reasons
2017-05-01:	When a TLS client's certificate is offered to the TLS server
2017-04-30:	Some more feelings on nondeterministic garbage collection Do we want to standardize the size of our root filesystems on servers?
2017-04-29:	Some versions of sort can easily sort IPv4 addresses into natural order
2017-04-28:	Hardware RAID and the problem of (not) observing disk IO
2017-04-27:	Understanding Git's model versus understanding its magic
2017-04-26:	Coming to a better understanding of what `git rebase` does
2017-04-24:	What we need from an Illumos-based distribution Corebird and coming to a healthier relationship with Twitter
2017-04-23:	How I rebased changes on top of other rebased changes in Git
2017-04-21:	OmniOS's (suddenly) changed future and us Link: Rob Landley's Linux Memory Management Frequently Asked Questions A surprising reason `grep` may think a file is a binary file
2017-04-20:	The big motivation for a separate `/boot` partition
2017-04-19:	Some things on how PCs boot the old fashioned BIOS way For me Chrome clearly wins over Firefox on Javascript-heavy websites
2017-04-17:	Shrinking the partitions of a software RAID-1 swap partition Link: Introduction to Certificate Transparency for Server Operators What I mostly care about for speeding up our Python programs
2017-04-16:	Migrating a separate `/boot` filesystem into the root filesystem
2017-04-14:	Planning out a disk shuffle for my office workstation Sometimes laziness doesn't pay off
2017-04-12:	On today's web, a local Certificate Authority is fairly dangerous Generating good modern self-signed TLS certificates in today's world
2017-04-10:	How TLS certificates specify the hosts they're for
2017-04-09:	A single .jar recognized as several types of malware at once
2017-04-08:	Doing things the clever way in Exim ACLs by exploiting ACL message variables Wayland is now the future of Unix graphics and GUIs
2017-04-07:	Spammers probably aren't paying any particular attention to you
2017-04-05:	Making your SMTP rejection messages be useful for you Why the modern chown command uses a colon to separate the user and group
2017-04-03:	Some DNSBL developments I've just heard about Why modules raising core exceptions mostly hurts, not helps, your users
2017-04-02:	The Spamhaus CSS includes more than dedicated spam ranges
2017-03-31:	I quite like the simplification of having OpenSSH canonicalize hostnames What I know about process virtual size versus RSS on Linux
2017-03-30:	What `top`'s `SHR` field means in quite modern Linux kernels
2017-03-29:	The work of safely raising our local `/etc/group` line length limit
2017-03-28:	What affects automatically removing old kernels on Ubuntu
2017-03-27:	Link: The Unix Heritage Society now has the 8th, 9th, and 10th editions of Research Unix We're probably going to upgrade our OmniOS servers by reinstalling them
2017-03-26:	Your exposure from retaining Let's Encrypt account keys
2017-03-24:	An odd and persistent year old phish spammer
2017-03-23:	ARM servers had better just work if vendors want to sell very many
2017-03-22:	Setting the `root` login's 'full name' to identify the machine that sent email Making sure you can identify what machine sent you a status email
2017-03-20:	Modern Linux kernel memory allocation rules for higher-order page requests My theory on why Go's `gofmt` has wound up being accepted
2017-03-19:	Using Firefox's userContent.css for website-specific fixes
2017-03-18:	Part of why Python 3.5's `await` and `async` have some odd usage restrictions
2017-03-17:	Overcommitting virtual memory is perfectly sensible
2017-03-16:	How we can use `yield from` to implement coroutines
2017-03-15:	Sorting out Python generator functions and `yield from` in my head
2017-03-13:	OpenSSH's `IdentityFile` directive only ever adds identity files (as of 7.4) What should it mean for a system call to time out?
2017-03-12:	CSS, <pre>, and trailing whitespace lead to browser layout weirdness
2017-03-11:	Your live web server probably has features you don't know about
2017-03-10:	Malware is sometimes sent through organized, purchased infrastructure
2017-03-09:	I wish you could whitelist kernel modules, instead of blacklisting them
2017-03-08:	An AMD Ryzen is unlikely to be my next desktop's CPU
2017-03-06:	Modern X Windows can be a very complicated environment
2017-03-05:	Why I (as a sysadmin) reflexively dislike various remote file access tools for editors
2017-03-04:	Should you add MX entries for hosts in your (public) DNS?
2017-03-03:	Why exposing only blocking APIs are ultimately a bad idea Some notes on ZFS per-user quotas and their interactions with NFS
2017-03-01:	Cheap concurrency is an illusion (at least on Unix)
2017-02-28:	Using Certificate Transparency to monitor your organization's TLS activity
2017-02-27:	The conflict between wildcard TLS certificates and Certificate Transparency
2017-02-26:	In Python, strings are infinitely recursively iterable How recursively flattening a list raises a Python type question
2017-02-25:	A single email message with quite a lot of different malware
2017-02-24:	What an actual assessment of Ubuntu kernel security updates looks like How ZFS bookmarks can work their magic with reasonable efficiency
2017-02-22:	ZFS bookmarks and what they're good for Sometimes it can be hard to tell one cause of failure from another
2017-02-20:	Some notes on moving a software RAID-1 root filesystem around (to SSDs) Some views on the Corebird Twitter client
2017-02-19:	Using `pup` to deal with Twitter's increasing demand for Javascript
2017-02-17:	`robots.txt` is a hint and a social contract between sites and web spiders Sometimes, firmware updates can be a good thing to do
2017-02-16:	Waiting for a specific wall-clock time in Unix
2017-02-15:	Another risk of hardware RAID controllers is the manufacturer vanishing
2017-02-14:	Does CR LF as a line ending cause extra problems with buffers?
2017-02-13:	What file types we see inside singleton nested zipfiles in email
2017-02-12:	I'm too much of a perfectionist about contributing to open source projects
2017-02-11:	Different ways you can initialize a RAID-[567+] array
2017-02-10:	Python won't (and can't) import native modules from zip archives
2017-02-09:	Malware strains may go away sometimes, but they generally come back
2017-02-08:	How to see and flush the Linux kernel NFS server's authentication cache
2017-02-06:	Systemd's slowly but steadily increased idealism about the world Our advantage in reliable backups is that we get restore requests
2017-02-05:	Systemd should be better than it is, but it is still our best init system
2017-02-04:	My views on X (Windows)
2017-02-03:	What it's sensible to use a bunch of Unix swap space for
2017-02-02:	Link: Four Column ASCII Sometimes you get lucky and apparently dead disks come back to life
2017-01-31:	Email attachments of singleton nested zipfiles are suspicious
2017-01-30:	Why having CR LF as your line ending is a mistake How you can abruptly lose your filesystem on a software RAID mirror
2017-01-29:	How Unix erases things when you type a backspace while entering text
2017-01-28:	What we still use ASCII CR for today (on Unix)
2017-01-27:	Conversations, conversational units, and Twitter
2017-01-26:	Things that make Go channels expensive to implement
2017-01-25:	I think docstrings in Python are for everything, not just public things
2017-01-23:	Linux desktops and pre-packaged machines from big vendors My still-mixed feelings about Python's docstrings
2017-01-22:	An Ubuntu default Bash setup that irritates me, especially for `root`
2017-01-20:	Why tiling window managers are not really for me (on the desktop) Spam and virus filtering on email is a risk (although likely not a big one)
2017-01-19:	Thinking about how to add some SSDs on my home machine
2017-01-18:	Exim, IPv6, and hosts that MX to localhost
2017-01-17:	Making my machine stay responsive when writing to USB drives
2017-01-16:	Linux is terrible at handling IO to USB drives on my machine
2017-01-15:	Link: Let's Stop Ascribing Meaning to Code Points Some notes on 4K monitors and connecting to them
2017-01-14:	My picks for mind-blowing Git features
2017-01-13:	The ZFS pool history log that's used by '`zpool history`' has a size limit
2017-01-12:	Modern ad networks are why adblockers are so effective
2017-01-11:	ZFS's potentially very useful '`zpool history -i`' option
2017-01-10:	Picking FreeType CJK fonts for `xterm` on a modern Linux system
2017-01-09:	Making modern FreeType-using versions of `xterm` display CJK characters
2017-01-08:	One downside of a queued IO model is memory consumption for idle connections
2017-01-07:	How ready my Firefox extensions are for Firefox Electrolysis
2017-01-06:	Web adblockers and the potential for recreating the Usenet killfile problem
2017-01-05:	Mail submission by users versus by your machines
2017-01-04:	Make sure that (system) email works on every machine
2017-01-02:	Software should support configuring overall time limits ZFS may panic your system if you have an exceptionally slow IO
2016-12-31:	I wish new editors thought about their overall ecology too Ubuntu's AppArmor system is reasonably and pleasantly non-obnoxious
2016-12-30:	A few useful standard readline bindings
2016-12-29:	One reason why Go's increment and decrement statements are good to have
2016-12-28:	The HTML `IMG` attributes and styling that I think I want
2016-12-26:	A perhaps surprising consequence of `Requires` dependencies in systemd Some new-to-me Vim motion commands that I want to try to remember
2016-12-25:	What can be going on with your custom management commands in Django 1.10
2016-12-24:	I should stop reading some mailing lists during breaks and vacations
2016-12-23:	Why the `gosimple` program is great
2016-12-22:	Malware is definitely out there and it's targeting us specifically
2016-12-21:	An important little detail of our ZFS spares setup
2016-12-20:	In praise of `zpool history`
2016-12-19:	Don't assume you can renew TLS certificates whenever you want to The great thing about using Let's Encrypt is the automation
2016-12-18:	People may be accepting that security questions are a bad idea
2016-12-17:	Some conference spammers mutate to show they're definitely spammers
2016-12-15:	I now think you should have lots of Let's Encrypt accounts Understanding the Let's Encrypt authorization process
2016-12-14:	Vi, movement commands, efficiency, and me
2016-12-12:	Some of my views on Naftali Harris's 'Python 2.8' Realizing that I'm not actively attracted to FreeBSD for my desktop
2016-12-11:	Fedora has become something you can't run if security matters much
2016-12-10:	My view of using a docked laptop as my main machine
2016-12-09:	It's a good idea to test your spare disks every so often
2016-12-08:	Trailing text, a subtle gotcha with Go's `fmt.Sscanf`
2016-12-07:	One reason why user namespaces keep enabling Linux kernel security issues
2016-12-05:	My RPM build setup no longer works on Fedora for some packages One advantage of 'self-hosted' languages
2016-12-04:	Terminals are not enough (personal edition)
2016-12-03:	One reason why rogue wireless access points are a bigger risk at universities
2016-12-02:	IPv6, point to point links, and subnet lengths
2016-11-30:	I suspect that lots of IPv6 hosts won't have reverse DNS Terminals are not enough (sysadmin version)
2016-11-28:	Some thoughts about options for light Unix laptops Some impressions after a brief exposure to a Dell Chromebook 13
2016-11-27:	The Chromebook login problem
2016-11-26:	What I did to set up IPv6 on my wireless network so it really worked
2016-11-25:	Why we don't and can't use the `pam_exec` PAM module
2016-11-23:	Sometimes a little change winds up setting off a large cascade of things We may have seen a ZFS checksum error be an early signal for later disk failure
2016-11-21:	Link: RFC 6919: Further Key Words for Use in RFCs to Indicate Requirement Levels What I'd like in Illumos/OmniOS: progressive crash dumps I've wound up feeling tentatively enthusiastic about Python 3
2016-11-20:	Is it time to not have platform-dependent integer types in languages?
2016-11-19:	Why I don't think subscription-based charging gets you stability
2016-11-18:	Unix shells and the problem of too-smart autocompletion
2016-11-17:	Link: Twice the bits, twice the trouble: vulnerabilities induced by migrating to 64-bit platforms The somewhat odd subject of Django versus Python
2016-11-16:	Go's arbitrary-precision constants and cross compilation
2016-11-14:	Open source and the problem of pure maintenance
2016-11-13:	Why I believe native apps are not doomed by progressive web apps Modern shells and running shell scripts while seteuid
2016-11-11:	My view on accepting bounces and replies to your email Yahoo Groups slides further down the spam source slope
2016-11-09:	Getting a Yubikey 4 working on Ubuntu 14.04 LTS and other older Linuxes (in PIV mode) I assume that it's always possible to compromise our security somehow
2016-11-08:	Security often involves not doing things
2016-11-07:	Why we have multiple wireless networks around here The other reason why I've wound up not interested in firewall managers
2016-11-06:	Admitting that I have have a non-simple firewall setup
2016-11-05:	Web pages versus APIs, or my views on handling 'bad' requests
2016-11-04:	Caution is a mistake in modern web servers and apps
2016-11-03:	I suspect that browsers are not fully prepared for bad CAs
2016-11-01:	Encouragingly, browsers have not backed down over WoSign
2016-10-31:	DKMS kind of has a problem with its error messages Link: Linux containers in 500 lines of code Why I'm interested in nftables, the theoretical Linux iptables replacement
2016-10-30:	How modern SSH key exchange provides (strong) protection against attacks
2016-10-29:	More on SSH, public key authentication, and 'man in the middle' attacks
2016-10-28:	How I set up a DHCP client for my backup Internet connection
2016-10-26:	Why I'm unhappy with how Debian builds from source packages right now What I'm doing to use a Yubikey in Fedora 24's Cinnamon desktop environment
2016-10-24:	On classifying phish spam as malware, an update How I've wound up being one of the people who don't update IoT firmware
2016-10-23:	I should keep a released version of the Go compiler suite
2016-10-22:	The `shutdown` program on a modern systemd-based Linux system
2016-10-21:	The `shutdown` command is a relic of BSD's historical origins
2016-10-20:	I like the Python 3 string `.translate()` method
2016-10-19:	Writing in Python 3 has been a positive experience so far
2016-10-17:	Making my Yubikey work reasonably with my X screen locking
2016-10-16:	Why we care about long uptimes How I managed to shoot myself in the foot with my local DNS resolver
2016-10-15:	ZFS's 'panic on on-disk corruption' behavior is a serious flaw
2016-10-14:	Watch out for web server configurations that 'cross over' between sites
2016-10-13:	How I've set up SSH keys on my Yubikey 4 (so far)
2016-10-12:	I have yet to start using any smartphone two-factor authentication
2016-10-10:	How and why the new `iptables -w` option is such a terrible fumble The modern web is an unpredictable and strange place to develop for
2016-10-09:	What I think I want out of CPU performance in a new PC
2016-10-08:	I have a blind spot where it comes to using `chmod`'s symbolic modes
2016-10-07:	Why OmniOS boot environments don't solve our upgrade issues
2016-10-06:	How we could update our iSCSI backends and why we probably won't
2016-10-05:	Linux can be really stable under the right circumstances
2016-10-03:	My take on Git rebasing versus cherry-picking
2016-10-02:	Why I've put a Twitter client on my smartphone The MyDoom worm is still out there
2016-09-30:	Some git repository manipulations that I don't know how to do well In search of modest scale structured syslog analysis
2016-09-29:	Making `systemd-networkd` really skip trying IPv6 on your networks
2016-09-28:	Why I switched to the rc shell
2016-09-27:	Why we're going to switch from SunSSH to OpenSSH on our fileservers
2016-09-25:	How I live without shell job control A surprising benefit of command/program completion in my shell
2016-09-23:	You probably want to start using the `-w` option with `iptables` Git's selective commits plus Magit are a killer feature for me
2016-09-22:	Why we've wound up without ZFS ZILs or L2ARCs on our pools
2016-09-20:	Today I learned that you want to use `strace -fp`
2016-09-19:	A surprise with switching to holding keys in `ssh-agent` My view on spam and potential denial of service attacks on anti-spam systems
2016-09-18:	A little shift in malware packaging that I got to watch
2016-09-17:	What encoding the syslog module uses in Python 3
2016-09-16:	A shell thing: globbing operators versus expansion operators
2016-09-15:	What I did to set up IPv6 on my wireless network
2016-09-14:	When iptables SNAT and routing happens, and how this is annoying
2016-09-13:	I don't understand Linux iptables NAT as well as I should
2016-09-12:	A bunch of my sysadmin work seems to be like gardening
2016-09-11:	We're probably going to see a major Certificate Authority de-trusted
2016-09-10:	Link: Actually using ed Some notes on curating the set of CAs that Firefox trusts
2016-09-09:	Someone's exploiting Google's account recovery system to send spam
2016-09-08:	Why my smartphone is going to be an iPhone
2016-09-06:	Modules should never raise core Python exceptions
2016-09-05:	Using Magit to selectively discard changes in your git working tree An argparse limitation with `nargs="*"` and `choices=...`
2016-09-04:	What I want in Vim with the mouse (and why I don't think I can have it)
2016-09-03:	Why semantic versioning is not going to solve all our problems
2016-09-02:	Some thoughts on Python 3 module APIs and Unicode conversion errors
2016-08-31:	Python 3 module APIs and the question of Unicode conversion errors The various IDs of disks, filesystems, software RAID, LVM, et al in Linux
2016-08-30:	Bourne's `getopts` sadly makes simple shell scripts more cluttered and verbose
2016-08-29:	Phones and tablets are going to change what sort of passwords I use
2016-08-28:	My logic of blocking certain sorts of attachments outright
2016-08-26:	Why ZFS L2ARC is probably not a good fit for our setup
2016-08-25:	The single editor myth(ology)
2016-08-24:	Blindly trying to copy a web site these days is hazardous `more`, `less`, and a story of typical Unix fossilization
2016-08-23:	Link: File crash consistency and filesystems are hard Link: Git from the inside out
2016-08-22:	A belated realization about 'TLS suicide' and user CGIs et al An interesting case of NFS traffic (probably) holding a ZFS snapshot busy
2016-08-21:	My pragmatic decision on GNU Emacs versus vim for my programming
2016-08-19:	My current Go autocompletion setup in GNU Emacs Localhost is (sometimes) a network
2016-08-17:	A surprising missing Unix command: waiting until a time is reached
2016-08-16:	How you tell what signals a Linux process is ignoring
2016-08-15:	My ambivalent view on Vim superintelligence, contrasted with GNU Emacs Some options for reindenting (some of) my existing Python code
2016-08-14:	Code alone can tell you the what but it cannot tell you why
2016-08-13:	What I did to set up a wireless network and what I have left to do
2016-08-12:	I think I'm going to shift my style of Python indentation
2016-08-10:	Systemd has a problem with SATA disks behind port multipliers A look into a future where things assume you have a smartphone
2016-08-08:	I need more than one way to get on the Internet from home
2016-08-07:	Why I like the sam editor The harm that comes from ZFS not being GPL-compatible
2016-08-05:	Free software licenses are social things, not just legal ones It's likely worth re-detecting your system's sensor chips every so often
2016-08-03:	Some malware that sends interesting fake mailing list messages Containerization as the necessary end point of deployment automation
2016-08-01:	My new key binding hack for `xcape` and dmenu
2016-07-31:	I've become mostly indifferent to what language something is written in (Not) changing the stop timeout for systemd login session scopes
2016-07-30:	The perils of having an ancient `$HOME` (a yak shaving story)
2016-07-29:	My surprise problem with considering a new PC: actually building it
2016-07-28:	A bit about what we use DTrace for (and when)
2016-07-27:	When 'simple' DNS blocklists work well for you
2016-07-25:	An irritating systemd behavior when you tell it to reboot the system I should learn more about Grub2
2016-07-24:	My view on people who are assholes on the Internet
2016-07-23:	My current set of Chrome extensions (as of July 2016)
2016-07-22:	Ubuntu 16.04's irritatingly broken MySQL updates
2016-07-21:	My current set of essential extensions for Firefox profiles
2016-07-20:	Official source release builds should not abort on (compilation) warnings
2016-07-19:	How not to set up your DNS (part 23) An interesting (and alarming) Grub2 error and its cause
2016-07-17:	A good solution to our Unbound caching problem that sadly won't work DNS resolution cannot be segmented (and what I mean by that)
2016-07-16:	A caching and zone refresh problem with Unbound
2016-07-15:	Sudo and changes in security expectations (and user behaviors)
2016-07-14:	Your C compiler's optimizer can make your bad programs compile
2016-07-13:	Our central web server, Apache, and slow downloads
2016-07-12:	How we do MIME attachment type logging with Exim
2016-07-11:	Why Python can't have a full equivalent of Go's `gofmt`
2016-07-10:	Some options for logging attachment information in an Exim environment
2016-07-09:	How Exim's `${run ...}` string expansion operator does quoting
2016-07-08:	Some notes on UID and GID remapping in the Illumos/OmniOS NFS server
2016-07-06:	Keeping around an index to the disk bays on our iSCSI backends It turns out that viruses do try to conceal their ZIP files
2016-07-04:	A feature I wish the Linux NFS client had: remapping UIDs and GIDs
2016-07-03:	An irritating little bug in the latest GNU Emacs Python autoindent code
2016-07-02:	`cal`'s unfortunate problem with argument handling
2016-07-01:	How backwards compatibility causes us pain with our IMAP servers
2016-06-30:	Some advantages of using argparse to handle arguments as well as options What makes a email MIME part an attachment?
2016-06-29:	Modern DNS servers (especially resolvers) should have query logging
2016-06-27:	Today's lesson on the value of commenting your configuration settings If you send email, don't expect people to help you with abuse handling
2016-06-26:	How not to maintain your DNS (part 22)
2016-06-25:	What Python 3 versions Django supports, and when this changes
2016-06-24:	Our new plan for creating our periodic long term backups
2016-06-22:	I need to cultivate some new coding habits for Python 3 ready code Moving from Python 2 to Python 3 calls for a code inventory
2016-06-20:	A tiny systemd convenience: it can reboot the system from RAM alone
2016-06-19:	A lesson to myself: know your emergency contact numbers Why ZFS can't really allow you to add disks to raidz vdevs
2016-06-18:	It's easier to shrink RAID disk volumes than to reshape them
2016-06-17:	Why you can't remove a device from a ZFS pool to shrink it
2016-06-15:	How (some) syndication feed readers deal with HTTP to HTTPS redirections ZFS on Linux has just fixed a long standing little annoyance
2016-06-14:	Some notes on how `xdg-open` picks which web browser to use How `xdg-mime` searches for MIME type handlers (more or less)
2016-06-12:	There are (at least) two sorts of DNS blocklists Some notes on adding exposed statistics to a (Go) program
2016-06-11:	I accept that someday I'll give up MH and move to IMAP mail clients
2016-06-10:	An email mistake I've made as a long-term university sysadmin
2016-06-09:	My concern about the potential dominance of the mobile web
2016-06-08:	How dominant is the mobile web (versus the desktop web)?
2016-06-06:	My views of Windows 10 (from the outside) I work in what is increasingly a pretty different sysadmin environment
2016-06-05:	My approach for inspecting Go error values
2016-06-04:	The (Unix) shell is not just for running programs
2016-06-03:	One thing that makes the Bourne shell an odd language
2016-06-02:	Spammers can abandon SMTP connections not infrequently
2016-05-31:	Understanding the modern view of security
2016-05-30:	The browser security dilemma 'Command line text editor' is not the same as 'terminal-based text editor'
2016-05-29:	What does 'success' mean for a research operating system?
2016-05-28:	A problem with using old OmniOS versions: disconnection from the community
2016-05-27:	Your overall anti-spam system should have manual emergency blocks
2016-05-26:	Why SELinux is inherently complex
2016-05-25:	SELinux is beyond saving at this point
2016-05-23:	How fast fileserver failover could matter to us
2016-05-22:	Our problem with OmniOS upgrades: we'll probably never do any more My view of Barracuda's public DNSBL
2016-05-21:	Please stop the Python 2 security scaremongering
2016-05-20:	Some notes on abusing the `pexpect` Python module
2016-05-19:	Some basic data on the hit rate of the Spamhaus DBL here
2016-05-18:	Go does not have atomic variables, only atomic access to variables
2016-05-16:	A quick trick: using Go `struct`s to create namespaces Discovering my personal limit on how much I care about security
2016-05-15:	It's time for me to upgrade my filtering HTTP proxy
2016-05-14:	IPv6 is the future of the Internet
2016-05-13:	You can call `bind()` on outgoing sockets, but you don't want to
2016-05-11:	We're never going to be able to have everyone use two factor authentication The difference between 'Delete' and 'Destroy' in X window managers
2016-05-09:	An Apache trick: using directories to create redirections You can't use `expvar.Func` to expose a bunch of expvar types
2016-05-08:	Issues in fair share scheduling of RAM via resident set sizes
2016-05-07:	'Fair share' scheduling pretty much requires a dynamic situation
2016-05-06:	A weird little Firefox glitch with cut and paste
2016-05-04:	My annoyance with Chrome's cut and paste support under X The better way to clear SMART disk complaints, with safety provided by ZFS
2016-05-02:	How I think you set up fair share scheduling under systemd The state of supporting many groups over NFS v3 in various Unixes
2016-04-30:	I should keep and check notes even on my own little problems A story of the gradual evolution of network speeds without me noticing
2016-04-29:	You should plan for your anti-spam scanner malfunctioning someday
2016-04-28:	You should probably track what types of files your users get in email
2016-04-26:	How 'there are no technical solutions to social problems' is wrong Bad slide navigation on the web and understanding why it's bad
2016-04-25:	Why you mostly don't want to do in-place Linux version upgrades
2016-04-24:	Why we have CentOS machines as well as Ubuntu ones
2016-04-23:	Why I think Illumos/OmniOS uses PCI subsystem IDs
2016-04-22:	What Illumos/OmniOS PCI device names seem to mean
2016-04-20:	A brief review of the HP three button USB optical mouse How to get Unbound to selectively add or override DNS records
2016-04-19:	Today's odd spammer behavior for sender addresses
2016-04-18:	Why your Apache should have mod_status configured somewhere
2016-04-17:	Why Unix needs a standard way to deal with the file durability problem
2016-04-16:	Why I think Let's Encrypt won't be a threat to commercial CAs for now
2016-04-15:	Unbound illustrates the Unix manpage mistake with its ratelimits documentation
2016-04-14:	Unix's file durability problem
2016-04-13:	How I'm trying to do durable disk writes here on Wandering Thoughts
2016-04-12:	There's a spectrum of 'pets versus cattle' in servers
2016-04-11:	Why I don't use HTTP Key Pinning and I'm not likely to any time soon
2016-04-10:	SPF is not a security feature, as it solves the wrong problem
2016-04-09:	Why your Ubuntu server stalls a while on boot if networking has problems
2016-04-08:	How to shoot yourself in the foot with `/etc/network/interfaces` on Ubuntu
2016-04-06:	What is behind Unix's 'Text file is busy' error How options in my programs conflict, and where argparse falls short
2016-04-05:	Some notes on Go's expvar package
2016-04-04:	The three types of challenges that Let's Encrypt currently supports
2016-04-03:	Let's Encrypt certificates can be used for more than HTTPS
2016-04-01:	A surprise to watch out for with Go's expvar package (in expvar.Var)
2016-03-31:	My initial experience of using NSD as a simple authoritative DNS server
2016-03-30:	I've now used Python's argparse module and I like it My view of Debian's behavior on package upgrades with new dependencies
2016-03-28:	An awkward confession and what we should do about it Why I don't think upgrading servers would save us much power
2016-03-27:	The limits of open source with Illumos and OmniOS
2016-03-26:	The sensible update for my vintage 2011 home machine
2016-03-25:	There's a relationship between server utilization and server lifetime
2016-03-23:	How old our servers are (as of 2016) Wayland and graphics card uncertainty
2016-03-21:	Current PC technology churn that makes me reluctant to think about a new PC When you want non-mutating methods in Go
2016-03-20:	What broad hit rate the Spamhaus DBL might get for us
2016-03-18:	The Spamhaus DBL does get hits even with basic checks Some things I believe about importance and web page design
2016-03-16:	How '`from module import ...`' is not doing what you may expect I wish I could split up code more easily in Python
2016-03-14:	An additional small detail of how writes work on ZFS raidzN pools How RPM handles configuration files, both technically and socially
2016-03-13:	I've started using the Firefox addon Self-Destructing Cookies for some stuff
2016-03-11:	Why it's irritating when Ubuntu packages don't include their configuration files I need to use `getopts` sooner (and more often) in Bourne shell scripts
2016-03-09:	A sensible surprise (to me) in the Bourne shell's expansion of `"$@"` Some thoughts on ways of choosing what TLS ciphers to support
2016-03-07:	Why it makes sense for `true` and `false` to ignore their arguments Apt-get and its irritating lack of easy selective upgrades
2016-03-06:	Firefox addons seem unfortunately prone to memory leaks
2016-03-05:	What happens when a modern Linux system boots without `/bin/sh`
2016-03-04:	Some notes on supporting readline (tab) completion in your Python program
2016-03-03:	My views on clients for Lets Encrypt
2016-03-02:	Some notes on OpenSSH's optional hostname canonicalization
2016-02-29:	Turning over a rock on some weird HTTP requests to our web server Sometimes, doing a bunch of programming can be the right answer
2016-02-28:	The status of null-sender spam from outlook.com
2016-02-27:	Link: A Short History Of Removable Media Behind The Iron Curtain Sometimes brute force is the answer, Samba edition
2016-02-26:	Our problem with iSCSI connections at boot on OmniOS
2016-02-24:	Mozilla, Symantec, SHA-1 certificates, and the balance of power I'm often an iterative and experimental programmer
2016-02-22:	We've permanently disabled overlayfs on our servers The university's coordination problem
2016-02-21:	Why the Ubuntu package update process makes me irritated
2016-02-20:	My two usage cases for Let's Encrypt certificates
2016-02-19:	We can't use Let's Encrypt on our production systems right now
2016-02-18:	Two models of dealing with cookies in Firefox with addons
2016-02-17:	The many load averages of Unix(es)
2016-02-16:	Whether or not to use cgo for Go packages, illustrated in a dilemma
2016-02-15:	SMTP submission ratelimits should have delays too
2016-02-14:	Your outgoing mail system should have a per-sender stop switch
2016-02-12:	We need to deploy anti-spam precautions even if they're a bit imperfect Adding a new template filter in Django 1.9, and a template tag annoyance
2016-02-11:	My current views on using OpenSSH with CA-based host and user authentication
2016-02-10:	The fundamental practical problem with the Certificate Authority model
2016-02-08:	Old Unix filesystems and byte order Clearing SMART disk complaints, with safety provided by ZFS
2016-02-07:	Your SSH keys are a (potential) information leak
2016-02-06:	You can have many matching stanzas in your `ssh_config`
2016-02-05:	Some notes on SMF manifests (on OmniOS) and what goes in them
2016-02-03:	Django, the `timesince` template filter, and non-breaking spaces You aren't entitled to good errors from someone else's web app
2016-02-02:	A justification for some odd Linux ARP behavior
2016-01-31:	One thing I don't like about Fedora is slow security updates The tradeoffs of having `ssh-agent` hold all of your SSH keys
2016-01-30:	Some good practices for handling OpenSSH keypairs
2016-01-29:	What SSH identities will be offered to a remote server and when
2016-01-28:	Modern Django makes me repeat myself in the name of something
2016-01-26:	Why my home backup situation is currently a bit awkward Low level issues can have quite odd high level symptoms (again)
2016-01-25:	A Python wish: an easy, widely supported way to turn a path into a module
2016-01-24:	Hostile HTTPS interception on the modern web is now increasingly costly and risky
2016-01-22:	Browsers are increasingly willing to say no to users over HTTPS issues Memory-safe languages and reading very sensitive files
2016-01-21:	One example of why I like ZFS on Linux
2016-01-20:	Illumos's ZFS prefetching has recently become less superintelligent than it used to be
2016-01-18:	Today I learned that a syslog server can be very silent on the network A limitation of `tcpdump` is that you can't tell in from out
2016-01-17:	My theory on how network loop caused the problem we observed
2016-01-15:	Network loops can have weird effects (at least sometimes) Things I learned from OpenSSH about reading very sensitive files
2016-01-13:	What I want out of backups for my home machine (in the abstract) Your system's performance is generally built up in layers
2016-01-11:	The drawback of setting an explicit mount point for ZFS filesystems The benefits of flexible space usage in filesystems
2016-01-10:	Updating software to IPv6 is often harder than you might think
2016-01-09:	The convenience of having keyboard controls for sound volume
2016-01-08:	Getting to watch a significant spam campaign recently
2016-01-07:	The format of strings in early (pre-C) Unix
2016-01-06:	A fun Bash buffering bug (apparently on Linux only)
2016-01-05:	Illumos's problem with its VCS commit messages
2016-01-04:	How I do per-address blocklists with Exim
2016-01-03:	One anti-spam thing I like is per-person (or per-address) blocklists
2016-01-02:	I've realized I need to change how I read Twitter
2015-12-31:	A defense of C's null-terminated strings How I've wound up taking my notes
2015-12-30:	Some notes on entering unusual characters in various X applications
2015-12-29:	Take notes when (and as) you do things and keep them
2015-12-28:	The limits of what ZFS scrubs check
2015-12-27:	A confession: I find rejecting spam at SMTP time to be more satisfying
2015-12-26:	Adjusting mouse sensitivity on Linux, and why you might want to
2015-12-25:	I like Magit, the GNU Emacs package for Git
2015-12-24:	There is a surprising amount of old SSL code in running MTAs
2015-12-23:	Where cryptographic hashes come into TLS certificates
2015-12-21:	Some opinions on how package systems should allow you to pin versions The Apache mod_qos module worked for us
2015-12-20:	There are three places spam filtering can happen these days
2015-12-18:	A fun tale of network troubleshooting involving VLANs and MACs Some things about the XSettings system
2015-12-17:	Fixing the GTK UI font in my Fedora 23 setup
2015-12-16:	I just had another smooth Fedora version upgrade with ZFS on Linux
2015-12-14:	Some things that force Go to call the C library for name resolution on Linux Getting xterm and modern X applications to do cut and paste together
2015-12-13:	I still believe in shimming modules for tests
2015-12-12:	My views on the choice of Linux distribution
2015-12-11:	The ArchLinux wiki has quietly become a good resource for me
2015-12-09:	Goroutines, network IO streams, and the resulting synchronization problem A surprise about cryptographic signatures
2015-12-07:	What I like web templating languages for The old-fashioned and modern ways to remap keys in X (some notes)
2015-12-06:	The (peculiar) freedom of having a slow language
2015-12-05:	The details behind `zpool list`'s new fragmentation percentage
2015-12-04:	One limit to how much TLS can do for you against MITM attacks
2015-12-02:	What `zpool list`'s new FRAG fragmentation percentage means
2015-12-01:	Red Hat has really doubled down on being email spammers
2015-11-30:	My current dilemma: is it worth putting the root filesystem on a SSD A new piece of my environment: `xcape`, an X modifier key modifier
2015-11-29:	My feelings about my mechanical mini keyboard
2015-11-27:	Documentation should explain why things are security issues, at least briefly A thought on the apparent popularity of new static typing languages
2015-11-26:	Some notes on Apache's suexec
2015-11-25:	Why speeding up (C)Python matters
2015-11-23:	PC laptop and desktop vendors are now clearly hostile parties Why I care about how fast CPython is
2015-11-22:	I should find some good small packages for templates and forms for CGIs
2015-11-21:	What I think I want out of autocompletion in GNU Emacs (for Go coding)
2015-11-20:	What modern version control systems are
2015-11-18:	VCS bisection steps should always be reversible Increasingly, I no longer solidly and fully know Python
2015-11-16:	On public areas on the Net and conversations therein The problems with creating a new template language
2015-11-15:	I should remember that I can cast things in Go
2015-11-14:	ZFS pool import needs much better error messages
2015-11-13:	We killed off our SunSolve email contact address yesterday
2015-11-12:	Don't have support registrations in the name of a specific sysadmin
2015-11-11:	No new web templating languages; use an existing one
2015-11-10:	Why I spent a lot of time agonizing over an error message recently
2015-11-09:	What sysadmins want out of logging means that it can't be too simple
2015-11-08:	The great Delete versus Backspace split
2015-11-07:	Why I (still) care about SELinux and its flaws
2015-11-06:	Revisiting a bit of my X keymapping history
2015-11-04:	SELinux's usability, illustrated once again Outlook.com now has collected some SBL listings
2015-11-02:	When setting up per-thing email addresses, make sure you can turn them off Status reporting commands should have script-oriented output too
2015-10-31:	One advantage of System V is that it was available In practice, anything involving the JVM is often a heavyweight thing
2015-10-30:	My discovery that the USB mouse polling rate matters
2015-10-29:	USB mouse polling rates under Linux
2015-10-28:	System V was kind of backwards for a long time
2015-10-27:	Some theories about what spammers get out of using null sender addresses
2015-10-26:	The null sender spammers now seem to be entrenched on outlook.com
2015-10-25:	More on `chroot()`'s history, and my blind spot about System III
2015-10-24:	How my PS/2 to USB conversion issues have shaken out
2015-10-23:	Perhaps it's a good idea to reboot everything periodically
2015-10-22:	CPython's trust of bytecode is not a security problem
2015-10-21:	Python bytecode is quite heavily trusted by CPython
2015-10-20:	Why I never tell people how I voted
2015-10-19:	Installing and pinning specific versions of OmniOS packages
2015-10-18:	In Go, `unsafe.Pointer` is a built in type in the compiler
2015-10-17:	Do generic stock servers have a future in a cloud world?
2015-10-16:	Inside a Go 'terrible hack' in the `reflect` package
2015-10-15:	Some notes on finding package versions in OmniOS with `pkg`
2015-10-14:	OS installers should be easy to open up and modify
2015-10-13:	Why I've come to really like git
2015-10-12:	Why we hold kernels and other packages on our Ubuntu machines
2015-10-11:	Bad news about how we detect and recover from NFS server problems
2015-10-09:	How much space ZFS reserves in your pools varies across versions Our low-rent approach to verifying that NFS mounts are there
2015-10-08:	Why you (probably) want to have blog categories (and topics and more)
2015-10-07:	The irritation of all of the Ubuntu kernels you wind up with
2015-10-05:	How many recent sender domains are in the Spamhaus DBL I don't trust Linux distributions to leave directories alone
2015-10-04:	There's no point in multiple system filesystems any more
2015-10-03:	There are two approaches to disaster recovery plans
2015-10-02:	What creates a good wikitext dialect depends on how it's going to be used
2015-09-30:	There are good and bad wikitext dialects Why I can't see IPv6 as a smooth or fast transition
2015-09-29:	Maybe I should try to find another good mini keyboard
2015-09-28:	On not having people split their time between different bosses
2015-09-27:	Wikitext not having errors creates a backtracking problem
2015-09-26:	I've decided I'll port DWiki to Python 3, but not any time soon
2015-09-25:	Do we want to continue using a SAN in our future fileserver design?
2015-09-24:	We're probably going to need new Linux iSCSI target software
2015-09-23:	One thing I'm hoping for in our third generation fileservers
2015-09-22:	The Go 'rolling errors' pattern, in function call form
2015-09-21:	When `chroot()` started to confine processes inside the new root
2015-09-20:	Spam from outlook.com has gotten worse (well, for me)
2015-09-19:	Experimenting with Firefox's 'Reader' mode (or view)
2015-09-18:	Modern Linux laptop suspending and screenlocking makes me twitch
2015-09-17:	We know what you are
2015-09-16:	There are two different scenarios for replacing disks in a RAID
2015-09-14:	A caution about cgo's error returns for errno Tweaking code when I'm faced with the urge to replace it entirely
2015-09-13:	I should have started blocking web page elements well before now
2015-09-12:	How NFS deals with the pending delete problem
2015-09-11:	ZFS scrub rates, speeds, and how fast is fast
2015-09-10:	Changing kernel tunables can drastically speed up ZFS scrubs
2015-09-09:	Some notes on my experience using Go's cgo system
2015-09-08:	How we disable accounts here (and why)
2015-09-07:	Getting `gocode` based autocompletion working for Go in GNU Emacs Why we wind up deleting user accounts
2015-09-06:	Optimizing finding unowned files on our ZFS fileservers
2015-09-05:	Why we aren't tempted to use ACLs on our Unix machines
2015-09-04:	Consistency and durability in the context of filesystems
2015-09-03:	How I've decided to coordinate multiple git repos for a single project
2015-09-02:	Thinking about the different models of supplying computing
2015-08-31:	CGo's Go string functions explained Turning, well copying blobs of memory into Go structures
2015-08-30:	Getting C-compatible `struct`s in Go with and for cgo
2015-08-29:	The mailing list thread to bug tracking system problem
2015-08-28:	The somewhat surprising history of `chroot()`
2015-08-27:	Some notes on using Solaris kstat(s) in a program
2015-08-26:	Why I wind up writing my own (sysadmin) tools
2015-08-25:	One view on practical blockers for IPv6 adoption
2015-08-24:	PS/2 to USB converters are complex things with interesting faults
2015-08-23:	I think you should get your TLS configuration advice from Mozilla
2015-08-21:	What surprised me about the Python assignment puzzle What's going on with a Python assignment puzzle
2015-08-20:	Using abstract namespace Unix domain sockets and `SO_PEERCRED` in Python
2015-08-19:	Linux's abstract namespace for Unix domain sockets
2015-08-17:	Getting `dd`'s `skip` and `seek` straight once and for all Why languages like 'declare before use' for variables and functions
2015-08-16:	My irritation with Intel's CPU segmentation (and why it probably exists)
2015-08-15:	Spam scoring systems are often not deliberately designed
2015-08-14:	My current views on using DomainKeys (DKIM) here
2015-08-13:	Enabling services on package updates is a terrible mistake
2015-08-12:	What common older versions of `free` are telling you
2015-08-11:	What `free` is really telling you, and some bits from `/proc/meminfo`
2015-08-10:	My irritation with '`systemctl status`'
2015-08-09:	One potential problem with cloud computing for us is the payment model
2015-08-08:	The ARC now seems to work right in ZFS on Linux
2015-08-07:	One thing I now really want in ZFS: faster scrubs (and resilvers)
2015-08-06:	Two factor authentication and emergency access to systems
2015-08-05:	What I want out of two factor authentication for my own use
2015-08-04:	A lesson to myself: commit my local changes in little bits
2015-08-03:	Running Fedora 22's `dnf` as a normal user versus as root
2015-08-02:	My view on the potential death of the ad-supported web
2015-07-31:	The future problem with Firefox's Electrolysis project Ubuntu once again fails at a good kernel security update announcement
2015-07-29:	My workflow for testing Github pull requests A cynical view on needing SSDs in all your machines in the future
2015-07-28:	Why I still report bugs
2015-07-27:	Spammers mine everything, Github edition
2015-07-26:	Why I increasingly think we're unlikely to ever use Docker
2015-07-25:	Everything that does TLS should log the SSL parameters used
2015-07-24:	Fedora 22's problem with my scroll wheel
2015-07-22:	A modest little change I'd like to see in bug reporting systems Some thoughts on log rolling with date extensions
2015-07-20:	My brush with the increasing pervasiveness of smartphone GPS mapping The OmniOS kernel can hold major amounts of unused memory for a long time
2015-07-19:	'Retail' versus 'wholesale' spam
2015-07-18:	Some data on how long it is between fetches of my Atom feed
2015-07-17:	Your standard input is a tty in a number of surprising cases
2015-07-15:	Eating memory in Python the easy way Mdb is so close to being a great tool for introspecting the kernel
2015-07-14:	Don't support shortened versions of your domain names in email addresses
2015-07-13:	My personal view of OpenBSD
2015-07-12:	A Linux software RAID message flood
2015-07-11:	OpenBSD and the impact of culture
2015-07-10:	What SSH keys in your .ssh/config will be offered to servers
2015-07-09:	When SSH needs you to decrypt your keys
2015-07-08:	Making GTK applications in alternate locations, settings edition
2015-07-07:	The Git 'commit local changes and rebase' experience is a winning one
2015-07-06:	My Django form field validation and cleanup pain
2015-07-05:	Sysadmin use of email is often necessarily more or less interrupt driven
2015-07-04:	Googlebot and Feedfetcher are still aggressively grabbing syndication feeds
2015-07-03:	Wandering Thoughts is now ten years old Some notes on my 'commit local changes and rebase' Git workflow
2015-07-02:	Some thoughts on Go compiler directives being in source comments
2015-06-30:	My early impressions of Fedora 22, especially of DNF The probable and prosaic explanation for a `socket()` API choice
2015-06-29:	BSD Unix developed over more time than I usually think
2015-06-28:	Faster SSDs matter to companies because they sell things
2015-06-27:	The next (or coming) way to connect SSDs to your system
2015-06-26:	The status of our problems with overloaded OmniOS NFS servers
2015-06-25:	Multiple set matches with Linux's iptables 'ipset' extension
2015-06-24:	I've finally turned SELinux fully off even on my laptop
2015-06-23:	A Bash `test` limitation and the brute force way around it
2015-06-22:	Modern *BSDs have a much better init system than I was expecting
2015-06-21:	Why System V init's split scripts approach is better than classical BSD
2015-06-20:	Thinking about people's SSD inflection points in general
2015-06-19:	Sometimes looking into spam for a blog entry has unexpected benefits
2015-06-18:	The cost of OmniOS not having `/etc/cron.d`
2015-06-17:	Exploring the irritating thing about Python's `.join()`
2015-06-16:	NFS writes and whether or not they're synchronous
2015-06-15:	My view of NFS protocol versions
2015-06-14:	What I plug into my home Linux machine as far as peripherals go
2015-06-12:	My pragmatic view of HTTPS versus caching Red Hat are marketing email spammers now (in the traditional way)
2015-06-11:	HTTP should be dropped even as a pure Internet transport mechanism
2015-06-10:	My pragmatic view on switching to HTTPS and TLS everywhere
2015-06-09:	How I use virtual screens in my desktop environment
2015-06-08:	Exceptions as aggregators of error handling
2015-06-07:	You won't get people off Python 2 by making their lives worse
2015-06-06:	The security danger of exploitable bugs in file format libraries
2015-06-05:	My current views on Rust (the programming language)
2015-06-04:	Linux evolution through de facto quiet standards
2015-06-03:	What makes for a simple web application environment
2015-06-01:	The problem with 'what is your data worth?'
2015-05-31:	Unix has been bad before My view of setting up sane web server application delegations
2015-05-30:	What I'm doing in reaction to Logjam (for HTTPS, SSH, and IKE)
2015-05-29:	I don't commit changes in my working repos
2015-05-28:	I don't find Github pull requests an easy way to submit patches
2015-05-27:	The impact on you of making 'bad' bug reports
2015-05-25:	One of the problems with 'you should submit a patch' Email providers cannot stop spam by scanning outgoing email
2015-05-24:	A mod_wsgi problem with serving both HTTP and HTTPS from the same WSGI app
2015-05-23:	The right way for your WSGI app to know if it's using HTTPS
2015-05-22:	Unsurprisingly, Amazon is now running a mail spamming service
2015-05-21:	It's time for me to stop using lighttpd
2015-05-20:	On the modern web, ISPs are one of your threats
2015-05-19:	Converting filesystems from ext3 to ext4, and concerns attached to it (plus bad news for me)
2015-05-17:	Why I'm interested in converting my ext3 filesystems to ext4 A bit more on the ZFS delete queue and snapshots
2015-05-15:	Your Illumos-based NFS fileserver may be 'leaking' deleted files The ZFS delete queue: ZFS's solution to the pending delete problem The pending delete problem for Unix filesystems
2015-05-14:	In Go, you need to always make sure that your goroutines will finish
2015-05-13:	Go goroutines as a way to capture and hold state
2015-05-12:	It's time to stop coddling software that can't handle HTTPS URLs
2015-05-11:	The problem with proportional fonts for editing code and related things
2015-05-10:	Our mail submission system winds up handling two sorts of senders
2015-05-09:	What addresses we accept and reject during mail submission
2015-05-08:	Sometimes it's useful to have brute force handy: an amusing IPMI bug
2015-05-06:	Why keeping output to 80 columns (or less) is still sensible Unix's pipeline problem (okay, its problem with file redirection too)
2015-05-04:	Monitoring tools should report timestamps (and what they're monitoring) What I want to have in shell (filename) completion
2015-05-03:	Sometimes knowing causes does you no good (and sensible uses of time)
2015-05-02:	OmniOS as a NFS server has problems with sustained write loads
2015-04-30:	I'm considering ways to mass-add URLs to Firefox's history database Why I have a perpetual browser history
2015-04-29:	The '`EHLO ylmf-pc`' plague of SMTP authentication guessers
2015-04-28:	There's no portable way to turn a file descriptor read only or write only
2015-04-27:	The fading out of tcpwrappers and its idea
2015-04-26:	My complicated feelings on abandoning old but good code
2015-04-25:	I'm still running a twelve year old Python program
2015-04-24:	A DKMS problem I had with lingering old versions
2015-04-23:	Upgrading machines versus reinstalling them
2015-04-22:	Don't make `/opt` a filesystem on OmniOS (or probably Illumos generally)
2015-04-20:	I don't think I'm interested in containers An interesting trick for handling line numbers in little languages
2015-04-19:	A potential path to IPv6 (again), but probably not a realistic one today
2015-04-18:	A core problem of IPv6 adoption is the lack of user benefits
2015-04-17:	In practice, programmers mostly understand complexity by superstition
2015-04-16:	Are Python dictionaries necessarily constant-time data structures?
2015-04-15:	Illusory security is terrible and is worse than no security
2015-04-14:	Allowing people to be in more than 16 groups with an OmniOS NFS server
2015-04-12:	One speed limit on your ability to upgrade your systems Spam victims don't care what business unit is responsible for the spam
2015-04-10:	I wish systemd would get over its thing about syslog My Firefox 37 extensions and addons (sort of)
2015-04-09:	Probably why Fedora puts their release version in package release numbers
2015-04-08:	Your entire download infrastructure needs to use HTTPS
2015-04-07:	How Ubuntu and Fedora each do kernel packages
2015-04-06:	What adblockers block
2015-04-05:	A note on the argument about the 'morality' of adblockers
2015-04-04:	An important note if you want to totally stop an IKE IPSec connection A weird new IKE IPSec problem that I just had on Fedora 21's latest kernel
2015-04-03:	Understanding the (original) meaning of Unix load average
2015-04-02:	When the Unix load average was added to Unix
2015-03-31:	Btrfs's mistake in limiting itself to two-way mirroring
2015-03-30:	My preliminary views on `mosh` The 'cattle' model for servers is only a good fit in certain situations
2015-03-29:	SSH connection sharing and erratic networks
2015-03-28:	All browsers need a (good) way to flush memorized HTTP redirects
2015-03-27:	Looking more deeply into some SMTP authentication probes
2015-03-26:	Why systemd should have ignored SysV init script LSB dependencies
2015-03-25:	A significant amount of programming is done by superstition
2015-03-24:	What is and isn't a bug in software
2015-03-23:	Systemd is not fully backwards compatible with System V init scripts
2015-03-22:	I now feel that Red Hat Enterprise 6 is okay (although not great)
2015-03-21:	Spammers show up fast when you open up port 25 (at least sometimes)
2015-03-20:	Unix's mistake with `rm` and directories
2015-03-19:	A brief history of fiddling with Unix directories
2015-03-18:	The real speed advantage static rendering has over dynamic rendering
2015-03-16:	Solving our authenticated SMTP problem by rethinking it Our difficulties with OmniOS upgrades
2015-03-15:	The importance of user interface, illustrated by the Go flag package
2015-03-14:	Using an automounter doesn't always help with bad NFS servers
2015-03-13:	The puzzle of packets to your host that your host doesn't respond to
2015-03-12:	My feelings about GRUB 1 versus GRUB 2
2015-03-11:	The irritation of being told 'everyone who cares uses ECC RAM'
2015-03-10:	Why installing packages is almost always going to be slow (today)
2015-03-09:	I should document my test plans and their results
2015-03-08:	Why ZFS's 'directory must be empty' mount restriction is sensible
2015-03-06:	Our brute force solution for port isolation without port isolated switches The simple way CPython does constant folding
2015-03-05:	An interesting excursion with Python strings and `is`
2015-03-04:	What creates inheritance?
2015-03-03:	The latest `xterm` versions mangle `$SHELL` in annoying ways
2015-03-02:	My view of the difference between 'pets' and 'cattle'
2015-02-28:	Sometimes why we have singleton machines is that failover is hard
2015-02-27:	Email from generic word domains is usually advance fee fraud spam What limits how fast we can install machines
2015-02-25:	My current issues with systemd's networkd in Fedora 21 My Linux container temptation: running other Linuxes
2015-02-24:	How we do and document machine builds
2015-02-23:	In shell programming, I should be more willing to write custom tools
2015-02-22:	Unsurprisingly, random SMTP servers do get open relay probes
2015-02-21:	It turns out that I routinely use some really old Linux binaries
2015-02-20:	All of our Solaris 10 machines are now out of production
2015-02-19:	Exploiting Python metaclasses to forbid subclassing and where it fails
2015-02-18:	I wish Python didn't allow any callable to be a 'metaclass'
2015-02-17:	Your example code should work and be error-free
2015-02-16:	Web ads considered as a security exposure
2015-02-15:	My current views on Firefox adblocker addons
2015-02-14:	Planning ahead in documentation: kind of a war story
2015-02-13:	The technical side of Python metaclasses (a pointer)
2015-02-11:	Good technical writing is not characterless and bland ZFS can apparently start NFS fileservice before boot finishes
2015-02-10:	Our ZFS fileservers have a serious problem when pools hit quota limits
2015-02-09:	'Inbox zero' doesn't seem to work for me but it's still tempting
2015-02-08:	The history of commercial Unix and my pragmatism
2015-02-07:	Trying to move towards Ed25519 OpenSSH host keys: a stumbling block
2015-02-06:	A thought on containerization, isolation, and deployment
2015-02-05:	All of our important machines are pets and special snowflakes
2015-02-04:	How our console server setup works
2015-02-03:	Why we've wound up moving away from serial consoles on our machines
2015-02-02:	Why people were enthused about gcc early on in its life
2015-01-31:	The problem with punishing people over policy violations Upgrades and support periods
2015-01-30:	I've come to believe Django's way of defining database tables is wrong
2015-01-29:	The practical result of OpenBSD's support policy
2015-01-28:	A thought about social obligations to report bugs
2015-01-27:	Our current email anti-virus system is probably ineffective now
2015-01-26:	Some notes on keeping up with Go packages and commands
2015-01-25:	The long term problem with ZFS on Linux is its license
2015-01-24:	Web applications and generating alerts due to HTTP requests
2015-01-23:	A problem with `gnome-terminal` in Fedora 21, and tracking it down
2015-01-22:	How to set up static networking with `systemd-networkd`, or at least how I did
2015-01-21:	Why I'm switching to systemd's networkd stuff for my networking
2015-01-19:	A gotcha with Python tuples Why user-hostile policies are a bad thing and a mistake
2015-01-18:	Limited retention policies for email are user-hostile
2015-01-16:	Node.js is not for me (and why) Using `systemd-run` to limit something's RAM consumption on the fly
2015-01-15:	Link: Against DNSSEC by Thomas Ptacek General ZFS pool shrinking will likely be coming to Illumos
2015-01-14:	What `/etc/shells` is and isn't
2015-01-13:	Our tradeoffs on ZFS ZIL SLOG devices for pools
2015-01-12:	I've now seen comment spam attempts from Tor exit nodes
2015-01-11:	The effects of losing a ZFS ZIL SLOG device, as I understand them
2015-01-10:	Autoplaying anything is a terrible decision, doubly so for video
2015-01-09:	Why filesystems need to be where data is checksummed
2015-01-08:	ZFS should be your choice today if you need an advanced filesystem on Unix
2015-01-07:	Forwarding access to only a subset of ssh-agent's identities
2015-01-06:	Choices filesystems make about checksums
2015-01-05:	Today on Linux, ZFS is your only real choice for an advanced filesystem
2015-01-04:	What makes a 'next generation' or 'advanced' modern filesystem, for me
2015-01-03:	The effects of our fileserver multi-tenancy
2015-01-02:	Where we have multi-tenancy in our fileserver environment
2014-12-31:	I love Apache (well, like it at least) A retrospective on my one Django web application
2014-12-30:	Somewhat to my surprise, classical viruses by email are still a thing
2014-12-29:	How I have partitioning et al set up for ZFS On Linux
2014-12-28:	How I think DNSSec will have to be used in the real world
2014-12-27:	My ZFS On Linux memory problem: competition from the page cache
2014-12-26:	My experience with ZFS on Linux: it's worked pretty well for me
2014-12-25:	DNSSec in the real world: my experience with DNSSec
2014-12-24:	The security effects of tearing down my GRE tunnel on IPSec failure
2014-12-22:	The future of OmniOS here if we can't get 10G-T working on it Why Go's big virtual size for 64-bit programs makes sense
2014-12-21:	A steady change in the source of blog comment spam attempts
2014-12-20:	Unsurprisingly, laptops make bad to terrible desktops
2014-12-19:	Our likely long road to working 10G-T on OmniOS
2014-12-17:	The potential end of public clients at the university?
2014-12-16:	Does having a separate daemon manager help system resilience?
2014-12-15:	How a Firefox update just damaged practical security Why your 64-bit Go programs may have a huge virtual size
2014-12-14:	How init wound up as Unix's daemon manager
2014-12-13:	There are two parts to making your code work with Python 3
2014-12-12:	The bad side of systemd: two recent systemd failures
2014-12-10:	What good kernel messages should be about and be like How to delay your fileserver replacement project by six months or so
2014-12-09:	Why I do unit tests from inside my modules, not outside them
2014-12-08:	Why I don't believe in generic TLS terminator programs
2014-12-07:	How we install Ubuntu machines here
2014-12-06:	Browser addons can effectively create a new browser
2014-12-05:	How security sensitive is information about your network architecture?
2014-12-04:	Log retention versus log analysis, or really logs versus log analysis
2014-12-03:	Security capabilities and reading process memory
2014-12-02:	The unreasonable effectiveness of web crawlers
2014-11-30:	You should keep your system logs for longer than you probably are TLS versions in connections to my spam-catching sinkhole SMTP server
2014-11-29:	Sometimes you need to turn things into small, readily solvable problems
2014-11-28:	How I made IPSec IKE work for a point to point GRE tunnel on Fedora 20
2014-11-26:	Using iptables to block traffic that's not protected by IPSec Using `go get` alone is a bad way to keep track of interesting packages
2014-11-25:	My Linux IPSec/VPN setup and requirements
2014-11-24:	Delays on bad passwords considered harmful, accidental reboot edition Using the SSH protocol as a secure transport protocol
2014-11-23:	I'm happier ignoring the world of spam and anti-spam
2014-11-22:	The effects of a moderate Hacker News link to here
2014-11-21:	Lisp and data structures: one reason it hasn't attracted me
2014-11-20:	Sometimes the way to solve a problem is to rethink the problem
2014-11-18:	Finding free numbers in a range, crudely, with Unix tools
2014-11-17:	Why I need a browser that's willing to accept bad TLS certificates
2014-11-16:	We've started to decommission our Solaris 10 fileservers States in a state machine aren't your only representation of state
2014-11-15:	Our current problems with 10G Intel networking on OmniOS
2014-11-14:	Sometimes there are drawbacks to replicating configuration files
2014-11-13:	I want opportunistic, identity-less encryption on the Internet
2014-11-12:	A wish: setting Python 3 to do no implicit Unicode conversions
2014-11-10:	Why I don't have a real profile picture anywhere What it took to get DWiki running under Python 3
2014-11-09:	NFS hard mounts versus soft mounts
2014-11-07:	What you're saying when you tell people to send in patches Porting to Python 3 by updating to modern Python 2
2014-11-05:	(Probably) Why Bash imports functions from the environment The weakness of doing authentication over a side channel
2014-11-03:	Hassles with getting our NFS mount authentication working on Linux What I'm worried about with retina displays on Linux
2014-11-02:	A drawback in how DWiki parses its wikitext
2014-10-31:	With ZFS, rewriting a file in place might make you run out of space A drawback to handling errors via exceptions
2014-10-29:	Quick notes on the Linux iptables 'ipset' extension Unnoticed nonportability in Bourne shell code (and elsewhere)
2014-10-28:	My current somewhat tangled feelings on `operator.attrgetter`
2014-10-27:	Practical security and automatic updates
2014-10-26:	Things that can happen when (and as) your ZFS pool fills up
2014-10-25:	The difference in available pool space between `zfs list` and `zpool list`
2014-10-24:	In Go I've given up and I'm now using standard packages
2014-10-23:	The clarity drawback of allowing comparison functions for sorting
2014-10-22:	Exim's (log) identifiers are basically unique on a given machine
2014-10-20:	Some numbers on our inbound and outbound TLS usage in SMTP Revisiting Python's string concatenation optimization
2014-10-19:	Vegeta, a tool for web server stress testing
2014-10-18:	During your crisis, remember to look for anomalies
2014-10-17:	My experience doing relatively low level X stuff in Go
2014-10-16:	Don't use `dd` as a quick version of disk mirroring
2014-10-15:	Why system administrators hate security researchers every so often
2014-10-14:	Bashisms in `#!/bin/sh` scripts are not necessarily bugs
2014-10-13:	System metrics need to be documented, not just to exist
2014-10-12:	Phish spammers are apparently exploiting mailing list software
2014-10-11:	Thinking about how to create flexible aggregations from causes
2014-10-10:	Where your memory can be going with ZFS on Linux
2014-10-09:	How `/proc/slabinfo` is not quite telling you what it looks like
2014-10-08:	Simple web application environments and per-request state
2014-10-07:	Why blocking writes are a good Unix API (on pipes and elsewhere)
2014-10-06:	Why it's sensible for large writes to pipes to block
2014-10-05:	Making bug reports is exhausting, frustrating, and stressful
2014-10-03:	Why people are almost never going to be reporting bugs upstream When using Illumos's `lockstat`, check the cumulative numbers too
2014-10-02:	The problem with making bug reports about CentOS bugs
2014-09-30:	NetworkManager and network device races Don't split up error messages in your source code
2014-09-28:	Learning a lesson about spam-related logging (again)
2014-09-27:	Changing major version numbers does not fix compatibility issues DWiki, Python 3, Python, and me
2014-09-26:	The practical problems with simple web apps that work as HTTP servers
2014-09-25:	Why CGI-BIN scripts are an attractive thing for many people
2014-09-24:	One thing I've come to dislike about systemd
2014-09-22:	Go is mostly easy to cross-compile (with notes) Another side of my view of Python 3
2014-09-21:	One reason why Go can have methods on nil pointers
2014-09-19:	My view on using VLANs for security What I mean by passive versus active init systems
2014-09-18:	Ubuntu's packaging failure with `mcelog` in 14.04
2014-09-17:	In praise of Solaris's `pfiles` command
2014-09-15:	My collection of spam and the spread of SMTP TLS I want my signed email to work a lot like SSH does
2014-09-14:	My current hassles with Firefox, Flash, and (HTML5) video
2014-09-13:	What can go wrong with polling for writability on blocking sockets
2014-09-12:	How not to do IO multiplexing, as illustrated by Amanda
2014-09-10:	The cause of our slow Amanda backups and our workaround Does init actually need to do daemon supervision?
2014-09-08:	What an init system needs to do in the abstract
2014-09-07:	Systemd's fate will be decided by whether or not it works The kernel should not generate messages at the behest of the Internet
2014-09-05:	A DTrace script to help figure out what process IO is slow Some uses for `SIGSTOP` and some cautions
2014-09-04:	Some other benefits of using non-HTTP frontend to backend transports
2014-09-03:	Why we don't want to do any NAT with IPv6
2014-09-01:	An IPv6 dilemma for us: 'sandbox' machine DNS
2014-08-31:	We don't believe in DHCP for (our) servers The downside of expanding your storage through bigger disks
2014-08-30:	How to change your dm-cache write mode on the fly in Linux
2014-08-29:	A hazard of using synthetic data in tests, illustrated by me
2014-08-27:	One reason why we have to do a major storage migration The difference between Linux and FreeBSD boosters for me
2014-08-26:	Why I don't like HTTP as a frontend to backend transport mechanism
2014-08-24:	10G Ethernet is a sea change for my assumptions My spam is (mostly) boring
2014-08-23:	Some notes on Python packaging stuff that wasn't obvious to me
2014-08-22:	Where DTrace aggregates are handled for printing et al
2014-08-21:	How data flows around on the client during an Amanda backup
2014-08-20:	Explicit error checking and the broad exception catching problem
2014-08-18:	An example of a subtle over-broad `try` in Python The potential issue with Go's strings
2014-08-17:	The challenges of diagnosing slow backups
2014-08-15:	Caches should be safe by default A consequence of NFS locking and unlocking not necessarily being fast
2014-08-13:	Bind mounts with systemd and non-`fstab` filesystems How you create a systemd .mount file for bind mounts
2014-08-11:	Copying GPT partition tables from disk to disk
2014-08-10:	The problem with self-contained 'application bundle' style packaging What I want out of a Linux SSD disk cache layer
2014-08-09:	Intel has screwed up their DC S3500 SSDs
2014-08-08:	Hardware can be weird, Intel 10G-T X540-AT2 edition
2014-08-06:	A peculiarity: I'm almost never logged in to websites
2014-08-05:	Why LinkedIn's 'you must join to unsubscribe' is evil Another piece of my environment: running commands on multiple machines
2014-08-04:	Why our new SAN environment is separate from our old SAN environment
2014-08-03:	Our second generation ZFS fileservers and their setup
2014-08-02:	The benchmarking problems with potentially too-smart SSDs
2014-07-31:	The temptation to rebuild my office machine with its data in ZFS on Linux
2014-07-30:	Why I like ZFS in general My view on FreeBSD versus Linux, primarily on the desktop
2014-07-28:	FreeBSD, cultural bad blood, and me
2014-07-27:	Go is still a young language Save your test scripts and other test materials
2014-07-25:	An interesting picky difference between Bourne shells The OmniOS version of SSH is kind of slow for bulk transfers
2014-07-23:	What influences SSH's bulk transfer speeds One of SELinux's important limits
2014-07-21:	What I know about the different types of SSH keys (and some opinions)
2014-07-20:	The CBL has a real false positive problem HTTPS should remain genuinely optional on the web
2014-07-19:	Some consequences of widespread use of OCSP for HTTPS
2014-07-18:	In practice, 10G-T today can be finicky
2014-07-16:	My (somewhat silly) SSD dilemma
2014-07-15:	A data point on how rapidly spammers pick up addresses from the web
2014-07-14:	Unmounting recoverable stale NFS mounts on Linux
2014-07-13:	An obvious reminder: disks can and do die abruptly Early impressions of CentOS 7
2014-07-11:	You want to turn console blanking off on your Linux servers Some notes on bisecting a modified Firefox source base with Mercurial
2014-07-10:	The core security problem of SSL on the web is too much trust
2014-07-09:	What the differences are between Python `bool`s and `int`s
2014-07-08:	Exploring a surprise with equality in Python Some thoughts on SAN long-term storage migration
2014-07-06:	Goroutines versus other concurrency handling options in Go The problem with filenames in IO exceptions and errors
2014-07-05:	Another reason to use frameworks like Django
2014-07-04:	An interesting Go concurrency bug that I inflicted on myself
2014-07-02:	Bash is letting locales destroy shell scripting (at least on Linux) Why Solaris's SMF is not a good init system
2014-07-01:	An index of non-letter control characters
2014-06-30:	Comparing RPM versions in the shell My `.screenrc`
2014-06-29:	The tradeoffs for us in a SAN versus disk servers
2014-06-27:	A retrospective on our overall fileserver architecture et al A retrospective on our Solaris ZFS-based NFS fileservers (part 2)
2014-06-25:	A retrospective on our Solaris ZFS-based NFS fileservers (part 1) How my new responsive design here works
2014-06-23:	Python 3 has already succeeded in the long run
2014-06-22:	Things I like about Go I need some responsive website design around here
2014-06-21:	Sometimes 'unsubscribing' does seem to reduce spam activity
2014-06-20:	What Python versions I can use (June 2014 edition)
2014-06-19:	Some notes on Go's godoc and what it formats how
2014-06-18:	Would I be comfortable documenting our systems in some sort of public?
2014-06-16:	My view: a wiki by itself will not solve your problems
2014-06-15:	The web is social, and thus minor features can matter a lot Weird spammer behavior: a non-relaying relay attempt
2014-06-14:	I'm not very impressed with Ubuntu 14.04 LTS so far
2014-06-13:	Undoing an errant '`git commit --amend`'
2014-06-12:	An init system has two jobs
2014-06-11:	Some thoughts on testing parsers
2014-06-10:	An irritating and interesting `su` change from Ubuntu 12.04 to 14.04
2014-06-09:	A challenge in new languages: learning to design good APIs
2014-06-08:	The fundamental problem that created `su`
2014-06-07:	Some ways to do sleazy duck typing in Go (from a Python perspective)
2014-06-06:	On the Internet, weirdness is generally uncommon
2014-06-05:	SMTP's crazy address formats didn't come from nowhere
2014-06-04:	Why I don't like SMTP command parameters
2014-06-03:	My just-used Go logging idiom and why it is in fact wrong
2014-06-02:	Vi's composability antecedent (or one of them)
2014-05-31:	Wnen trying to unsubscribe from spam can be not completely crazy One of my test based development imperfections: use driven testing
2014-05-30:	In Go, sometimes a `nil` is not a `nil`
2014-05-29:	The state of limits on how many groups you can be in (especially for NFS)
2014-05-28:	Yahoo Groups has a bad spam problem and they don't care
2014-05-27:	Some things for enumerated constants in Go
2014-05-25:	Firefox, DRM, and reality Computing has two versions of 'necessary'
2014-05-23:	What ssh-agent does with multiple keys loaded Why Java is a compiled language and Python is not
2014-05-22:	Why Python uses bytecode (well, probably): it's simpler
2014-05-21:	How I wish ZFS pool importing could work
2014-05-19:	A building block of my environment: `sps`, a better tree-based process list Why desktop Linuxes want you to reboot after updates
2014-05-18:	What it would take to replace Firefox as my web browser
2014-05-17:	The problem of encrypted SSH keys and `screen`
2014-05-16:	Some notes from migrating towards encrypted SSH keys
2014-05-15:	My personal and biased view of `sudo` versus `su`
2014-05-14:	Modern mail forwarding is leaky
2014-05-13:	The security model of `sudo` versus `su`
2014-05-12:	The advantages of editors over database programs for modifying your data
2014-05-11:	Why I don't use relational databases in practice
2014-05-09:	Some uses for Python's 'named' form of string formatting Operating systems cannot be hermetically sealed environments
2014-05-08:	The modern world of spliced together multi-layer DNS resolution
2014-05-07:	How I use Unbound on Fedora 20 to deal with the VPN DNS issue
2014-05-06:	Another problem with building your own packages: dependency issues
2014-05-05:	The power of meaningless identifiers
2014-05-04:	How I set up my Firefox 29's UI
2014-05-03:	My Firefox 29 extensions and addons
2014-05-02:	An important addition to how ZFS deduplication works on the disk
2014-04-30:	Failover versus sparing in theory and in practice Backup systems, actual hosts, and logical hosts
2014-04-29:	Static sites are stable sites
2014-04-28:	How dynamic language code gets optimized
2014-04-27:	Thoughts about Python classes as structures and optimization
2014-04-26:	What I can see about how ZFS deduplication seems to work on disk
2014-04-25:	A Unix semantics issue if your filesystem can snapshot arbitrary directories
2014-04-23:	How Yahoo's and AOL's DMARC 'reject' policies affect us At least partially understanding DMARC
2014-04-21:	The question of language longevity for new languages Thinking about how to split logging up in multiple categories et al
2014-04-20:	A heresy about memorable passwords
2014-04-19:	Cross-system NFS locking and unlocking is not necessarily fast
2014-04-18:	What modern filesystems need from volume management
2014-04-17:	Partly getting around NFS's concurrent write problem
2014-04-16:	Where I feel that btrfs went wrong
2014-04-14:	Chasing SSL certificate chains to build a chain file My reactions to Python's warnings module
2014-04-13:	A problem: handling warnings generated at low levels in your code
2014-04-11:	The relationship between SSH, SSL, and the Heartbleed bug What sort of kernel command line arguments Fedora 20's dracut seems to want
2014-04-10:	My current choice of a performance metrics system and why I picked it
2014-04-09:	Pragmatic reactions to a possible SSL private key compromise
2014-04-08:	My goals for gathering performance metrics and statistics
2014-04-07:	Giving in: pragmatic `If-Modified-Since` handling for Tiny Tiny RSS
2014-04-06:	How not to generate `If-Modified-Since` headers for conditional GETs
2014-04-05:	An important additional step when shifting software RAID mirrors around
2014-04-03:	Shifting a software RAID mirror from disk to disk in modern Linux The scariness of uncertainty
2014-04-02:	I'm angry that ZFS still doesn't have an API
2014-03-31:	I'm done with building tools around '`zpool status`' output Why I sometimes reject patches for my own software
2014-03-30:	One of my worries: our spam filtering in the future
2014-03-28:	Recovering from a drive failure on Fedora 20 with LVM on software RAID How we wound up with a RFC 1918 IP address visible in our public DNS
2014-03-26:	Why people keep creating new package managers The DNS TTL problem
2014-03-24:	The importance of having full remote consoles on crucial servers Why I don't trust transitions to single-user mode
2014-03-23:	Differences in URL and site layout between static and dynamic websites
2014-03-22:	Avoiding reboots should not become a fetish
2014-03-21:	Thinking about when rsync's incremental mode doesn't help
2014-03-20:	Killing (almost) all processes on Linux is not recoverable
2014-03-19:	Why I like ZFS's `zfs send` and `zfs receive`
2014-03-17:	Simple versus complex marshalling in Python (and benchmarks) Rebooting the system if init dies is a hack
2014-03-16:	You don't have to reboot the system if init dies
2014-03-14:	Guessing whether people will unsubscribe from your mailing lists Logins and related things really do change, and for good reasons
2014-03-13:	The argument about unbound methods versus functions
2014-03-11:	How functions become bound or unbound methods
2014-03-10:	The problem of conditional GET and caches for dynamic websites
2014-03-09:	Solaris gives us a lesson in how not to write documentation Why we don't change Unix login names for people
2014-03-08:	Why I think 10G-T will be the dominant form of 10G Ethernet
2014-03-07:	Coming to terms with D-Bus
2014-03-05:	A bit more about the various levels of IPC: whether or not they're necessary ZFS's problem with boot time magic
2014-03-03:	The multiple levels of interprocess communication
2014-03-02:	Googlebot is now aggressively crawling syndication feeds Cool URL fragments don't change either
2014-02-28:	Yet another problem with configuration by running commands Arguments for explicit block delimiters in programming languages
2014-02-26:	PCI slot based device names are not necessarily stable Saying goodbye to the PHP pokers the easy way
2014-02-24:	Nerving myself up to running experimental setups in production The origins of DWiki and its drifting purpose
2014-02-23:	The problem with indentation in programming languages
2014-02-22:	A subtle advantage of generating absolute path URLs during HTML rendering
2014-02-21:	You should segregate different traffic to different mailing lists
2014-02-19:	Some rough things about the naming of SAS drives on Linux The reasoning problem with describing things with a programming language
2014-02-18:	People can always unsubscribe from your mailing lists
2014-02-17:	File based engines and the awkward problem of special URLs
2014-02-16:	Why comments aren't immediately visible on entries here
2014-02-14:	'Broken by design: systemd' is itself kind of broken The good and bad of the System V init system
2014-02-13:	Init's (historical) roles
2014-02-11:	Why systemd is winning the init wars and other things aren't
2014-02-10:	My dividing line between working remotely and working out of the office
2014-02-09:	Why I want a solid ZFS implementation on Linux Why I'm not looking at installing OmniOS via Kayak
2014-02-08:	You cannot have just one network install server
2014-02-07:	A followup to what `sudo` emails to ignore and not ignore A surprise with OmniOS disk sizing: the `rpool/dump` ZVOL
2014-02-06:	Some thoughts on what `sudo` emails to ignore and to not ignore
2014-02-05:	An interesting internal Django error we just got
2014-02-03:	The big attraction of SQLite Technological progress and efficiency
2014-02-02:	An illustration of the problem of noise
2014-01-31:	Why I now believe that duck typed metaclasses are impossible in CPython Linux has at least two ways that disks can die
2014-01-30:	OmniOS (and by extension Illumos) is pretty much Solaris
2014-01-29:	One cause of Linux's popularity among Unixes
2014-01-28:	Building software packages yourself is generally a waste (why package selection matters)
2014-01-27:	Things that affect how much support you get from a Linux distribution
2014-01-26:	Why writing sysadmin tools in Go is getting attractive
2014-01-25:	The origin of RCS (the version control system)
2014-01-24:	Things I want to remember during a security incident
2014-01-22:	Microsoft has become a spam emitter Security is everyone's job (why Ruby is wrong about OpenSSL)
2014-01-21:	Fake versus real metaclasses and what a fully functional metaclass is
2014-01-20:	A thought about the popularity of server-side JavaScript
2014-01-19:	Some thoughts on structured logging, especially in and for databases
2014-01-18:	Your web application should have an audit log
2014-01-16:	Link: Armin Ronacher's 'More About Unicode in Python 2 and 3' Debian does not have long term support
2014-01-15:	SELinux fails again (Fedora 20 edition) Real support periods versus nominal official ones
2014-01-14:	The problem with OmniOS's 'build your own' view for Perl and Python
2014-01-13:	Sadly, we're moving away from Red Hat Enterprise Linux
2014-01-12:	Why I don't want fully automated installs
2014-01-11:	Why I am not enthused about Red Hat Enterprise 6
2014-01-10:	An interesting recent spam run against one of my machines
2014-01-09:	Using different sshd options for different origin hosts
2014-01-08:	The good and bad of Linux's NetworkManager
2014-01-06:	The problem with compiling your own version of Python 3 Some thoughts on blog front pages in the modern era
2014-01-05:	Hard drives really do wear out, so you need a a hardware budget
2014-01-04:	One aspect of partial versus full entries on blog front pages
2014-01-03:	What determines Python 2's remaining lifetime?
2014-01-02:	Python 3's core compatibility problem and decision
2013-12-31:	Two uses of `fmt` Reversing my view on Python 3 for new general code: avoid it Link: Alex Gaynor's 'About Python 3'
2013-12-30:	My growing entanglement into `vi`
2013-12-29:	Broad thoughts on tags for blog entries
2013-12-28:	The era of known top-level domains or valid TLD patterns is mostly over
2013-12-27:	A reason to keep tags external in 'entry as file' blog engines
2013-12-26:	How ZFS scrubs routinely save us
2013-12-25:	Procedures are not documentation
2013-12-24:	The 'entry as file' blog engine problem with tags
2013-12-23:	A good reason to use write-intent bitmaps
2013-12-22:	The benefits of using expendable email addresses for most things
2013-12-21:	If you're using Linux's magic SysRq, increase the log level right away
2013-12-20:	A realization: on the modern web, everything gets visited
2013-12-19:	Your (HTML) template language should have conditionals
2013-12-18:	Thinking about what we'll need for reproducible OmniOS installs
2013-12-17:	You probably don't want to use Make to build your generated files
2013-12-16:	My computers are increasingly sort of Internet terminals
2013-12-15:	Making large selections in `xterm` (and `urxvt` and Gnome Terminal)
2013-12-14:	Why I'm not likely to use Chrome much in the future
2013-12-13:	Using cgroups to limit something's RAM consumption (a practical guide)
2013-12-12:	Some observations from playing with PyPy on DWiki
2013-12-11:	The problem with nondeterministic garbage collection
2013-12-10:	My current view of PyPy
2013-12-09:	Hardware is weird (disk enclosure edition)
2013-12-08:	Sometimes the right thing to do is to stop (and even to give up)
2013-12-07:	Things get weird with read-only NFS mounts and atime on Linux
2013-12-06:	The three levels of read-only NFS mounts
2013-12-05:	Some thoughts on a body of knowledge for system administration
2013-12-04:	`sudo` is not an auditing mechanism
2013-12-03:	The three faces of `sudo`
2013-12-02:	What Go has become for me: Python with performance
2013-11-30:	Why 'hotplug' approaches to device handling are the right way The case of the disappearing ESATA disk
2013-11-29:	How modern Linux software RAID arrays are assembled on boot (and otherwise)
2013-11-28:	A quick analysis of bounces here
2013-11-27:	The difference between CPython and Python
2013-11-25:	From CPython bytecode up to function objects (in brief) Track your disk failures
2013-11-24:	Baidu's web spider ignores `robots.txt` (at least sometimes)
2013-11-23:	You are not fooling us with broken bounce addresses
2013-11-22:	My hack use for Chrome's Incognito mode
2013-11-20:	`test` is surprisingly smart The difference between no argument and an empty argument
2013-11-18:	Why booting Linux from a ZFS root filesystem with GRUB can be hard
2013-11-17:	The 10G Ethernet performance problem on Linux Sending and receiving file descriptors in Python
2013-11-16:	Unix getopt versus Google's getopt variant and why Unix getopt wins
2013-11-15:	Professional knowledge, certification, and regulation
2013-11-14:	One reason I like Go: it seems natural to avoid object churn
2013-11-13:	The cost of expensive hardware and the benefit of hindsight
2013-11-11:	Go's getopt problem
2013-11-10:	Are those chassis fans actually still spinning? My views on network booting as an alternative to system disks
2013-11-09:	Google Feedfetcher is still fetching feeds and a `User-Agent` caution
2013-11-08:	The spectrum of options when netbooting systems
2013-11-06:	Why you might not want to use SSDs as system disks just yet Modern versions of Unix are more adjustable than they used to be
2013-11-04:	How writes work on ZFS raidzN pools, with implications for 4k disks
2013-11-03:	Wikitext needs a better way of writing tables Why we're switching to SSDs for system disks
2013-11-02:	Revising our peculiar ZFS L2ARC trick
2013-10-31:	Our likely future backend and fileserver hardware Naming disk devices: drive IDs versus drive locations
2013-10-30:	An open question: part uniformity versus unit cost
2013-10-28:	If you're on the IPv4 Internet, you really are in public now
2013-10-27:	Old and new addresses and spam Some things I've learned from transitioning a website to HTTPS
2013-10-26:	10G Ethernet and network buffer sizes (at least on Linux)
2013-10-25:	Modern disk write caches and how they get dealt with (a quick overview)
2013-10-24:	How to force a disk write cache flush operation on Linux
2013-10-23:	Paying for services is not necessarily enough
2013-10-21:	NFS's problem with (concurrent) writes Thinking about how I want to test disk IO on an iSCSI backend
2013-10-20:	Thoughts inspired by the abstract idea of Docker-like things
2013-10-19:	I should never have allowed 'outside' content to break my layout
2013-10-18:	ZFS uberblock rollback and the top level metadata change rate
2013-10-17:	There are two cases for changing SSL/TLS cipher settings
2013-10-16:	Disused addresses and the impact of spam
2013-10-15:	Why I'm not looking for any alternatives to iSCSI for us
2013-10-14:	The importance of small UI tweaks (for me), dmenu edition
2013-10-13:	Revisiting some bits of ZFS's ZIL with separate log devices
2013-10-11:	Some pain points of parsing wikitext (and simplifications that avoid them) How DWiki parses its wikitext (part 1)
2013-10-10:	Sun's NeWS was a mistake, as are all toolkit-in-server windowing systems
2013-10-09:	An interesting bug with module garbage collection in Python
2013-10-07:	What happens when CPython deletes a module
2013-10-06:	What reloading a Python module really does The per-NFS-operation data for NFS mounts in `/proc/self/mountstats`
2013-10-05:	The `xprt:` data for NFS mounts in `/proc/self/mountstats`
2013-10-04:	The bytes and events data for NFS mounts in `/proc/self/mountstats`
2013-10-03:	What is in `/proc/self/mountstats` for NFS mounts: an introduction
2013-10-02:	What your `User-Agent` header should include and why
2013-09-30:	Centralizing syslogs as an easy way to improve your environment
2013-09-29:	Spammers illustrating, well, something Universities and long term perspectives
2013-09-28:	Why I put configuration management systems over packaging systems
2013-09-27:	The long term future of any particular configuration management system
2013-09-26:	Trying to explain my harshness on configuration management tools
2013-09-24:	A semi-wish for an official 'null MX' standard
2013-09-23:	The FTE pricing gamble (for vendors) ZFS filesystem compression and quotas
2013-09-22:	An example of optimizing C in the face of undefined behavior
2013-09-20:	Nested conditional expressions in Python (and code golf)
2013-09-19:	Processes waiting for NFS IO do show in Linux `%iowait` statistics Load is a whole system phenomenon
2013-09-18:	Reconsidering external disk enclosures versus disk servers
2013-09-17:	The pain (or annoyance) of deploying a simple WSGI thing
2013-09-15:	Regular expression performance and performance folklore Identities, trust, and work
2013-09-14:	A basic overview of SAS and using SATA with SAS
2013-09-13:	Why I think `dir()` excludes metaclass methods
2013-09-12:	I am not a (Unix) purist
2013-09-11:	Understanding why CSRF protection really needs cookies
2013-09-09:	Why the RPM source and binary package format is superior to Debian .debs A slow realization: many of my dotfiles don't need to be dotfiles
2013-09-07:	Why wiring things up physically instead of virtually is better for us Good SSL for your website is absurdly difficult in practice
2013-09-06:	Making switch configuration changes is not as easy as it looks
2013-09-05:	The physical versus the virtual approach to network wiring
2013-09-04:	What (and how) I use HTML tables for layout here
2013-09-02:	The current weak areas of ZFS on Linux A little bit more on ZFS RAIDZ read performance
2013-08-31:	Simple availability doesn't capture timing and the amount of warning HTML quoting as I currently understand it
2013-08-30:	I'm done with feeling guilty about using HTML tables for layout
2013-08-29:	A new piece of my environment: clearing the X selection
2013-08-28:	I'm vaguely yearning for a simpler framework than Django
2013-08-26:	An example GNU Readline quoting function
2013-08-25:	On classifying phish spam as malware Adding basic quoting to your use of GNU Readline
2013-08-24:	My personal view of Fedora versus Ubuntu on the desktop
2013-08-23:	Looking at how many viruses we've seen in email recently
2013-08-22:	I've changed my thinking about redundant power supplies
2013-08-21:	Disk enclosures versus 'all in one case' designs
2013-08-20:	The challenge for ARM servers, at least here
2013-08-19:	My views on various bits of disk drive technology today
2013-08-16:	SSDs may make ZFS raidz viable for general use A peculiar use of ZFS L2ARC that we're planning Funding and the size of hardware you want to buy
2013-08-15:	My understanding of modern C undefined behavior and its effects
2013-08-14:	The pragmatics of an HTTP to HTTPS transition
2013-08-13:	You should convert wikitext to HTML through an AST
2013-08-11:	The feature (or features) I really want added to `xterm` Multi-mount protection and SAN failover
2013-08-10:	The importance of names, illustrated through my mistake
2013-08-09:	Link: My current dmenu changes
2013-08-08:	How to accidentally reboot a server My Cinnamon desktop customizations
2013-08-07:	Understanding how generators help asynchronous programming
2013-08-05:	Who or what your website is for and more on HTTP errors
2013-08-04:	What's changed in Unix networking in the last decade or so
2013-08-03:	The paucity of generally useful HTTP error codes The pragmatic issues around HTTP error codes mattering (or not)
2013-08-02:	I'm giving up on a custom laptop environment for Fedora 19
2013-07-31:	The problem with a custom laptop environment: designing it A Python code structure problem: exception handling with flags
2013-07-30:	Phish spam and outside events
2013-07-29:	A consistent preference in APIs for kernel and other low-level APIs
2013-07-28:	The constraints shaping kernel APIs
2013-07-27:	The easy path versus the virtuous path (in system setup)
2013-07-26:	Communication is work and a corollary
2013-07-25:	An important thing about security issues in HTTP error responses
2013-07-24:	Why vendor prices are important things to have
2013-07-23:	When Python regexp alternation is faster than separate regexps
2013-07-22:	External disk enclosures versus disk servers
2013-07-21:	A fun problem: monitoring randomness reduces it
2013-07-19:	A bit on the performance of lexers in Python Thinking about the security issues in HTTP 403 versus 404 errors
2013-07-18:	Fedora 19 and the search for volume management
2013-07-17:	Do specific HTTP error codes actually matter?
2013-07-15:	Systemd needs sensible, non-truncated output Git's petty little irritation for me
2013-07-14:	Why single vendor solutions are a hard sell
2013-07-13:	What we need in our fileservers (in the abstract)
2013-07-11:	The ZFS ZIL's optimizations for data writes ZFS transaction groups and the ZFS Intent Log
2013-07-10:	Knowing when to go your own way with open source programs
2013-07-09:	How we want to recover our ZFS pools from SAN outages
2013-07-07:	Sometimes the right thing to do is nothing (at least right then) A mistake to avoid with summer interns
2013-07-06:	Is it particularly useful to have old Unix source sitting around?
2013-07-05:	ZFS deduplication is terribly documented
2013-07-04:	My version of the story of universities and Unix source code
2013-07-03:	You can re-`connect()` UDP sockets (portably)
2013-07-02:	Today's question: are anti-spam statistics useful for us?
2013-06-30:	Our pragmatic approach to updating machines to match our baseline Some very basic DNS blocklist hit information for the last 30 days
2013-06-29:	`connect()` plus `write()` versus `sendto()` for UDP sockets
2013-06-28:	The limitations of not actually knowing a language
2013-06-27:	How much of our incoming email is checked at SMTP DATA time
2013-06-26:	What I want from a future version of NFS
2013-06-25:	Balancing Illumos against ZFS on Linux
2013-06-24:	How to get your syndication feed fetcher at least temporarily banned here
2013-06-23:	'Human error' is not a root cause of problems
2013-06-22:	Automatedly overwriting changed files is not a feature
2013-06-21:	A Django application design puzzle about modularity
2013-06-20:	The question of whether to rewrite an old but working service
2013-06-19:	Our approach to configuration management
2013-06-18:	What's in the way of us using automated configuration management
2013-06-17:	My job versus my career: some thoughts
2013-06-16:	Python 3 has very little benefit for ordinary Python programmers
2013-06-15:	I'm considering building a custom laptop environment
2013-06-14:	The core issue in the Python 3 transition (from my view)
2013-06-13:	I don't usually think about IO transfer times
2013-06-12:	UI details that you don't expect to can matter a lot
2013-06-11:	The good and bad of IPS (as I see it)
2013-06-10:	What the SELinux community should be doing
2013-06-09:	SELinux should have its own `errno` value
2013-06-08:	The Flickr redesign and knowing your site's focus
2013-06-07:	My current understanding of 'software defined networking'
2013-06-06:	Why building RPMs for a different architecture is a hard problem
2013-06-05:	The case against blog sidebars
2013-06-04:	SELinux's toxic mistake
2013-06-02:	Security is not the most important thing to most people Why I do IPSec improperly and reduce my security
2013-05-31:	The mystery of `POST`s with a zero `Content-Length` Understanding the MongoDB code that people are laughing at
2013-05-30:	I find Systemtap oddly frustrating
2013-05-28:	How you should package local-use configuration files
2013-05-27:	Understanding SQL placeholders Our situation with ZFS and 4 Kb physical sector disks
2013-05-26:	Empirically, modern mailing list services are spam senders
2013-05-24:	Understanding how CVE-2013-1979 might be exploited My issue with infinite scrolling web pages: the lack of a stopping point
2013-05-23:	Why web robots sending `Referer` headers is wrong
2013-05-21:	Diffbot's bad `Referer` header
2013-05-20:	A serious potential danger with Exim host lists in ACLs
2013-05-19:	Today's comment spammer trick: regurgitated comments The technical effects of being an out of tree Linux kernel module
2013-05-18:	A little habit of our documentation: how we write logins
2013-05-17:	Why I'm not considering btrfs for our future fileservers just yet
2013-05-16:	Why ZFS's CDDL license matters for ZFS on Linux
2013-05-15:	Why I've so far been neglecting functional programming languages
2013-05-13:	My language irritations with Go (so far) and why I'm wrong about them The Unix philosophy is not an end to itself
2013-05-11:	The consequences of importing a module twice
2013-05-10:	Illustrating the tradeoff of security versus usability Disk IO is what shatters the VM illusion for me right now
2013-05-08:	Thoughts on when to replace disks in a ZFS pool How ZFS resilvering saved us
2013-05-07:	Python's relative import problem
2013-05-05:	Unix is not necessarily Unixy The original vision of RISC was that it would be pervasive
2013-05-04:	What I see as RISC's big bets
2013-05-03:	Virtual disks should be treated as 4k 'Advanced Format' drives
2013-05-01:	Two `xargs` gotchas that you may not know about
2013-04-30:	The two stories of RISC
2013-04-29:	My practical problem with preconfigured virtual machine templates My view of ARM versus other RISCs
2013-04-28:	My sysadmin view of Python virtualenvs
2013-04-27:	Some theories on why DNSBLs may be dwindling away
2013-04-26:	Are there less anti-spam DNS blocklists than there used to be?
2013-04-25:	How SuS probably requires the 'run at least once' `xargs` behavior
2013-04-24:	Two mistakes I made with VMs today
2013-04-23:	Goodbye, djb dnscache
2013-04-21:	RCS should not be your first choice for version control Why a free SSL Certificate Authority is not horrifying
2013-04-19:	How ZFS deals with 'advanced format' disks with 4 Kb physical sectors How I want storage systems to handle disk block sizes
2013-04-18:	How SCSI devices tell you their logical and physical block sizes
2013-04-17:	Some thoughts on going to HTTPS by default
2013-04-15:	The basics of 4K sector hard drives (aka 'Advanced Format' drives) Go's friction points for me (and a comparison to Python)
2013-04-14:	Python's data structures problem
2013-04-13:	Classic linked lists versus Python's list (array) type
2013-04-12:	My view on software RAID and the RAID write hole
2013-04-11:	Something I'd like to be easier in Solaris's IPS
2013-04-10:	Some important things about OpenBSD PF's `max-*` options
2013-04-08:	Fedora 18's TexLive packaging failure Why ZFS still needs an equivalent of `fsck`
2013-04-07:	The apparent source of my Firefox memory bloat problems
2013-04-06:	What I needed to do with Grub2 to change my boot disk
2013-04-05:	Authoritative, non-recursive DNS servers now need ratelimiting
2013-04-04:	An irritating OpenBSD PF limitation on redirections
2013-04-03:	How to make sysadmins unhappy with your project's downloads
2013-04-02:	Why `listen(2)`'s backlog parameter has such an odd meaning
2013-03-31:	Why we'll continue to have local compute servers in the future Can we really use the cloud?
2013-03-30:	One irritation in `xargs`'s interface
2013-03-29:	Illumos-based distributions are currently not fully mature
2013-03-27:	What checksums in your filesystem are usually actually doing
2013-03-26:	Reconsidering a ZFS root filesystem
2013-03-25:	Rethinking avoiding Apache My (current) view of using branches in VCSes
2013-03-24:	Looking at how many external recipients inbound email goes to
2013-03-22:	Looking at how many recipients our average inbound email has The problem with trying to make everything into a Python module
2013-03-21:	The FreeBSD iSCSI initiator is not ready for serious use (as of 9.1)
2013-03-20:	Don't use ab for your web server stress tests (I like siege instead)
2013-03-18:	The wrong way for a framework to lay out projects
2013-03-17:	The power of suggestion that documentation has Argument validation using functions
2013-03-16:	I'm giving up on upgrading my laptop from Fedora 14
2013-03-15:	A dive into the depths of yes `yes no`
2013-03-14:	What I want out of a web-based syndication feed reader
2013-03-12:	MATE Desktop's failure in Fedora 18 In universities, computers are not an essential service
2013-03-10:	The easy way to wind up with multiple subnets on a single (V)LAN segment The systemd dependency problem
2013-03-09:	Why `.rpmnew` files are evidence of packaging failures
2013-03-08:	Debian shows how to do Apache configuration right (and Fedora fumbles it)
2013-03-06:	How we make Exim cut off bounce loops Turning off delays on failed password authentications
2013-03-04:	Why you should never use '`/bin/sh -c ...`' in configuration files
2013-03-03:	Why a netcat-like program is a good test of a language Go: when I'd extend an interface versus making a new one
2013-03-02:	The mythology of spending money on things, or not doing so
2013-02-28:	A decorator for decorators that accept additional arguments Looking at whether Zen-listed IPs keep trying to send us email
2013-02-27:	Link: Go at Google: Language Design in the Service of Software Engineering
2013-02-26:	How Linux servers should boot with software RAID Thinking about how much Solaris 11 is worth to us Looking at whether (some) IP addresses persist in zen.spamhaus.org
2013-02-24:	You should avoid using `socket.SOMAXCONN` What limits the number of concurrent connections to a server
2013-02-22:	(Ab)using `awk` on the fly
2013-02-21:	Go: using type assertions to safely reach through interface types Some notes on my first experience with Go
2013-02-20:	The meaning of `listen(2)`'s backlog parameter
2013-02-19:	The source of C's dependency hell for linking
2013-02-18:	The strikes against Solaris 11 for us
2013-02-17:	Some brief opinions and notes on uWSGI
2013-02-16:	Finding out what TLS/SSL cryptography people actually get with your servers
2013-02-15:	SSL/TLS cipher names (aka 'cipher suites') and what goes into them
2013-02-14:	The cost of an API mistake in the socket module's `fromfd()`
2013-02-12:	Some notes on Linux's `ionice`
2013-02-11:	The sinking feeling of discovering a design mistake in your code Thinking about how I use email
2013-02-10:	A little irritating (but understandable) limitation on Go interfaces
2013-02-09:	Solve your command parsing problems by using scripts
2013-02-08:	Linux's great advantage as a Unix is its willingness to make wrenching changes
2013-02-07:	Today's learning experience with CSS: don't be indirect
2013-02-05:	What makes DWiki and other dynamic file based blog engines slow
2013-02-04:	Dynamic web sites and blogs need not be slow, illustrated What good cryptography error messages need to include
2013-02-03:	Systems with cryptography should always have minimal workarounds
2013-02-02:	A fundamental problem with the trackback protocol
2013-01-31:	The shifting SBL, as experienced here Why you should support specifying comparison keys (and functions)
2013-01-30:	Thinking about FreeBSD versus Illumos for our ZFS fileservers
2013-01-28:	Some patterns for easy to parse Domain Specific Languages in Python
2013-01-27:	How the modern web 2.0 social web irritates me by hiding discussions User mode servers versus kernel mode servers
2013-01-25:	Some places where I think that Unix is incomplete or imperfect Unix needs to grow and a consequence of that
2013-01-23:	My Unix is a general purpose operating system What I want to know about kernel security updates
2013-01-22:	Disaster recovery preparation is not the same as a DR plan
2013-01-20:	Disaster recovery for computers is a means, not an end to itself Real disaster recovery plans require preallocated resources
2013-01-18:	SLAs, downtime, and planning More on my favorite way of marking continued lines
2013-01-16:	My favorite way of marking continued lines How I drafted (okay, wrote) an entry in public by accident
2013-01-14:	Why JavaScript (or something like it) is in demand Good JavaScript usage is a good thing
2013-01-13:	Blogspot's massive web 1.0 failure
2013-01-12:	Runtime loading of general code usually requires general dynamic linking
2013-01-11:	A thought about static linking and popularity
2013-01-10:	The fundamental problem faced by user-level NFS servers
2013-01-09:	It turns out I'm biased towards kernel iSCSI target implementations
2013-01-08:	Why we wound up using Linux for our iSCSI targets
2013-01-07:	Why bad support matters (war story included)
2013-01-06:	24 hours of Atom feed requests here
2013-01-05:	What I think changed to make spam deliveries not cost-free
2013-01-04:	DTrace's stable providers are not good enough
2013-01-03:	An alterate pattern for polymorphism in C
2013-01-02:	Some patterns for polymorphism in C
2012-12-31:	How our fileserver infrastructure is a commodity setup (and inexpensive) GNU `sort`'s `-h` option
2012-12-30:	What I'd have liked to hear about Python 3 from the developers
2012-12-29:	Why I think that stupid spamming is actively wasteful
2012-12-28:	A spammer that is not the brightest light in the box
2012-12-27:	Why I somewhat irrationally have a distrust of ZFS on Linux
2012-12-26:	Does Python 2 need to evolve?
2012-12-25:	A confession: Python 3 has always made me kind of angry
2012-12-24:	Why we're almost certainly staying with ZFS
2012-12-23:	What we (probably) want in a future version of Solaris
2012-12-22:	Packaging in compiled versus interpreted languages
2012-12-21:	Version control comes first
2012-12-20:	Sysadmins should pretty much version control everything
2012-12-19:	Part of good awk programming is getting the clause order right
2012-12-18:	Why I'm still using VMware
2012-12-17:	Should you alert on the glaringly obvious?
2012-12-16:	Alerts should be actionable (and the three sorts of 'alerts')
2012-12-15:	A few small notes about OpenBSD PF (as of 4.4 and 5.1)
2012-12-13:	A drawback of short servers
2012-12-12:	`fork()` and closing file descriptors One good use for default function arguments
2012-12-10:	The general lesson from the need for metrics Things that systemd gets right
2012-12-09:	When I'd use a web server other than Apache
2012-12-08:	Why Apache is such a temptation
2012-12-07:	How I use virtualization (and what for)
2012-12-05:	One way to break down how people use virtualization In praise of KVM-over-IP systems
2012-12-04:	You can't assume that your performance problems will be obvious
2012-12-03:	A reason for detailed commit messages: as a guard against errors
2012-12-02:	What goes into the terminal's 'cbreak' and 'raw' modes
2012-11-30:	All kernel messages should be usefully ratelimited. No exceptions. My new view on why you need to profile code
2012-11-29:	One reason why having metrics is important
2012-11-28:	When you make a harmless change, check to make sure that it is
2012-11-27:	You don't necessarily know what matters for performance
2012-11-25:	More thoughts on why Python doesn't see much monkey-patching The limits of monkey patching in Python
2012-11-24:	Simple markup as a style guide and limiter
2012-11-22:	A little Unix difference that irritates: what word erase erases Optional features are in practice not optional to understand
2012-11-21:	The varying appeal of wikitext and other simple markup
2012-11-20:	Where my Firefox performance problem seems to be
2012-11-19:	Python 3's `print()` annoys me (although maybe it shouldn't)
2012-11-18:	Linux is less divergent than commercial Unixes used to be
2012-11-17:	Why Google's handling of multiple domains on inbound messages is okay
2012-11-16:	Why DTrace does not attract people to Solaris very often
2012-11-15:	A learning experience: internal mail flow should never be allowed to bounce
2012-11-13:	The problem with SELinux (still) A potential path to IPv6
2012-11-11:	Explaining an RPM oddity A reminder: string concatenation really is string concatenation
2012-11-10:	Why Unix doesn't have user-changeable namespaces
2012-11-09:	Some amusing cut and paste work from spammers
2012-11-08:	Devops, the return of system programmers?
2012-11-07:	DTrace: figuring out what you have access to at tracepoints
2012-11-06:	Why I want to do full end-to-end performance tests
2012-11-04:	Your logs should always include IP addresses (in addition to hostnames) Good and bad formats for your log messages
2012-11-03:	Another go-around on the drawbacks and balances of automation
2012-11-02:	Why our ZFS fileservers sometimes boot slowly
2012-10-31:	Our DTrace scripts for NFS server, ZFS, and iSCSI initiator monitoring Some stats and notes on relay attempts for our external mail gateway
2012-10-30:	How I am doing randomized read IO to avoid ZFS prefetching
2012-10-29:	How ZFS file prefetching seems to work
2012-10-28:	Some unusual SMTP activity from would-be spammers
2012-10-27:	The difference between cryptographic and normal random number generators
2012-10-26:	Thinking about an unusual sequence
2012-10-25:	Always make sure you really understand what your problem is
2012-10-24:	Why you should support 'reload' as well as 'restart'
2012-10-23:	The problem of simulating random IO
2012-10-22:	Why parsers matter
2012-10-21:	Why `fork()` is a good API
2012-10-20:	The issue with measuring disk performance through streaming IO
2012-10-19:	An old Unix trick for saving databases
2012-10-18:	A danger of default values for function arguments (in illustrated form)
2012-10-17:	Operators and system programmers: a bit of System Administrator history
2012-10-16:	Switch flow control and buffering: what we think was wrong in our iSCSI network
2012-10-15:	The anatomy of a performance problem with our mail spool
2012-10-14:	DTrace: two mistakes you can make in DTrace scripts
2012-10-13:	DTrace: counting, aggregates, and a nice undocumented `printa()` feature
2012-10-12:	SSL CAs have an impossible job (if you want them to be thorough)
2012-10-11:	Controlling Linux TCP socket send buffer sizes
2012-10-10:	Disk IO latency is often what matters
2012-10-09:	The negative results problem with search engines
2012-10-08:	Acclimatization makes competition in web search engines hard(er)
2012-10-06:	Python can execute zip files How averages mislead you
2012-10-05:	Notes on Linux's blktrace
2012-10-04:	Averages mislead: an illustrated example
2012-10-03:	DTrace: notes on quantization and aggregates
2012-10-02:	Some notes on getting durations in DTrace
2012-09-30:	A new anti-spam precaution after our local spam incident
2012-09-29:	A recent spam oddity that I've been mulling over What I would like in colour-specification interfaces
2012-09-28:	`fork()` versus strict virtual memory overcommit handling
2012-09-27:	Microkernels and device drivers
2012-09-26:	Microkernels and modularity: do microkernels ever make sense?
2012-09-25:	The jaundiced C programmer's view of object orientation
2012-09-24:	The wrong way to harvest system-level performance stats
2012-09-23:	How we handle Ubuntu LTS versions
2012-09-22:	Speculation about what comment spammers think they're doing here
2012-09-21:	How I enter URLs in my browser
2012-09-20:	My alternative to bookmarks: a page of links as the browser start page
2012-09-19:	Two views of the argparse module
2012-09-18:	My Python versions
2012-09-17:	The options problem in Python
2012-09-16:	The problem with noise
2012-09-15:	Sensible reboot monitoring
2012-09-14:	What determines how much work a ZFS resilver has to do
2012-09-13:	Why you need mass package rebuilds in some circumstances
2012-09-12:	The core problem with developers doing their own packaging
2012-09-11:	A realization about ratelimit time horizons
2012-09-09:	The core difference between Debian source packages and RPMs When I've interned Python strings
2012-09-08:	When you can log bad usernames for failed authentications
2012-09-07:	What the standard(s) say about the order of `readdir()`'s results
2012-09-06:	A little trick and gotcha with Exim ratelimits
2012-09-05:	Some thoughts on logging failed login attempts (for existing users)
2012-09-03:	People are not ignorant (usually)
2012-09-02:	What I would like: testable mailers Solaris 11 is still closed source (and Oracle is careless with words)
2012-08-31:	A realization about one bit of test-driven development A small rant about looking down on Linux users
2012-08-30:	My perspective on why we do in-place reinstalls of machines
2012-08-29:	A realization: install configuration files before packages
2012-08-28:	When Exim generates bounce messages
2012-08-27:	You should log all successful user authentication
2012-08-26:	Some brief information about a local spam incident
2012-08-25:	Some odd behavior from blog comment spammers
2012-08-24:	The theoretical right way to check if an account is in a Unix group
2012-08-23:	Illustrating the Ubuntu clown car, AccountsService edition
2012-08-22:	My view on the understandability of language idioms
2012-08-21:	Another problem with how Debian builds from source packages
2012-08-20:	Sysadmins hate updates (more or less)
2012-08-19:	Why I don't like the Debian source package format
2012-08-18:	What everyone needs in source packages
2012-08-17:	How Firefox performs (and doesn't) for me
2012-08-16:	Why I hate vendors, printers edition
2012-08-15:	The historical background of the *BSD 'base system' versus Linux
2012-08-13:	When and where I fell out of love with Firefox
2012-08-12:	A nice illustration of the cost of creating and destroying objects in Python The CPython bytecode difference between iteration and looping
2012-08-11:	How not to write kernel messages
2012-08-09:	Learning something from not testing jQuery 1.8's beta releases Ubuntu 12.04 and symbolic links in world-writeable sticky-bitted directories
2012-08-08:	Linux ps's problem with login names
2012-08-06:	The theoretical legality of shadowing builtins in Python The (possibly apocryphal) story of System V IPC's origins
2012-08-05:	Reasoning backwards (a story about what can happen to SATA disks)
2012-08-04:	Oracle, ZFS, and Linux (and Solaris)
2012-08-03:	What makes an operating system attractive
2012-08-02:	Can Oracle make ZFS much more attractive?
2012-07-31:	Would GPL'ing ZFS have worked or been a good idea? Ruminations on the future of ZFS
2012-07-30:	IPv6 is going to be a fruitful source of configuration mistakes
2012-07-29:	The periodic strangeness of idiomatic Python
2012-07-28:	The ecological niches of current open source Unixes
2012-07-27:	What 32-bit x86 Linux's odd 896 MB kernel memory boundary is about
2012-07-25:	The kernel memory addressing problem My dislike for what I call 'perverse Test Driven Development'
2012-07-24:	Unicode's two new problems
2012-07-22:	The history of booting Linux with software RAID A sleazy trick to capture debugging output from an initramfs
2012-07-20:	Ubuntu 12.04 can't reliably boot with software RAID (and why) The temptation of selective sender address verification
2012-07-19:	Unicode code points and abstract characters
2012-07-18:	Strings in Python 2 and Python 3
2012-07-16:	Getting an Ubuntu 12.04 machine to give you boot messages My arrogance about Unicode and character encodings
2012-07-15:	My general issue with Unicode in Python 3
2012-07-14:	ZFS's problem with generic messages
2012-07-13:	Why system administration certifications have worked so far
2012-07-12:	Why formal sysadmin education isn't likely any time soon
2012-07-11:	The extremely cynical take on DevOps
2012-07-10:	A theory on why defaults for tunable parameters stay unchanged
2012-07-09:	Why the defaults for tunable kernel parameters matter
2012-07-08:	Why System V shared memory may normally be limited
2012-07-06:	Why Exim has a single queue for all email Exploring an ARP mystery: a little Linux surprise
2012-07-04:	How to irritate sysadmins and give mailers heartburn with your MXes
2012-07-03:	The secure web voting problem The well behaved Unix program and job control signals
2012-07-01:	Another cynical take on the nofollow tag
2012-06-30:	What Linux distributions should do to help their Python 3 transitions
2012-06-29:	The magnitude of the migration to Python 3, illustrated More about my issues with DTrace's language
2012-06-28:	Why I don't like implicit string interpolation
2012-06-27:	One root of my problem with GNU Emacs
2012-06-26:	A little gotcha with SSH connection sharing
2012-06-25:	Why sophisticated line editing is not in the kernel
2012-06-24:	My take on fancy editors for programming
2012-06-22:	How the Linux kernel command line is processed (more or less) The effects of DTrace's problems
2012-06-21:	How I want to do redirects in Apache, especially in `.htaccess` files
2012-06-20:	An update on comment spammer behavior here on WanderingThoughts (once again)
2012-06-19:	How I'm doing AJAX with Django in my web app
2012-06-17:	A realization about whether I can contribute to Python development Why our server had its page allocation failure
2012-06-16:	Decoding the Linux kernel's page allocation failure messages
2012-06-15:	How the Linux kernel divides up your RAM
2012-06-13:	Some tricky bits in in-browser form mangling and validation Client side form validation can let people explore their options
2012-06-11:	What bits of a form are useful to check on the client side Choosing how slowly your mailer should time out email
2012-06-10:	The anti-spam implications of email being multiple things in one Modern email is actually multiple things in one system (mailer timeouts edition)
2012-06-09:	Rethinking when your mailer sends 'not-yet-delivered' warning messages
2012-06-08:	An (accessible) explanation of the Flame malware's Windows Update compromise
2012-06-07:	My experience doing a Fedora 17 upgrade with yum: it worked fine
2012-06-06:	A feature that Linux installers should have: restoring your backups
2012-06-04:	Why the TTY line discipline exists in the kernel
2012-06-03:	Another view of the merge versus rebase debate in version control My view on Mercurial versus Git
2012-06-01:	Some things that strike me about Linux and UEFI secure booting The secure boot problem
2012-05-31:	What OSes have succeeded or failed here Thinking about why Solaris has failed here
2012-05-30:	What it means for an OS to succeed or fail
2012-05-28:	Yes, `git add` makes a difference (no matter what people think) How to do a very cautious LVM storage migration
2012-05-27:	Complications in spam filter stats in our environment
2012-05-25:	How CSLab currently does server side email anti-spam stuff (version 2)
2012-05-24:	Today's Mercurial command alias: a short form `hg incoming` How we do milter-based spam rejection with Exim
2012-05-23:	Some notes on using XFT fonts in TK 8.5
2012-05-22:	Our pragmatic experiences with (ZFS) disk errors in our infrastructure
2012-05-21:	More on CISC (well, x86) versus RISC
2012-05-20:	The XFT font naming issue
2012-05-19:	A semi-brief history and overview of X fonts and font rendering technology
2012-05-17:	My Firefox memory bloat was mostly from All-in-One Gestures The Go language's problem on 32-bit machines
2012-05-15:	Some stuff on 'time since boot' timestamps
2012-05-14:	My Firefox 12 extensions and addons
2012-05-13:	My experiment with Firefox Nightly builds: a failure A basic step in measuring and improving network performance
2012-05-12:	The death of paging on the web
2012-05-10:	All your servers should have Linux's magic SysRq enabled
2012-05-09:	Using rsync to pull a directory tree to client machines Things I will do differently in the next building power shutdown (part 2)
2012-05-07:	Third party Linux kernel modules should build against non-running kernels
2012-05-06:	Why I wound up using Django Counting your syndication feed readers
2012-05-05:	Look for your performance analysis tools now
2012-05-04:	Explaining a piece of deep weirdness with Python's `exec`
2012-05-03:	Python scopes and the CPython bytecode opcodes that they use
2012-05-01:	Into the depths of a Python `exec` scope-handling bug
2012-04-30:	Notes to myself about progressive JavaScript
2012-04-29:	The Python language tutorial is a gem My two approaches to learning (programming) languages
2012-04-28:	ZFS and various sorts of read errors
2012-04-27:	The case of the Twitter spam I don't understand
2012-04-26:	When we replace disks in our ZFS fileserver environment
2012-04-25:	Models of providing computing access in a university department
2012-04-24:	Universities and their non-employees
2012-04-23:	My perspective on the 'Bring Your Own Device' controversy
2012-04-22:	I may be wrong about my simple answer being the right one
2012-04-21:	Bash's superintelligent errors about exec failures
2012-04-20:	Sometimes the simple answers are the right ones (a lesson from bash)
2012-04-19:	An interesting experience with IP-based SMTP blocks
2012-04-18:	Why you should never use `file` (or `libmagic`) to identify files
2012-04-17:	`ls -l` should show the presence of Linux capabilities
2012-04-16:	What you need for migrating web content
2012-04-15:	My view on why CISC (well, x86) won over RISC in the end
2012-04-14:	The wiki trap (that we've fallen into)
2012-04-12:	Tanenbaum was wrong in the Tanenbaum-Torvalds debate Hypervisors are not microkernels
2012-04-11:	Faking (or not) a ternary if operator with `&&` and `\|\|`
2012-04-10:	Revisiting checksum functions
2012-04-09:	Understanding hashing in Python
2012-04-08:	My story of running scripts from the web
2012-04-06:	Checksums and hashes Why we haven't taken to DTrace
2012-04-05:	Why I hate having `/tmp` as a tmpfs
2012-04-04:	More on equality in Python (well, mostly Python 2.7)
2012-04-03:	Python's two versions of equality, with a long digression on `hash()`
2012-04-02:	The problem of ZFS pool and filesystem version numbers
2012-03-31:	Our sysadmin environment Why I no longer believe that you need Solaris if you want ZFS
2012-03-29:	Scalable system management is based on principles
2012-03-28:	How I (once) did change management with scripts Ultimately, abuse issues have to be handled by humans
2012-03-26:	Microkernels are quite attractive to academic computer science researchers What it means to become another user on Unix
2012-03-25:	Atom feeds and constrained (web) environments Link: Getting Real About Distributed System Reliability
2012-03-24:	Garbage collection and modern virtual memory systems
2012-03-23:	Sometimes you get lucky
2012-03-22:	The problems of operations and sysadmin heroism
2012-03-21:	My view of where the Unix community is
2012-03-20:	How I use objects in Python
2012-03-19:	A modest suggestion: increase your text size
2012-03-18:	The standard trajectory of a field
2012-03-16:	Parsing versus rewriting: how to tell them apart
2012-03-15:	Part of the cleverness of Unix permissions (a little thought)
2012-03-14:	The right way to do wikitext transitions Configuration management is not documentation, at least not of intentions
2012-03-12:	Why it matters whether your software works when virtualized Why ZFS log devices aren't likely to help us
2012-03-11:	A CBL false positive reveals a significant issue with the CBL
2012-03-09:	Why you do not want to patch your source code in place
2012-03-08:	What I have to run for my custom environment on Fedora 16
2012-03-07:	The hard part of custom environments on Fedora (or any Linux) How not to use Apache's ProxyPass directive
2012-03-05:	Web frameworks should be secure by default Convenience in web frameworks is often insecure
2012-03-04:	Some stuff on Python 2.7.x support periods
2012-03-03:	Two ways I increase the security of SSH personal keys
2012-03-01:	A trick for dealing with irregular multi-word lines in shell scripts
2012-02-29:	SSDs and understanding your bottlenecks The two sorts of display resolution improvements
2012-02-28:	In place migration to Linux software RAID
2012-02-26:	What information I want out of ZFS tools and libraries How much spam is forged as being from who it's sent to?
2012-02-25:	The (future) problem with Python 2.7
2012-02-24:	Blogs and the problem of indexes
2012-02-22:	How I can be wrong about the death of sysadmin jobs
2012-02-21:	Using and understanding Python metaclasses (an index)
2012-02-20:	Why I still have a custom-compiled Firefox My view of where TCL went wrong
2012-02-18:	The most popular sender domains for spam messages sent to here The downside of automation versus the death of system administration
2012-02-16:	Handling modern IPv6 in programming environments
2012-02-15:	The temptation of LVM mirroring A downside of automation
2012-02-13:	The problem with long-term production support of things
2012-02-12:	Some things about changing from old X fonts to modern TrueType fonts Understanding FVWM States, with better FVWM code for selecting terminal windows
2012-02-11:	How I select (terminal) windows from the keyboard in FVWM
2012-02-09:	What supporting a production OS means for me A general point about SSH personal keys
2012-02-08:	Choosing the superblock format for Linux's software RAID
2012-02-06:	The advantage of HDMI for dual displays
2012-02-05:	My view on what will kill 'traditional' system administration Link: Filenames.WTF What five years of PC technology changed for me
2012-02-03:	Understanding a subtle Twitter feature Understanding Resident Set Size and the RSS problem on modern Unixes
2012-02-01:	A ZFS pool scrub wish: suspending scrubs
2012-01-31:	The solution to the modern X font handling mystery Where is Oracle going with Solaris?
2012-01-30:	HTML is not a SGML dialect and never really has been
2012-01-29:	Dealing with Fitts' Law on widescreen displays Thinking about spam rejection and abuse addresses
2012-01-28:	How I use FvwmIconMan
2012-01-27:	Why metaclasses work in Python
2012-01-26:	The drawback of modern X font handling gets mysterious
2012-01-25:	The death of system administration: I'm all for it
2012-01-24:	Why I use `exec` in my shell scripts
2012-01-23:	Every so often, I solve a problem with a hammer
2012-01-22:	My view of the purpose of object orientation
2012-01-21:	The C juggernaut illustrated
2012-01-20:	Another Russ Cox regexp article: How Google Code Search Worked
2012-01-19:	How not to do repeated fields in web forms Let's make it official: Solaris 11 is closed source
2012-01-18:	SOPA and PIPA matter for everyone
2012-01-17:	The first browser blinks on XHTML parsing
2012-01-16:	Understanding `isinstance()` on Python classes What you can find out about the memory usage of your Linux programs
2012-01-15:	Understanding the basic shape of Unix virtual memory management
2012-01-14:	What do we mean when we talk about something's memory usage?
2012-01-13:	Notes on what Linux's `/proc/<pid>/smaps` fields mean
2012-01-11:	A Yum plugin I would like: using a local DVD as a repo source How to use `systemd` to just run some stuff on boot
2012-01-10:	An insight on the purpose of comments: volume control
2012-01-09:	What my physical desk is like
2012-01-08:	The latest annoyance with Google Groups
2012-01-07:	Why you might want multiple keys for disk encryption
2012-01-05:	Nailing down RPM epoch numbers Disk encryption, backups, and your threat model
2012-01-03:	How to lose your data with full disk encryption the easy way The drawback of full disk encryption
2012-01-02:	An example sort that needs a comparison function
2011-12-31:	Why CA-based SSL is not likely to be replaced any time soon My thoughts on the mockist versus classicalist testing approaches
2011-12-30:	Why I don't like Python 3 dropping the comparison function for sorting
2011-12-29:	An empirical exploration of whether spammers take Christmas off
2011-12-28:	Blog entries should have visible dates (usually)
2011-12-27:	Python 3 from the perspective of someone writing new Python code
2011-12-26:	Labs versus offices for sysadmins (or at least us) More wiring for sysadmins: sysadmins and gigabit networking
2011-12-25:	Why office switches plus VLANs aren't the answer for sysadmins
2011-12-24:	Wiring offices for sysadmins
2011-12-23:	Disk space in the modern world
2011-12-21:	Python 3 from the perspective of someone with existing Python code
2011-12-20:	SSH, man in the middle attacks, and public key authentication A little script: `nssh`
2011-12-19:	An advance fee fraud spam aphorism
2011-12-18:	Understanding the `close()` and `EINTR` situation
2011-12-17:	Python 3 from the perspective of a Unix sysadmin
2011-12-16:	Avoiding the classic C quoting bug in your language
2011-12-14:	Practical issues with REST's use of the Accept header What makes backups real Shell functions versus shell scripts
2011-12-13:	I'm on Twitter now DWiki's code is now on Github (among other things)
2011-12-12:	How not to improve your package updater application What debugging info I want from things like SMF and `systemd`
2011-12-11:	`head` versus `sed`
2011-12-10:	ZFS pool activation and iSCSI (part II)
2011-12-09:	A quiet advantage of the systemd approach to service management
2011-12-08:	Another reason sysadmins should program
2011-12-07:	Understanding the Solaris iSCSI initiator (a bit)
2011-12-06:	What I know about boot time ZFS pool activation (part I)
2011-12-05:	Debuggers and two sorts of bugs
2011-12-04:	The current state of GPT, EFI, and Linux
2011-12-03:	Why I have comments here Link: Russ Cox's articles on regular expressions
2011-12-02:	The many ways PCs can dual boot multiple OSes
2011-11-30:	On how PCs boot and hard disk partitioning My mouse button bindings in fvwm, my window manager
2011-11-29:	The alternate screen terminal emulator plague
2011-11-28:	The login name problem
2011-11-27:	Why processing things in inode order is a good idea
2011-11-26:	About the order that `readdir()` returns entries in
2011-11-25:	Python instance dictionaries, attribute names, and memory use
2011-11-24:	About SATA port multipliers
2011-11-23:	The many names of Linux SATA devices
2011-11-21:	A cheap caching trick with a preforking server in Python Mouse scroll wheels versus buttons that you actually want to use The likely cause of my IPSec dropped packet mystery
2011-11-20:	Google Groups fails both anti-spam and basic mailing list management
2011-11-19:	My Liferea crashes are not Liferea's fault
2011-11-17:	The drawback of modern X font handling A classic and standard C quoting bug
2011-11-16:	Solaris is not an enterprise operating system
2011-11-15:	A scroll wheel experiment
2011-11-13:	Thinking about how to test our UPSes A confession about our ZFS configuration
2011-11-12:	(Not) parsing wikitext
2011-11-11:	My view of the right way to copy lists in Python
2011-11-10:	Praise for systemd
2011-11-09:	The disappearance of separate filesystems for `/usr` and `/var`
2011-11-08:	Files and fundamental filesystem activities (on Unix)
2011-11-07:	An IPSec mystery with dropped packets
2011-11-06:	Ubuntu does system disk mirroring right
2011-11-05:	Understanding Apache's Allow, Deny, and Order directives
2011-11-04:	More on my Firefox 7 extensions
2011-11-03:	My Firefox 7 extensions
2011-11-02:	Attention marketers: blog comments are not email
2011-10-31:	Why 'quiet' options to programs aren't as useful as you think Deduplication is always going to be expensive
2011-10-30:	Why we have a VPN
2011-10-29:	Why ZFS dedup is not something we can use
2011-10-28:	ZFS features that could entice us to upgrade Solaris versions
2011-10-27:	A Wikitext formatting mistake that I made here
2011-10-26:	How to fail at useful cryptography: bad error messages
2011-10-25:	A reason not to automate: policy flexibility
2011-10-24:	Salting passwords compared to slow password hashing
2011-10-23:	Boiling frogs and PC performance
2011-10-22:	Fedora 15 versus me
2011-10-21:	How I'm capturing only the last portion of standard error
2011-10-20:	The kind of computer usage I think Gnome 3 is targeting
2011-10-19:	Defending Berkeley's forced choice in network device naming
2011-10-18:	The Ethernet device naming mistake (or one part of it)
2011-10-17:	What I want out of stable device names
2011-10-15:	Why I say Fedora 15 could get my machine's Ethernet's name right The problem with Fedora 15's consistent network device naming
2011-10-14:	Power consumption numbers for my 2011 home machine
2011-10-13:	The problem with event loops
2011-10-12:	The true cost of sysadmin time (actually, of anyone's time)
2011-10-11:	Why people are attracted to minimal language cores
2011-10-10:	Arranging scopes for `for` loops
2011-10-09:	My view of the state of graphics cards for Linux (in fall 2011)
2011-10-08:	My new Linux machine for fall 2011 (planned)
2011-10-07:	Python's philosophy of what closures close over
2011-10-06:	Thinking about event loops versus threads
2011-10-05:	Understanding the motivations of mail service vendors
2011-10-03:	On CPython, cell objects, and closures My idea of how a modern mailing service should work
2011-10-02:	Another comment spam precaution that no longer works out
2011-10-01:	Understanding a tricky bit of Python generators
2011-09-30:	Some thoughts from a close view of catastrophe Unit testing by analogy to scientific hypotheses
2011-09-28:	A multilevel view of DevOps (with more balance) Oracle shows its appreciation for long-term Sun customers again
2011-09-26:	DevOps and the blame problem: an outsider's view
2011-09-25:	How we handle iSCSI device names in Solaris Danger signs for mail senders in SMTP conversations
2011-09-24:	Some recent Google spam problems
2011-09-23:	Python's attribute lookup order
2011-09-22:	An operational explanation of Python types
2011-09-21:	I've surrendered on utm_* query parameters in URLs
2011-09-20:	Why I still comment out code even with a VCS
2011-09-19:	An operational explanation of Python metaclasses (part 4)
2011-09-18:	An operational explanation of Python metaclasses (part 3)
2011-09-17:	An operational explanation of Python metaclasses (part 2)
2011-09-16:	Setting the character encoding for HTML form input
2011-09-15:	How your Linux installer should help you set up filesystems
2011-09-14:	Graphs are not enough (for your monitoring system)
2011-09-13:	'Web of trust' is a security failure
2011-09-12:	An operational explanation of Python metaclasses (part 1)
2011-09-11:	The weakness of the certificate authority model, illustrated
2011-09-09:	You really want to put your switches in server racks Things that could happen to your archives
2011-09-08:	Archival storage in the modern world
2011-09-06:	How not to set up your DNS (part 21)
2011-09-05:	The real reason why true asynchronous file IO is hard
2011-09-04:	Why true asynchronous file IO is hard, at least for reads How some Unixes did shared libraries in the old days
2011-09-03:	The core of modern Unix shared libraries
2011-09-01:	Things I will do differently in the next building power shutdown
2011-08-31:	An interesting debugging experience (another tale from long ago) Who is the audience for a trouble ticket update?
2011-08-29:	Devirtualization Designing services for disengagement
2011-08-28:	The problem with busy sysadmins
2011-08-26:	Why we don't use a trouble ticketing system The problem for WSGI middleware
2011-08-25:	Trouble ticketing systems and the future
2011-08-24:	Why we have a problem with Oracle's Solaris support pricing
2011-08-23:	Reading the tea leaves about Oracle, Solaris, and universities
2011-08-22:	V8's neat encoding trick for type tracking
2011-08-21:	The conflict between caching and tracking on the web
2011-08-20:	Why browsers can't really change or validate `Last-Modified`
2011-08-19:	Visibility: an advantage of automation
2011-08-18:	You should always use `super()`
2011-08-17:	MH is an iceberg
2011-08-16:	An interesting way to shoot yourself in the foot and a limitation of `super()`
2011-08-15:	A bit about what life was like on Unix before shared libraries
2011-08-14:	The tragedy of MH
2011-08-12:	A Gnome 3 shell extensions failure One reason we install machines from checklists instead of via automation
2011-08-11:	Friendly 'noreply' email addresses
2011-08-10:	The 'key plus authenticator' pattern in web apps
2011-08-08:	You need to hash web app session IDs An incomplete list of the ways around MAC address blocking
2011-08-07:	What I want out a Symbol type in Python
2011-08-06:	Gnome 3: I'm out
2011-08-05:	Why sysadmins don't just notify users about compromised machines
2011-08-04:	On banning MAC addresses
2011-08-03:	How I encode and decode the milter protocol (or, how to write a codec for a sane binary protocol)
2011-08-02:	How to make yourself look bad: broken bounce addresses
2011-07-31:	Reference counting and multiple inheritance in (C)Python One of my testing little dirty secrets
2011-07-29:	Deciding the meaning of 'disabling' an account (and the value of procedures)
2011-07-28:	A directory service doesn't make it easy to disable user accounts Another reason why version control systems should support history rewriting
2011-07-27:	Why not YP, er, NIS
2011-07-26:	Disabling an account can be kind of complex
2011-07-25:	The risks of using CentOS are split A little thing that irritates me about common WSGI implementations
2011-07-24:	On documenting (or not documenting) binary protocols
2011-07-23:	What good secure string expansion on Unix should look like
2011-07-22:	String expansion and securely running programs on Unix
2011-07-20:	Why I would like my mailer to have a real programming language (part 2) Our ZFS spares handling system (part 3)
2011-07-18:	Thinking about when SQL normalization can improve performance My view on ORMs
2011-07-17:	Another reason to reject spam at SMTP time: as a signal
2011-07-15:	Ubuntu, illustrating how to utterly fail at kernel security updates Something to remember: HTML forms are anonymous
2011-07-14:	Ramblings on handling optional arguments in Python
2011-07-12:	Why I'm going to be skipping Fedora 15 Some thoughts on creating simple and sane binary protocols
2011-07-11:	`mxiostat`: second generation better Linux disk IO statistics Some things to think about when doing polymorphic WSGI
2011-07-10:	Exploiting polymorphic WSGI again to create `cat`
2011-07-08:	My view on iSCSI performance troubleshooting
2011-07-07:	An interesting gotcha with Exim and `.forward` processing How Exim makes traditional .forward semantics work
2011-07-06:	Our solution to the spam forwarding problem
2011-07-05:	Another reason to allow mail origin address forgery
2011-07-04:	Our ZFS spares handling system (part 2)
2011-07-03:	Why Ubuntu's PAM versioning failure matters
2011-07-02:	Dear Googlebot: SMTP is not HTTP
2011-06-30:	Some ways to test if a program securely runs other programs Please have symmetric option negotiations in your protocols
2011-06-29:	Our ZFS spares handling system (part 1)
2011-06-28:	How to securely run programs from inside your program on Unix
2011-06-27:	Formatting information output to make it easy to manage
2011-06-26:	Design systems to be managed
2011-06-25:	A small wish about parked and squatted domains
2011-06-23:	Milter tools for Python and an experiment with coding in public The ZFS opacity problem and its effect on manageability
2011-06-22:	A basic Namespace metaclass for Python Abusing Python classes as namespaces
2011-06-20:	It's long since time for languages to provide sensible network IO What I need for stream decoding and encoding binary protocols
2011-06-19:	The Unix shell initialization problem and how shells should work
2011-06-18:	My `xdm` heresy
2011-06-17:	cgroups: so close and yet so far away from per-user fair scheduling
2011-06-16:	My three sorts of (Linux) desktops
2011-06-15:	The persistence of spammers, illustrated
2011-06-14:	A package dependency failure in Fedora 15
2011-06-13:	An example of the evolution of a real network
2011-06-12:	Noting some wandering thoughts on the occasion of an anniversary Why `[]`, `{}`, and `()` are cheap in Python
2011-06-11:	Some notes on `__slots__` and class hierarchies
2011-06-10:	What `__slots__` are good for (or, how to use slots to save memory)
2011-06-09:	My issues with Chrome's handling of extensions More impressions of Google Chrome
2011-06-08:	OpenBSD pf rule numbers and tcpdump filtering
2011-06-07:	Databases as a compromise damage limiter in web applications
2011-06-06:	How much space a Python dictionary entry uses
2011-06-05:	A subtle difference between tuples and lists in CPython
2011-06-04:	Sometimes having a system programmer around is the right answer
2011-06-03:	Ints, `__slots__`, and Python 3
2011-06-02:	My understanding of SQL normalization
2011-05-31:	The programmer's problem with WikiText systems How to fail at versioning
2011-05-30:	My recent experience with Firefox's speed
2011-05-29:	Getting the stages of the class namespace straight
2011-05-28:	The stickyness of Fedora 8 (despite my better intentions)
2011-05-26:	You can get 'stale filehandle' errors for local files on extN filesystems
2011-05-25:	More not supporting random query parameters in URLs How Django's form field ordering works
2011-05-24:	Proper SQL database design versus the real world
2011-05-23:	An aside on RAID-5/RAID-6 and disk failures
2011-05-22:	Why losing part of a striped RAID is fatal even on smart filesystems
2011-05-21:	One of my irritations: outgoing email that was scored as spam
2011-05-20:	Why the kernel does `mmap()` (beyond efficiency)
2011-05-19:	One limitation of simple bisection searches in version control systems
2011-05-18:	Why open source projects should use '`git rebase`' or the equivalent
2011-05-17:	What we could use 10G Ethernet for in the near future
2011-05-16:	How our network is implemented (as of May 2011)
2011-05-15:	The most interesting reason for an unrouted sandbox network
2011-05-14:	Our environment illustrated: what network cable colours mean what
2011-05-13:	Our network layout (as of May 2011)
2011-05-11:	How ZFS lets you recover from damaged metadata, and what the limitations are
2011-05-10:	An important way to get ZFS metadata corruption A brief summary of how ZFS updates (top-level) metadata The different ways that you can lose a ZFS pool
2011-05-09:	X and the misleading claim of 'mechanisms not policy'
2011-05-08:	Fvwm as a window manager construction kit
2011-05-07:	Email has two faces today
2011-05-06:	A realization about cache entry lifetime and validation
2011-05-05:	Thinking about when not disabling iSCSI's InitialR2T matters
2011-05-04:	Why `xterm`'s cut and paste model is non-standard and limited
2011-05-03:	The importance of `xterm` for X Windows
2011-05-02:	The apparent origins of some odd limitations in the iSCSI protocol
2011-04-30:	Our likely iSCSI parameter tuning
2011-04-29:	Understanding the iSCSI protocol for performance tuning
2011-04-28:	How CPython implements `__slots__` (part 2): access
2011-04-27:	Mail rejection stats for our external mail gateway Some notes on what `__dictoffset__` on types means in CPython
2011-04-26:	A quick look at some spam filtering stats from our system
2011-04-25:	An important note about multi-line log message formats
2011-04-24:	Notes to myself on the priorities of Linux routing policy rules
2011-04-23:	The Upstart dependency problem
2011-04-21:	Nailing down new-style classes and types in Python How CPython implements `__slots__` (part 1): storage
2011-04-19:	Another reason to avoid using `__slots__` in your Python classes A difference between Python 'structs' and C structs
2011-04-18:	What made X Windows so special
2011-04-17:	The ultimate (for now) answer for our ZFS ARC size problem
2011-04-16:	Cache validators versus cache invalidation
2011-04-15:	Why a dynamic website with caching is simpler than a baked site
2011-04-14:	More on baking websites to static files and speed
2011-04-13:	Some common caching techniques for dynamic websites
2011-04-11:	You don't need to bake your site to static files to be fast The importance of test suites for standards
2011-04-10:	The evolution of the git tree format
2011-04-08:	An example of modifying a Firefox extension
2011-04-07:	Why I don't like Solaris boot archives, illustrated
2011-04-06:	Monkey subclassing for fun and profit
2011-04-05:	The story of leaving N% of your filesystem unused for performance
2011-04-04:	Why logging to syslog is different than logging to standard error Logs are not just streams
2011-04-03:	Please don't alert based on percentages
2011-04-02:	How to use `gdb` to call `getpeername()`
2011-03-31:	A slightly unobvious trap with '`from module import *`' A really annoying gap in system observability
2011-03-30:	A realization about code complexity and clarity
2011-03-28:	Why you should avoid '`from module import whatever`' The problem with contributing documentation to projects
2011-03-27:	Some thinking on proliferating web standards
2011-03-26:	How not to issue Linux kernel security update notices
2011-03-25:	Sending email via a SMTP connection considered harmful
2011-03-24:	XHTML and web authoring folklore
2011-03-22:	How to add and use additional fields on Django model formsets Some notes on doing things with Django model formsets
2011-03-21:	Why XHTML was doomed from the beginning
2011-03-20:	The devil's advocate argument against paying attention to web standards
2011-03-19:	The two sides of (PPPoE) DSL service
2011-03-18:	How to configure a (PPPoE) DSL connection on a normal Fedora 14 Gnome desktop
2011-03-17:	The timing of production Linux deployments
2011-03-16:	Thinking about our alternatives to Solaris
2011-03-15:	Our uncertain future with Solaris 11
2011-03-14:	Why growing IPv6 usage is going to be fun, especially for sysadmins
2011-03-13:	Why programs traditionally used sparse files on Unix
2011-03-12:	Trust betrayed: a story of modern email
2011-03-11:	What tools I use to deal with email
2011-03-10:	What we did to get iSCSI multipathing working on Solaris 10 update 8
2011-03-09:	Why feed readers have been a geek flash in the pan
2011-03-08:	My personal hard drive capacity curve inflection point
2011-03-07:	What terminal emulators I use when
2011-03-06:	A fun Linux kernel pty problem, or maybe it's not a problem
2011-03-05:	FastCGI's encoding mistakes and how not to design a wire protocol
2011-03-04:	Why I call FastCGI complex and SCGI much simpler
2011-03-02:	The POSIX shell and the three sorts of Unixes Filtering, email, and differences from Usenet
2011-02-28:	The evolution of filtering (a story from the Usenet era) The slowdown of Solaris here
2011-02-27:	Django's forms are security-smart the way you want them to be
2011-02-26:	A belated realization about web spiders and your page cache
2011-02-25:	Why I am not enthused about ZFS for my root filesystem
2011-02-23:	Handling variations of a page (or, the revenge of REST) A quick tour of my desktop
2011-02-22:	Why I want read-only form fields in Django
2011-02-21:	How to get automatic volume management on Fedora 14 without Gnome
2011-02-20:	What windows I use window titlebars on
2011-02-19:	My view on window titlebars and when they are good and bad
2011-02-18:	Another building block of my environment: `xrun`
2011-02-17:	My latest crazy plan to upgrade my home Linux machine
2011-02-16:	The myth of isolated, independent sysadmins
2011-02-15:	More on an advantage of the blog approach to web writing
2011-02-14:	Thinking about misunderstandings (in systems)
2011-02-13:	A humbling experience with '`#`' characters in filenames
2011-02-12:	An advantage of the blog approach to web writing versus the wiki approach
2011-02-11:	The letdown
2011-02-10:	Using Django forms with HTTP GETs
2011-02-09:	On flow (a digression)
2011-02-08:	Thinking realistically about SQL database field sizes
2011-02-07:	My brute force email archive
2011-02-06:	Dear Unix mailers: please allow more forgery
2011-02-05:	A side note on Google Chrome and the future of HTML
2011-02-04:	Why people put NFS mounts in subdirectories
2011-02-03:	The real lesson of XHTML
2011-02-02:	Django and primary keys versus surrogate keys My issues with primary keys are not Django specific
2011-01-31:	There are two sorts of standards in the world A little advantage of Django's automatic primary keys
2011-01-30:	An obvious realization about SQL foreign keys
2011-01-29:	Two things I have discovered about Django schema design The amusement of minimalist spam
2011-01-28:	On programming (and me)
2011-01-27:	Not very much about Solaris NFS filehandles
2011-01-26:	The various ways of writing a modern Python web app
2011-01-25:	The modern Python web application stack (as I understand it)
2011-01-24:	Poison pills, a tale of interrupts versus highly structured systems
2011-01-23:	The question of how long our greylisting interval should be
2011-01-22:	The clash between wikis and blogging
2011-01-21:	A bit more on listing file locks on Solaris 10
2011-01-20:	Something I've worked out about Django's admin interface
2011-01-18:	What I am trying to do with Django
2011-01-17:	Wrestling with how to design a schema for a Django app
2011-01-16:	More on Linux FHS and `/var` Why I don't use either a thin client or a fat client
2011-01-15:	Linux's FHS is not the right answer for where to put data directories
2011-01-14:	Wikis are not a simple solution for blogging
2011-01-13:	One of SELinux's problems is that it's a backup mechanism
2011-01-11:	My problem with SELinux The optimistic view of SELinux's real purpose
2011-01-10:	Why really high computer security is not interesting to most people
2011-01-09:	What would be nice for SSL is out-of-band certificate binding
2011-01-08:	Finding out if you've been hit by careful, clever spammers
2011-01-07:	More modest suggestions for bug trackers
2011-01-06:	An appreciation for the Posix `$( )` command substitution syntax
2011-01-05:	An actual use for the CSS overflow property
2011-01-04:	A new building block of my environment: dmenu
2011-01-03:	On improved but less functional versions of things
2011-01-02:	Why there is a gulf between shells and scripting languages
2010-12-31:	The only way to really be secure with SSL One group that can sensibly use non-GPL'd Linux kernel modules
2010-12-30:	Why you need `select()` even with communication channels
2010-12-29:	Spam as a tax on public participation in open source projects
2010-12-28:	A modest proposal for fixing your bug tracker
2010-12-27:	Users don't care about security
2010-12-26:	A lesson for myself: write tests. Really.
2010-12-25:	Garbage-collected languages and memory allocation failures
2010-12-24:	The jurisdiction problem with making SSL CAs liable for things
2010-12-23:	More on the Unix interpreter startup problem
2010-12-22:	The Unix interpreter problem(s)
2010-12-21:	Why I want tests to be easy to write
2010-12-20:	I don't understand how to test complex data structures
2010-12-19:	A tale of memory allocation failure
2010-12-17:	A Python (non-)idiom that I should really avoid Sometimes bugs have very small edit distances
2010-12-16:	The elements of a non-event
2010-12-15:	Always remember that people make mistakes
2010-12-13:	Fumbling towards understanding how to use DRBD A program that I want to write: a 'sink' SMTP server
2010-12-12:	One problem with the files-in-directory approach to configuration
2010-12-11:	The danger of having system programmers around, illustrated
2010-12-10:	How to get sysadmins to never use your software again
2010-12-09:	A small request for C programmers: no static locals
2010-12-08:	Exploring a limitation of the DTrace fbt provider (on x86)
2010-12-07:	More on https as a necessary mistake
2010-12-06:	What performance anomalies mean
2010-12-05:	A log message format mistake that I've made
2010-12-03:	Asking users questions never increases security Why https was a mistake, but an inevitable one
2010-12-02:	My view of OpenSolaris and Illumos
2010-11-30:	A modest idea on how to get people to use Fedora Rawhide
2010-11-29:	Why low quality encryption is not better than no encryption Why 10G Ethernet is not a near-term issue for us
2010-11-28:	Why I am harsh on Solaris Live Upgrade and similar tools
2010-11-27:	Why I'm not really interested in Solaris's Live Upgrade stuff
2010-11-26:	My view on Wayland replacing X in Linux
2010-11-25:	An example of the progress of the modern web
2010-11-24:	My oddly inconsistent caution (or paranoia) with email addresses
2010-11-22:	Where to find the Illumos source repository
2010-11-21:	Why I think some coding tricks are especially damaging
2010-11-20:	Why I avoid DSA when I have a choice More on those Python import oddities
2010-11-18:	My current Apache SSL cipher settings Thinking about how long our infrastructure will last
2010-11-16:	When good ideas go bad: how not to do a file chooser dialog
2010-11-15:	The language dilemma for production software
2010-11-14:	Four reasons to have a firewall The ordering of SSL chain certificates
2010-11-13:	How `os.path` exposes some Python import weirdness
2010-11-11:	The changing assumptions about viruses in email Some `yum` tricks with `distro-sync` and `--releasever`
2010-11-09:	Directory link counts and a `find` trick
2010-11-08:	A `find` optimization and a piece of history, all in one When Linux's rp_filter might make sense
2010-11-07:	When you should care about security
2010-11-06:	Modern versions of Apache and `Redirect`
2010-11-05:	GNU sort and `-k`: a gotcha
2010-11-04:	What we (currently) use virtualization for
2010-11-03:	One reason that I call us a midsized environment
2010-11-01:	Redirecting from HTTP to HTTPS is a bad security idea
2010-10-31:	How I run two Firefoxes at once and still have remote control How I set up my isolated testing Firefox environment
2010-10-30:	A very convenient trick: having a testing browser
2010-10-29:	What problems the Maildir mail storage format solves
2010-10-27:	An extra problem with not documenting things in open source modules A modern VCS mistake enabled by working on live trees
2010-10-26:	Why Python's struct module isn't great for handling binary protocols
2010-10-24:	Why we built our own ZFS spares handling system Why I'm interested in Go
2010-10-23:	My issues with Go's net package
2010-10-22:	My theory on Unix's one chance to have a standard GUI
2010-10-21:	The problems with testing for round-trip capable codecs
2010-10-20:	Round-trip capable character encodings in Python
2010-10-18:	A module that I want in the standard library: Parsing The cache eviction death spiral
2010-10-17:	Read IO is generally synchronous (unlike write IO)
2010-10-16:	The attraction of the milter protocol
2010-10-15:	How big our fileserver environment is (part 2)
2010-10-13:	How big our fileserver environment is (part 1) Why visited links being visible is important for blog usability
2010-10-12:	Why non-linear directories have not been popular in filesystems
2010-10-11:	The Unix directory problem and the history of directories
2010-10-10:	Fixing Upstart's coupling of startup script presence and activation
2010-10-09:	An illustration of how careful and clever spammers are today
2010-10-08:	Why I am unhappy with Upstart right now
2010-10-07:	In universities, you often buy hardware when you can
2010-10-06:	What is going on with Samba's POSIX locking on NFS on Linux
2010-10-05:	Why people combine NFS with Samba servers
2010-10-04:	Linux, Samba, NFS, and POSIX locking
2010-10-03:	An API mistake Unix has made several times
2010-10-02:	ZFS resilvers are a whole-pool activity
2010-09-30:	Stopping kernel updates on Ubuntu A lot of my bugs are conceptual oversights
2010-09-29:	A surprise about random IO versus unnecessary IO
2010-09-27:	Why there is no POSIX standard for a Unix GUI Why Grub2 doesn't solve my Ubuntu kernel problem
2010-09-26:	The problems with OpenSolaris
2010-09-25:	How Usenet used to be a filesystem stress test
2010-09-24:	Frames were never necessary for menus and tables of contents
2010-09-23:	Why things should be in Python's standard library
2010-09-22:	The mysteries of video cards for Linux
2010-09-20:	Dear Solaris boot sequence: SHUT UP
2010-09-19:	Your on the fly control system should not use toggles Some notes on (dynamic) Bind 9 logging
2010-09-18:	Another reason why I don't like Ubuntu kernel packaging
2010-09-17:	More on the module selection problem
2010-09-15:	Why I like modules to be in the Python standard library An overview of the Debian and RPM source package formats
2010-09-14:	A confession: I find third party modules awkward in Python
2010-09-13:	Why you want a recursive-forwarding caching nameserver
2010-09-12:	Keyword expansion: why RCS rewrites files when you commit them One aspect of getting used to modern version control
2010-09-11:	A simple thing that every package management system should have
2010-09-10:	Go's network package and IPv6 (and my ideal version thereof)
2010-09-09:	Go, IPv6, and single binding machines
2010-09-07:	My new view of DomainKeys
2010-09-06:	Sorting out DomainKeys and understanding its limits
2010-09-05:	An observation from changing my password A plan to deal with my feed reader problem
2010-09-04:	The laziness of a programmer, illustrated
2010-09-03:	Finally understanding the attraction of AJAX
2010-09-02:	Why Python's `global` is necessary
2010-08-31:	I don't understand how `net.ipv4.conf.*.rp_filter` can work
2010-08-30:	My avoidance of Python global variables
2010-08-29:	A Bourne shell irritation: no wildcard matching operator How many uberblock copies ZFS writes on transaction group commits
2010-08-28:	The different between an SMTP proxy and a SMTP relay
2010-08-27:	My impressions of Google Chrome so far
2010-08-25:	A Windows moment on my laptop The limitation of templates for web design changes
2010-08-24:	A design mistake in my comments form
2010-08-23:	Why I hate the Solaris 10 version of `/bin/sh` My (probably wrong) assumption about Flash on Fedora
2010-08-22:	Another reason to hate `$LANG` and locales on Unix
2010-08-21:	A sudden realization about Unix access time updates and disk mirrors
2010-08-20:	A clever blog anti-usability trick
2010-08-19:	Getting Flash to work on my upgraded 64-bit Fedora 13 machine
2010-08-18:	Please, no automatic scrolling to the next item
2010-08-17:	The two sorts of Referer spam that I see
2010-08-16:	What OpenSolaris's death probably means for us
2010-08-15:	Why I change font sizes
2010-08-14:	What I want in a caching nameserver
2010-08-13:	PPP over ssh: solving problems with indirection
2010-08-12:	Many programs should provide an easy way to change font size
2010-08-11:	You should have a way to purge history
2010-08-10:	Upgrading to Fedora 13 with my first yum upgrade
2010-08-08:	The joy of debugging other people's programs A personal view of the Fedora versus Ubuntu issue
2010-08-07:	Why buying a Linux machine is not such a simple thing
2010-08-06:	A thing I miss in the modern X world: command line arguments
2010-08-05:	Doing unsigned 32-bit integer math in Python
2010-08-04:	Good Solaris news from Oracle for once
2010-08-02:	How OpenBSD's pf `source-hash` maps internal IPs to NAT pool IPs
2010-08-01:	The consequence of Oracle's Solaris decisions
2010-07-31:	The other peculiar effects of grant funding at universities It's the indirect failure modes that will get you
2010-07-30:	A little modern Unix twitch
2010-07-29:	Some brief notes on OpenSSH's known_hosts hashing
2010-07-28:	My Fedora 8 problem: upgrading
2010-07-27:	What I would now do differently in a file based blog engine
2010-07-25:	Why sysadmins almost never replace distribution packages iSCSI versus NFS
2010-07-24:	Thinking about the implications of your program being successful
2010-07-23:	A realization about why my inbox keeps being my to-do tracker
2010-07-22:	Why keeping `/etc` under version control doesn't entirely help
2010-07-21:	The easy way to do fast OS upgrades
2010-07-20:	The sysadmin view of messages from programs
2010-07-19:	Why blog calendar widgets are bad
2010-07-18:	How I solve the `configure` memory problem
2010-07-17:	More building blocks of my environment: `tkrxterm`, `tkssh`, and `pyhosts`
2010-07-16:	Realistic blog usability
2010-07-14:	Making the Linux kernel shut up about segfaulting user programs The challenges of shared spares in RAID arrays
2010-07-13:	Sun Support's habit of publicizing private bug reports Single-level list flattening in Python
2010-07-12:	On (not) logging calculated statistics
2010-07-11:	When is using SQL the right answer?
2010-07-10:	People forget exceptions
2010-07-08:	Unix programs should avoid exiting non-zero for clever reasons
2010-07-07:	A gotcha with the Bourne shell's `set -e` and `&&`
2010-07-06:	How `zpool status` reports on ZFS scrubs and resilvers ZFS scrubs and resilvers are not sequential IO
2010-07-05:	A thesis: noisy email addresses are dead
2010-07-03:	`/u`, one of our long-standing Unix customizations Returning to the era of 'duplicated' Ethernet addresses
2010-07-02:	A gotcha with Python's `socket.htonl()` and `ntohl()` A corollary to the limits of anti-spam precautions
2010-06-30:	An update on comment spammer behavior here on WanderingThoughts
2010-06-29:	Converting between IPv4 addresses and 32-bit integers in Python There is such a thing as too much SQL (a reminder to myself)
2010-06-28:	The great irritation of hidden access controls
2010-06-27:	How we propagate password information in our fileserver infrastructure
2010-06-26:	The Unix system UID and login name problem
2010-06-25:	Python class definitions can be nested
2010-06-24:	The elements of fileserver infrastructure
2010-06-23:	The advantages of separate machines for separate things
2010-06-22:	Why feed readers are not good for skimming things
2010-06-21:	Applying low distraction design to alerting systems
2010-06-20:	How my mail notifier avoids interrupting me
2010-06-19:	Don't make your 'I am processing' animation too complex
2010-06-18:	ZFS and multi-pool shared spares
2010-06-17:	One reason why I prefer browser windows to browser tabs
2010-06-16:	The problem of testing firewall rules changes
2010-06-14:	The practicalities of non-GPL'd Linux kernel modules A thought on feed readers versus the social web
2010-06-13:	A (surprising) missing Unix tool program
2010-06-12:	iSCSI Enterprise Target 1.4.20.1 and disk write caches (and ZFS)
2010-06-11:	What I know about ZFS and disk write caches
2010-06-10:	What an iSCSI Enterprise Target kernel message really means
2010-06-09:	The challenge of analyzing NFS packet traces
2010-06-08:	Focusing on what you actually need in a program
2010-06-07:	One problem with testing system changes
2010-06-06:	The quiet death of postmaster@anywhere
2010-06-04:	How to set up your module exceptions to be useful How disk write caches can corrupt filesystem metadata
2010-06-02:	A ZFS feature wish: rewriting read errors
2010-06-01:	My sad little irritation with Twitter
2010-05-31:	Another building block of my environment: `sshterm`
2010-05-30:	The end of university-provided email is probably nigh
2010-05-29:	UPSes: defense against problems, or sources of them? Some comments on spam scoring and anti-spam tools in general
2010-05-28:	Why I am really unhappy with ZFS right now: a ZFS import failure
2010-05-27:	One benefit of relying on third-party (anti-)spam filtering
2010-05-25:	Watch out for quietly degrading SATA disks
2010-05-24:	Give your personal scripts good error messages
2010-05-23:	Replacing modules for testing (and fun)
2010-05-22:	How I fixed Google's search results redesign Why I'm wrong about what sort of APIs C's stdargs allows
2010-05-21:	An example of an API that you can't do with C stdargs
2010-05-20:	The limitations of C's varargs support
2010-05-19:	Why RPM's `.rpmnew` files don't work in practice
2010-05-18:	An illustrated example of how not to do package updates
2010-05-16:	You should also document why you didn't do attractive things A theory about our jumbo frame switch firmware bug
2010-05-15:	Why we don't use jumbo frames for iSCSI: a cautionary tale on testing
2010-05-14:	A sysadmin mistake: shooting your virtual foot off
2010-05-13:	Python exceptions for C programmers
2010-05-12:	'Borrowing' IPv4 netblocks to get around address space exhaustion
2010-05-11:	Retrospectives are uncommon
2010-05-10:	A little `vi` twitch
2010-05-09:	Why diskless Unix machines lost out
2010-05-08:	SSL certificate vendors are selling a commodity
2010-05-06:	Oracle's future for Sun's hardware and OS business is now clear The right way and the wrong way to disable init.d services
2010-05-05:	The right way to fix ZFS disk glitches (at least for us)
2010-05-04:	Dear software packagers, startup scripts edition
2010-05-03:	Keeping track of filesystem consistency
2010-05-02:	A brief history of `fsck`
2010-04-30:	A rule of thumb: Automate where you can make mistakes Never kill the screen locker
2010-04-29:	How you access an object can be important in Python
2010-04-28:	Altering a Python function's local variables with a trace function
2010-04-27:	Evolving our mail system step 1: adding an external mail gateway
2010-04-26:	How we moved from a black-box mailer configuration to a white-box one
2010-04-25:	An observation about Twitter (and Google)
2010-04-24:	Evolving our mail system: the overview and our goals
2010-04-23:	What per-partition disk IO stats you get from the Linux kernel
2010-04-22:	The latest Solaris licensing and support rumbles
2010-04-21:	The advantage of garbage collection for APIs
2010-04-20:	Standard format Unix errors in Python programs
2010-04-19:	Why you don't want to host your MTA machine in the cloud
2010-04-18:	I think it's time to turn off automatic periodic ext3 fscks
2010-04-17:	The 30 second elevator pitch on HTML 4.01 (vs XHTML)
2010-04-16:	How to write to stderr so people will like you
2010-04-15:	The standard format Unix error messages
2010-04-14:	The myth of a completely shared knowledge base across sysadmins
2010-04-13:	The impact of single-disk slow writes on mirrors (and other RAID arrays)
2010-04-12:	The importance of figuring out low-level symptoms of problems
2010-04-11:	The comedy potential inherent in people reusing your address space
2010-04-10:	Why commands can never afford to get it wrong in a version
2010-04-09:	The processing flow of a network copying program
2010-04-08:	A little script: `sshup`
2010-04-07:	Our current mail system's configuration
2010-04-06:	How not to set up IP aliases on Ubuntu (and probably Debian)
2010-04-05:	An important thing about how ZFS handles spares
2010-04-04:	The problem with header and footer overlays on web pages
2010-04-03:	A DVCS advantage for open source development
2010-04-02:	Notes on the compatibility of crypted passwords on various Unixes
2010-03-31:	Looking back at a year of our disk-based backup system Remote applications and Gnome settings: an irritation
2010-03-30:	One possible future for Solaris
2010-03-29:	More signs of Oracle's view of Solaris My theory on why our worklogs work for us
2010-03-28:	The evolution of checklists in my work
2010-03-27:	Testing in the face of `popen()`
2010-03-26:	Tkinter sometimes has a busy-wait main loop (more or less)
2010-03-25:	The problem with overly verbose package installation
2010-03-24:	One reason why '`zpool status`' can hang
2010-03-23:	No DSL is 'human-readable' as such
2010-03-22:	Why I exploit Python to shim modules for testing purposes
2010-03-21:	The power of 'I like this' in social applications
2010-03-20:	Web analytics versus `GET` parameter security
2010-03-19:	The problem with general purpose languages as configuration languages
2010-03-17:	How Solaris 10's `mountd` works Another building block of my environment: `rxterm`
2010-03-16:	The Solaris 10 NFS server's caching of filesystem access permissions
2010-03-15:	How to create pointless error reports (and how not to)
2010-03-14:	Space and content
2010-03-13:	A surprising lack: milter clients
2010-03-12:	End results versus what's inside the black box
2010-03-11:	Why the pam_mail PAM module is not my friend
2010-03-10:	Mythology about Unix workstations
2010-03-09:	How not to design an API (in C): the `enum` ordering mistake
2010-03-08:	Exceptions versus error return values
2010-03-07:	Why I don't expect third-party support for OpenSolaris
2010-03-06:	Pushing code changes upstream is hard work
2010-03-05:	PCs are (or can be) Unix workstations
2010-03-04:	You want to do spam forwarding on a separate machine
2010-03-03:	All syndication formats use XML
2010-03-02:	A building block of my environment: `rxexec`
2010-02-28:	Why XML is terrible for configuration files The dividing line between supporting code and forking it
2010-02-27:	An 'email marketing' wish
2010-02-26:	The remaining Unixes (and their manpages)
2010-02-25:	Reading the Oracle tea leaves for Solaris
2010-02-24:	How to listen on a socket in the modern IPv6-enabled world
2010-02-23:	What Linux's `getaddrinfo()` is doing with IPv6 (on some versions)
2010-02-22:	Unix portability and scripting language versions
2010-02-21:	It's sinking in that Sun is gone
2010-02-20:	Viral marketing versus word of mouth marketing
2010-02-19:	Using `socket.getaddrinfo` to look up IP addresses
2010-02-18:	Some notes on using `socket.getaddrinfo()`
2010-02-17:	The purpose of configuration files
2010-02-16:	A Linux gotcha about daemons and `bindv6only`
2010-02-15:	IPv6 with Lighttpd on Linux
2010-02-14:	Brief notes on IPv6 support in some Linux programs
2010-02-13:	Some stuff on dual-bound IPv6 sockets on Linux
2010-02-12:	The many IPv6 addresses of an IPv4 machine
2010-02-11:	Forcing your webpage content to scroll is generally a bad idea
2010-02-10:	Beware of using Linux's `hostname -s` switch Some thoughts about 6to4
2010-02-09:	Why your program should have an actual configuration file
2010-02-08:	A thought on deliberately slow disaster recovery
2010-02-07:	The problem with blog footnotes
2010-02-06:	Why a laptop is not likely to be my primary machine any time soon
2010-02-05:	Emergency procedures checklists need check steps
2010-02-03:	Outdated documentation is especially risky for sysadmins Link: Pollution in 1.0.0.0/8 How to destroy people's interest in updating documentation
2010-02-02:	What charging credit cards doesn't prove
2010-01-31:	More vim options it turns out that I want Thinking about syndication feeds and spoilers
2010-01-30:	I'm puzzled about DNS glue records in the modern world
2010-01-29:	A theory about Apple's new iPad
2010-01-28:	Always sign exactly what you are authenticating
2010-01-27:	AT&T's mad unbundling and the damage it did to Unix
2010-01-26:	Why the modern age is great
2010-01-25:	You can only really expire cookies on the server
2010-01-24:	How I should have done password crypto for DWiki
2010-01-23:	A Python safety tip: Do notice that things can throw exceptions
2010-01-22:	Three ways to get tracebacks in your CGI Python application
2010-01-20:	The argument for not managing systems via packages One of the things that killed network computers (aka thin clients)
2010-01-19:	OpenSolaris versus Solaris
2010-01-18:	More on mismatched sectors on Linux software RAID mirrors
2010-01-17:	I do not like Unix's fossilization
2010-01-16:	Different visions of what packaging systems are for
2010-01-15:	Packaging systems should support overlays
2010-01-14:	Packaging systems should be comprehensive
2010-01-13:	One reason why you should not let people register other people
2010-01-12:	How systems get created in the real world
2010-01-11:	In praise of `crash` (and kernel source)
2010-01-10:	Why the Solaris packaging system is bad
2010-01-09:	Patch management is part of package management
2010-01-08:	A brief and jaundiced history of Unix packaging systems Interesting things can happen when you scale things up
2010-01-06:	A theory on why most browsers control their own list of CA roots The department's model for providing computing support
2010-01-04:	Some thoughts on battery backup for RAID controller cards Turning synchronous channels asynchronous
2010-01-03:	Go interfaces are not my sort of interfaces
2010-01-02:	Proper disclosure, or how not to be a comment spammer
2010-01-01:	Brief bits from the evolving ipsCA failure
2009-12-31:	Why free things are so attractive in universities Look at your pull-based system for things that push
2009-12-30:	Real world support periods are shorter than they look
2009-12-29:	Solaris is not open source
2009-12-28:	The annoying timing of future SSL certificate renewals
2009-12-27:	Some OpenSSL and SSL certificate basics
2009-12-26:	Things that limit the performance of hardware acceleration
2009-12-25:	Linux's non-strict overcommit is the right default
2009-12-24:	The advantages of open source software RAID
2009-12-23:	Another demonstration of SSL Certification Authority (in)competence
2009-12-22:	How not to set up your DNS (part 20) Do you have a network layout diagram? Using OpenID for local web application authentication
2009-12-20:	Some things about getting useful output from `time` Some thoughts on intercepting https traffic
2009-12-19:	Local CAs and an interesting consequence of the SSL security model
2009-12-18:	Secure or useful: pick one
2009-12-17:	The good and bad of SQL
2009-12-16:	How Linux software RAID is making me grumpy right now
2009-12-15:	The high costs of true security paranoia in the face of compromises
2009-12-13:	Sysadmin versus developer uses of version control systems Mercurial versus git for sysadmins, or why we picked Mercurial
2009-12-12:	You should always be able to get a program's version and basic usage
2009-12-11:	A wish for KVM virtualization: simple bridged networking
2009-12-10:	How not to copy a file to standard output in Python
2009-12-09:	My views on inheritance versus interface
2009-12-08:	Why I am not enthused about etckeeper and similar systems
2009-12-07:	Why whitelists (and blacklists) are long-term poison for online systems
2009-12-05:	Overcoming the drawbacks of preforking `accept()` servers What version of Python is included in various current OSes
2009-12-04:	Learning from Unicorn: the `accept()` thundering herd non-problem
2009-12-02:	The problem with the OpenSolaris source repository The mixed directory/unrelated files VCS problem
2009-11-30:	Using content hashing to avoid the double post problem Poking around the OpenSolaris codebase (for sysadmins)
2009-11-29:	In security, you need to stop the root mistake
2009-11-28:	'Conditional restart' in init.d scripts can be dangerous
2009-11-27:	Modern version control systems change your directory layouts
2009-11-26:	Some notes for myself on `git bisect`
2009-11-25:	Why I love Unix, number N (for some N)
2009-11-24:	An important lesson for me on Fedora upgrades
2009-11-23:	Converting a directory from RCS to Mercurial My current unhappy thoughts on Fedora 12
2009-11-22:	RCS versus modern version control systems
2009-11-21:	An update on faulted ZFS spares
2009-11-20:	Spam and the attraction of reach
2009-11-19:	The corollary for effective anti-spam heuristics
2009-11-18:	Universities are open environments
2009-11-17:	Finally understanding the appeal of 'Interfaces'
2009-11-16:	'Is-a' versus 'is-a-descendant-of'
2009-11-15:	A limitation of Python types from C extension modules
2009-11-14:	How to defer things in Exim
2009-11-13:	(Ab)using Exim routers for their full power
2009-11-12:	What makes Exim work as a mailer construction kit
2009-11-11:	For universities, the Internet world has fundamentally changed
2009-11-10:	HTML5 may end up giving us real, working XHTML
2009-11-08:	My problem with the obvious solution to my unexposed types problem
2009-11-07:	Solving unexposed types and the limits of duck typing A gotcha with Bash on Ubuntu 8.04
2009-11-06:	A shell script thing that I have learned the hard way
2009-11-05:	Why the NFS client is at fault in the multi-filesystem NFS problem
2009-11-04:	The cause of the multi-filesystem NFS export problem
2009-11-02:	Are security bugs always code bugs? XHTML vs HTML5
2009-10-31:	My thoughts on why invented standards succeed or fail The risk continuum for standardization success
2009-10-30:	Understanding hash length extension attacks
2009-10-29:	Why per-process (or per-user) memory resource limits are hard
2009-10-28:	Python modules should make visible their (fundamental) types
2009-10-27:	A personal experience of web browsers making bad text editors
2009-10-26:	What I think I understand about how standards get created
2009-10-25:	Some thoughts on a 'modern' university email system
2009-10-24:	Something I have realized about university services
2009-10-22:	The limits of some anti-spam precautions How to waste lots of CPU time checking for module updates
2009-10-21:	Why you should be able to get a list of your local email addresses
2009-10-20:	Simple mailing lists: an illustration of Exim's flexibility
2009-10-19:	The case against backup MXes
2009-10-18:	Backup MXes versus redundant MXes
2009-10-17:	Automated web software should never fill in the `Referer` header
2009-10-16:	A tale of network horror, or at least excitement
2009-10-15:	One complexity of buffered IO on Unix
2009-10-14:	Why 'invite-your-friends' features are spam from you, not your users
2009-10-13:	There are two different uses of conditional GETs
2009-10-12:	ZFS GUIDs vs device names
2009-10-11:	Why security bugs aren't bugs
2009-10-10:	You should delete obsolete data files
2009-10-09:	A fun bug I once ran across
2009-10-08:	What is going on with faulted ZFS spares
2009-10-07:	A brief introduction to ZFS (disk) GUIDs
2009-10-06:	The danger of software suspend on servers
2009-10-05:	The problem with security bugs is that they aren't bugs
2009-10-04:	Why Unix filesystems precreate `lost+found` directories
2009-10-03:	One thing that top-posting is good for
2009-10-01:	The rules for combining things with Bourne shell 'here documents'
2009-09-30:	A little habit: `cat >/dev/null` On (not) putting IP addresses in registration email
2009-09-28:	Two ends of hardware acceleration What I think about why graphics cards keep being successful
2009-09-27:	Some suggestions for registration confirmation emails Why you can no longer have an 'invite-your-friends' feature
2009-09-26:	How our 'plug in and go' laptop network DHCP portal works
2009-09-25:	How our DHCP registration portal redirections work
2009-09-24:	SSL certificates require proper domain names
2009-09-23:	A brief overview of the Solaris 10 nvpair library
2009-09-22:	Some trivia about Python frame objects
2009-09-21:	Exploring the frame object `f_builtins` member
2009-09-20:	Why kernel packaging is so bad in Debian and Ubuntu
2009-09-19:	Why I am not a fan of hardware acceleration
2009-09-18:	Are you sure it's a C string?
2009-09-17:	A trick to testing `https` setups on test machines
2009-09-16:	Some kernel lockd NFS error messages explained
2009-09-14:	Listing file locks on Solaris 10 Forwarding emails without false positives
2009-09-13:	How modern CPUs are like (modern) disks
2009-09-12:	My opinions on when you should let ZFS handle RAID stuff
2009-09-11:	Why you should let ZFS handle the RAID stuff
2009-09-10:	What I know about how ZFS actually handles spare disks
2009-09-09:	Postfix versus Exim
2009-09-08:	Some ways to avoid needing a public ticketing system
2009-09-07:	A use for ticketing systems as your primary support method
2009-09-06:	What typing ^D really does on Unix
2009-09-05:	Why the Unix `EINTR` semantics (probably) exist
2009-09-03:	An interesting issue with doing NFS over TCP (apparently) Programming blindness and security
2009-09-02:	Environment variables make bad switches
2009-08-31:	How to deprecate bits of your program The IO scheduler improvements I saw
2009-08-30:	Some more thinking about requirements in specifications
2009-08-29:	MUST versus SHOULD in your specifications
2009-08-28:	ZFS changes filesystem device numbers on reboot
2009-08-26:	What packages SystemTap requires on Ubuntu 8.04 (and others) A frame object's `f_locals` isn't always the locals
2009-08-24:	The problem with the CFQ IO scheduler and our iSCSI targets Anti-spam content scanning systems need to scan more
2009-08-23:	You should not use HTTP request parameters as filenames
2009-08-22:	A gotcha with Python's new `signal.siginterrupt()`
2009-08-21:	The danger of powerful generality, illustrated
2009-08-20:	Python modules should not reinvent `OSError`
2009-08-19:	Link: Using colour well in data visualization Python, signal handlers, and `EINTR`
2009-08-18:	Why user programs mapping page zero is so bad news on x86 hardware
2009-08-17:	More accidental BitTorrent on our network
2009-08-16:	Testing versus extensibility
2009-08-15:	SSDs and the RAID resync problem
2009-08-14:	Sorting out what 'passive ftp' is
2009-08-12:	Undo is sometimes not good enough One thing your mail-sending system should do
2009-08-11:	The somewhat apocryphal history of comments in the Bourne shell
2009-08-10:	The difference in the Bourne shell between `:` and `#`
2009-08-09:	Building true ssh opportunistic connection sharing
2009-08-08:	How I use ssh's connection sharing feature
2009-08-07:	The basics of ssh's connection sharing feature
2009-08-06:	A rule for Internet software
2009-08-05:	A feature that I wish Linux package managers had
2009-08-04:	A downside to syndication feed readers respecting permanent HTTP redirects
2009-08-02:	Limitations on custom NFS mount authorization on Solaris What you can't do before you drop setuid permissions
2009-07-31:	Using SystemTap to trace the system calls of setuid programs on Linux How fast various ssh ciphers are
2009-07-30:	How we do custom NFS mount authorization on Solaris 10
2009-07-29:	The shift-selection trick in X terminal programs
2009-07-28:	Spammers are quite dedicated in their address scraping
2009-07-27:	Why you should do code reviews for sysadmin scripts
2009-07-26:	The anatomy of a hack to get around `try:`/`finally:` and generators
2009-07-25:	When code in generators runs
2009-07-24:	The usefulness of a syndication feed of your blog's comments
2009-07-22:	Thinking like a security paranoid: an example A peculiar change in Linux `flock()` and `fcntl()` behavior
2009-07-21:	Packages should not contain both tools and policies
2009-07-20:	Minimalistic spam, another annoyance to worry about
2009-07-19:	The importance of making an issue visible
2009-07-18:	Why NFS filehandles fail as access capabilities
2009-07-17:	The hard problem of live major release upgrades
2009-07-16:	Another reason to safely update files that are looked at over NFS
2009-07-15:	A Bourne shell gotcha with `( ... )` command grouping
2009-07-13:	Some stuff on NFS access restrictions Shell scripts should not use absolute paths for programs
2009-07-12:	A brief history of NFS server access restrictions
2009-07-11:	What can go wrong in making NFS mounts
2009-07-10:	An unpleasant surprise about ZFS scrubbing in Solaris 10 U6
2009-07-09:	The high-level version of how mounting NFS filesystems works
2009-07-08:	Fedora and workstations (on Linux distributions for desktops)
2009-07-07:	Why and why not Fedora
2009-07-06:	How you could do a shared root directory with NFS
2009-07-05:	The coming Internet identity problem
2009-07-04:	A side note on the cost of operations
2009-07-03:	How software makes reverse proxying hard
2009-07-02:	Finding out when a command in a pipeline fails
2009-06-30:	A Unix irritation: pipeline status More on why users keep mailing specific people
2009-06-29:	A theory on why users keep mailing specific people
2009-06-28:	How we solve the multiuser PHP problem
2009-06-27:	Possible limits on our port multiplied ESATA performance
2009-06-26:	How not to set up your DNS (part 19) An advantage for hardware RAID over software RAID
2009-06-25:	Patching systems versus patching appliances
2009-06-24:	Another source of stickyness for social web sites
2009-06-22:	Solaris 10 NFS server parameters that we change and why Why GNU tools are sometimes not my favorite programs
2009-06-21:	Email is intrusive, and why
2009-06-20:	Using GRUB to figure out the mapping of BIOS drive numbers
2009-06-19:	Fedora desperately needs a better upgrade system
2009-06-18:	A kernel NFS error message explained
2009-06-17:	The NFS 'reserved ports' option and why you care
2009-06-16:	Maybe understanding blogrolls
2009-06-15:	`try:/finally:` and generators
2009-06-14:	How to set up your vacation messages to get thrown off mailing lists
2009-06-13:	One of the reasons good alerting is tough
2009-06-12:	What I know about Solaris 10 NFS server file lock limits
2009-06-11:	There are two different purposes of monitoring systems
2009-06-10:	Users are lazy
2009-06-08:	Another way that generators are not lists: modifying them Monitoring systems should be always be usefully informative
2009-06-07:	It's important to get the real costs right
2009-06-06:	User perceptions (and expectations) of backups
2009-06-05:	How we're planning our backup storage capacity needs
2009-06-04:	Another irritation with Gnome's gconf settings system
2009-06-03:	The costs of development versus the costs of operation
2009-06-02:	Sometimes brute force is the answer (on Unix)
2009-05-31:	A thought on giving custom redundant storage systems some history The better way to install Sun's Java
2009-05-30:	The program energy efficiency optimist's view
2009-05-29:	The cost of program energy efficiency
2009-05-28:	Encapsulation may be in the eye of the beholder
2009-05-27:	Hosted servers, cloud computing, and backups
2009-05-25:	Backups versus redundancy
2009-05-24:	An interesting bit of ssh and sshd behavior What modern email is good for
2009-05-23:	The drawback of using a language with a good interface to the OS
2009-05-22:	How CPython handles (and delays) Unix signals
2009-05-21:	Solving the Python `SIGCHLD` problem
2009-05-20:	Why directory URLs have to have trailing slashes
2009-05-19:	Some notes on rewrites in Apache `.htaccess` files
2009-05-17:	One reason for Unix's permission checking timing The crucial difference between online and offline backups
2009-05-16:	Autoresponders in the modern email world
2009-05-15:	Why `df` on an NFS-mounted ZFS filesystem can give odd results
2009-05-14:	Fixing your system after hitting the RAID growth gotcha
2009-05-13:	Booting a Linux system without a root mirror
2009-05-12:	A serious gotcha with growing software RAID devices
2009-05-10:	What affects how fast you can restore backups Another advantage of disk-based backup systems
2009-05-09:	Our disk-based backup system
2009-05-08:	The problem with tapes (for backup)
2009-05-07:	How to set up your `xorg.conf` for RandR-based dual-headed systems
2009-05-06:	An irritation with Linux's '`mount -t nfs`' output
2009-05-05:	How we periodically scrub our ZFS pools
2009-05-03:	An inexplicable omission in bash's sourcing of `.bashrc`
2009-05-02:	Why version control systems should support 'rewriting history' Convenient ssh in Gnome, or 'my sshmenu wish comes true'
2009-04-30:	My standard Gnome customizations Why I would still like MC/S in Linux
2009-04-29:	Pragmatic issues with hash verifiers for email messages
2009-04-27:	One of my TDD weaknesses: mock objects for complex objects The problems of over-documenting things
2009-04-26:	A Bourne shell irritation: piping just stderr Lighttpd, CGIs, and standard error
2009-04-25:	On digital signatures and client security issues
2009-04-24:	The difference between Web 1.0 and Web 2.0
2009-04-23:	A Gnome irritation
2009-04-21:	Why your ticketing system should not be accessible to users
2009-04-20:	Some ways to add versioning to pickled objects Why pickle is not a good way to save your data
2009-04-19:	Sometimes you don't want behavior with your data
2009-04-18:	What users see as benefits from sysadmins
2009-04-17:	Git and 'rewriting history'
2009-04-16:	What causes the ZFS file deletion problem with snapshots
2009-04-15:	The problem with Solaris 10 update 6's ZFS `failmode` setting
2009-04-13:	How I went wrong in thinking about `/boot` mirroring Your ticketing system should be optional
2009-04-12:	A hairshirt too far: on always avoiding CSS
2009-04-11:	The advantage of having an (XML) sitemap
2009-04-10:	Why 'sender stores message' is easier for spammers than real mail servers
2009-04-09:	Why ssh needs to verify host keys
2009-04-07:	Handling ssh to generic hostnames The technical problems with 'sender stores messages' schemes
2009-04-06:	An interesting hardware mystery
2009-04-05:	Why I don't expect ARM-based netbooks to be a success
2009-04-03:	The (or a) problem with Unix manpages How to use Vixie cron to schedule at regular odd times
2009-04-02:	System status announcements and where your users are
2009-03-31:	The SSD boom and the theoretical multicore revolution A sysadmin use for Twitter
2009-03-30:	There are three entry states for feed readers
2009-03-29:	Why I wrote my own bulk IO performance measurement tool
2009-03-28:	Make your web application's interface elements obvious
2009-03-27:	The theoretical advantage of a separate `/boot` filesystem
2009-03-26:	An important difference The `git` version control system as a creation of the modern age
2009-03-24:	Using fully mirrored system disks on Linux How not to improve your CD player application Frustration for a sysadmin (well, for me)
2009-03-23:	How libraries should handle internal warning messages
2009-03-22:	An outline of a possibly easier IPv4 to IPv6 transition
2009-03-21:	Why the ideal IPv4 to IPv6 transition is impossible
2009-03-19:	Why 'sender stores message' schemes won't cure phish spams
2009-03-18:	An obvious thing about dealing with web spider misbehavior Principles of email in the modern age
2009-03-16:	An important gotcha with iSCSI multipathing in Solaris 10 Complex data structures and the two sorts of languages
2009-03-15:	A realization: planet aggregators have a natural size limit
2009-03-14:	Why I don't trust `seteuid()` and friends
2009-03-12:	The problem with `/var` today The not so secret history of `/var`
2009-03-11:	Checklists versus procedures
2009-03-10:	Why checklists work
2009-03-09:	What list methods don't make sense for heterogeneous lists
2009-03-08:	Python's theoretically missing core data type
2009-03-07:	What past problems of mine the collections module solves
2009-03-06:	What can keep a ZFS pool busy and prevent it from exporting
2009-03-05:	What seems to use power on a Dell Mini 12
2009-03-04:	The ASUS Eee PC versus the Dell Mini 12
2009-03-03:	Rollbacks versus downgrades
2009-03-02:	Some gotchas with ZFS in Solaris 10 update 6
2009-02-28:	What it would take for me to use Fedora Rawhide The potential problems with distribution downgrades
2009-02-27:	The peculiar case of the conference spammers
2009-02-26:	What I learned from Google Mail's recent outage
2009-02-25:	Don't log usernames for bad logins
2009-02-24:	A core principle of error and warning messages
2009-02-23:	A problem with microtransactions
2009-02-22:	Internet scale security: the impact of cheapness
2009-02-21:	How to turn off `gnome-terminal`'s cursor blinking
2009-02-20:	An attraction of planet-style blog aggregators as your feed reader
2009-02-19:	Appearances are deceptive in the (anti-)spam world
2009-02-18:	My theory on why people wind up using common passwords
2009-02-17:	Design versus construction
2009-02-16:	My approach to website passwords (and why it is the right one)
2009-02-15:	How CPython optimizes allocations for some built-in types
2009-02-14:	Some of my assumptions about Python object allocation
2009-02-13:	The accumulator mini-pattern and `.setdefault()`
2009-02-12:	Recognizing non-interactive shells and 'shell levels'
2009-02-11:	True point in time restores may be hard
2009-02-09:	Backups and archives I hate flaky systems, Fedora 10 and/or hardware edition
2009-02-08:	When bash sources your `.bashrc`
2009-02-07:	An illustration of one reason that documentation is hard
2009-02-06:	Our SunFire X2100 nVidia Ethernet experiences
2009-02-04:	An alarming ZFS status message and what is usually going on with it Why btrfs was inevitable: a corollary to (not) getting ZFS in Linux
2009-02-02:	A grumpy remark about Solaris's scalability
2009-02-01:	Understanding ZFS cachefiles in Solaris 10 update 6
2009-01-31:	Why social mudding works When can you assume UTF-8 filenames?
2009-01-30:	A surprising lack on Linux: browsers for camera RAW photos
2009-01-29:	An RPM packaging utter FAIL
2009-01-28:	The (or an) attraction of Twitter
2009-01-27:	My wishes for Sun's online documentation
2009-01-26:	My reaction to Solaris 10 update 6's ZFS changes How LiveJournal is sticky
2009-01-25:	Thinking about what you do with undo
2009-01-24:	Towards a better undo
2009-01-23:	The HTML tax (in Python, and in general)
2009-01-22:	The NFS re-export problem
2009-01-20:	Why high availability NFS requires shared storage The inner life of NFS filehandles
2009-01-19:	Using iptables to get around the policy based routing limitation
2009-01-18:	The basic implementation of relatively high-availability NFS
2009-01-17:	Practical issues with getting ZFS on Linux
2009-01-16:	A lament about modern NFS development
2009-01-15:	Why templating systems are the wrong answer for simple HTML generation
2009-01-14:	Documenting the `kernel.sem` sysctl
2009-01-12:	A surprising lack in Python's standard library What I want out of NFS security, at least at the moment
2009-01-11:	The problems I see with multi-signed SSL in practice
2009-01-10:	You cannot ask users to manage their own security
2009-01-09:	A Unix shell glob trick
2009-01-08:	The `ufsdump` block size doesn't seem to matter much
2009-01-07:	Two suggestions for improving Fedora's PreUpgrade experience
2009-01-06:	The problem of forcing users to make choices (in security)
2009-01-05:	Why 'email marketing' winds up as spam
2009-01-04:	'Email marketing' versus outright email spam
2009-01-03:	How to help programmers (parts 2 and 3): `os.environ` and `sys.argv`
2009-01-02:	Why SSL needs certificate authorities, or at least trust roots
2009-01-01:	Flaws in the 'web of trust' approach to trust issues
2008-12-31:	Certificate authorities seem to be a real weakness in SSL One of Python 3's fundamental problems on Unix
2008-12-30:	ZFS and crazy dates
2008-12-28:	Discovering things while researching Unix history An advantage of doing test driven development
2008-12-27:	Email marketing is pretty much spam
2008-12-26:	The consequences of the Debian OpenSSL compromise
2008-12-25:	My view of Sun and their history
2008-12-24:	A thesis: Sun should be prepared to give up on SPARC
2008-12-23:	You need major advantages to really move issues
2008-12-21:	Part of why managing firewalls is hard The role of superstition and folklore in system administration
2008-12-20:	The source of spurious `.rpmnew` files
2008-12-19:	Comments and dialogues
2008-12-18:	Why LVM snapshots should really have hooks into filesystems
2008-12-17:	Some reasons why I like `vi`
2008-12-16:	Why XHTML is doomed, at least in its strict validation form
2008-12-14:	Feed aggregators should fail gracefully
2008-12-13:	The pragmatic problem with strict XHTML validation
2008-12-12:	Two-step updates: the best solution to the valid XHTML problem
2008-12-11:	Why syndication feed readers (and web browsers) should fail gracefully Why you should always allow version 1 to be specified
2008-12-09:	What sort of user interfaces the web is good for How Amanda uses what restore program to use, a correction
2008-12-08:	How I split up my workstation's disk space
2008-12-07:	How to help programmers (part 1): the `os.listdir()` problem One of Python's problems with packages
2008-12-06:	On line endings and honesty
2008-12-05:	A little gotcha when implementing shell `read`
2008-12-04:	The rewriting problem on ZFS and other 'log structured' filesystems
2008-12-03:	Mapping IP addresses to ASNs
2008-12-02:	A thesis: Sun should fork Solaris
2008-11-30:	My view on vi and vim (and nvi et al) Server problems caused by 'transparent' self-signed SSL certificates
2008-11-29:	Good editors aren't better or worse, just different
2008-11-28:	Why rootkits targeted at Red Hat Enterprise would make me especially nervous
2008-11-27:	The practical insecurity of self-signed SSL certificates on the web
2008-11-26:	One consequence of mathematical security thinking
2008-11-25:	The problem with security alerts, and indeed all alerts
2008-11-23:	My sign of a good graphical interface
2008-11-22:	Why I hate 'security questions'
2008-11-21:	Limiting how much load Exim puts on your system
2008-11-20:	Combining dual identity routing and isolated interfaces revisited
2008-11-19:	A growing realization about `tcpdump` and reading IP traffic BitTorrent's file fragmentation problem
2008-11-18:	Where `vi` runs into its limits
2008-11-16:	Checking systems with RPM verification (part 2) A hint for email providers
2008-11-15:	Getting Python's encoding and decoding straight
2008-11-14:	How to force a crash dump on Solaris 10 x86
2008-11-13:	What the members of a Unicode conversion error object are
2008-11-12:	Why not doing Unicode is easier than doing Unicode in Python
2008-11-11:	Another attempt to split SSL into encryption and trust
2008-11-10:	Exploiting the Bourne shell to parse configuration files
2008-11-09:	The history of Unix `*dump` programs
2008-11-08:	Thinking about how your security domains relate to each other
2008-11-07:	What the timestamps in Ubuntu kernel messages mean
2008-11-05:	How many root passwords should you have? An issue with quotas on ZFS pools
2008-11-04:	Mistakes editors can make that disqualify them as sysadmin editors
2008-11-03:	Why `vi` has become my sysadmin's editor
2008-11-02:	Why university webmail systems are attractive to spammers
2008-10-31:	Why realistic UDP bandwidth testing is hard Banging rocks together in Python
2008-10-30:	How Linux initrds used to be a hack
2008-10-29:	Problems I have seen with switch port mirroring
2008-10-28:	One reason why people buy Ethernet taps
2008-10-27:	What we keep track of for ZFS pools
2008-10-26:	Why RAID-1 is the right choice for our new fileservers
2008-10-25:	How we worked out the partition sizes for our SAN
2008-10-24:	A little neat detail of the BitTorrent protocol
2008-10-23:	Another update to the ZFS excessive prefetching situation
2008-10-22:	How Amanda knows what restore program to use
2008-10-21:	Seeing how remarkable V7 Unix was
2008-10-19:	The advantages of iSCSI's MC/S for multipathing Thesis: reputation based antispam systems are dead
2008-10-18:	More on Firefox 3's handling of self-signed SSL certificates
2008-10-17:	How self-signed certificates are a problem for browsers
2008-10-16:	Why Firefox 3's handling of self-signed SSL certificates is wrong
2008-10-15:	The corporate identity problem
2008-10-14:	Improving initial ramdisks
2008-10-13:	The complexity of not lying to Makefiles
2008-10-12:	An irritating `awk` limitation: getting a range of fields
2008-10-11:	Forcing sort ordering in Unix shell scripts
2008-10-10:	Some notes about iSCSI multipathing in Solaris
2008-10-09:	We've lost the password battle
2008-10-08:	How we set up our Solaris ZFS-based NFS fileservers
2008-10-07:	How we set up our iSCSI target servers
2008-10-06:	A problem with Python's `help()`
2008-10-05:	SSL certificate revocation doesn't work (for web browsers)
2008-10-04:	Consider having obvious interfaces too
2008-10-03:	Arranging your SSL websites for very cautious people
2008-10-01:	Another consequence of the Debian OpenSSL security bug
2008-09-30:	The consequences of your SSL certificate getting compromised Using Python to find out what cipher a SSL server is using
2008-09-29:	SSL/TLS and forward secrecy
2008-09-28:	Why I hate Solaris 10's service facility right now
2008-09-27:	The problem with initial ramdisks
2008-09-26:	The aesthetics of syntactic sugar
2008-09-25:	Why qmail is no longer a suitable Internet MTA
2008-09-24:	How we lie to our Makefiles
2008-09-23:	Some thoughts on improving current thread-based programming
2008-09-21:	Why I wind up writing real parsers for my sysadmin tools
2008-09-20:	A side note to the attraction of file-based blog engines The attractions of 'file as blog entry' blog engines
2008-09-19:	Gotchas with IET that I have encountered
2008-09-18:	My experiences so far with Linux iSCSI target software
2008-09-17:	How to securely manipulate user files
2008-09-16:	A Unix without a `test` program
2008-09-15:	Why ZFS's raidz design decision is sensible (or at least rational)
2008-09-14:	A read performance surprise with ZFS's raidz and raidz2
2008-09-13:	999 days is not forever
2008-09-12:	ZFS's helpful attention to detail Why you want sysadmins, not users, to be providing the computing
2008-09-11:	Why I have the same shell dotfiles everywhere
2008-09-10:	A Unix shell trick
2008-09-09:	The problem with unit testing programs
2008-09-08:	How to get as much of your program byte-compiled as possible
2008-09-07:	Why your main program should be `import`able
2008-09-06:	Why negative DNS caching is necessary
2008-09-05:	Something to remember when using DTrace on userland programs
2008-09-03:	Why SMTP needs a way of communicating partial success for message delivery How to reject at SMTP time without enabling dictionary scanning
2008-09-01:	Accept-then-bounce is no longer acceptable in mail systems
2008-08-31:	There is a balance between optimism and paranoia for compromised machines A realization about the recent Red Hat Enterprise security issue
2008-08-29:	Open source projects and programs versus products We don't really control user desktop machines
2008-08-28:	Thinking about the importance of cross-implementation portability
2008-08-27:	How I think about how important security updates are
2008-08-25:	Fixing low command error distances The concept of error distance in sysadmin commands
2008-08-24:	An update to the ZFS excessive prefetching situation
2008-08-23:	Another problem with SSL identities
2008-08-22:	Why noting security fixes in Linux kernel changelogs doesn't really help
2008-08-21:	What you select for when you make something harder
2008-08-20:	An illustration of why syntactic sugar matters
2008-08-18:	The problem with using tuples and lists to hold structures
2008-08-17:	Thinking about the best way to handle command registration Why your blog comments have less of an audience than new blog entries Another reason to avoid having comments
2008-08-16:	Why it matters what users like
2008-08-15:	Using a non-standard shell as your login shell
2008-08-14:	A `bash` irritation: the incompatible `exec`
2008-08-12:	The first principle of analyzing compromised machines
2008-08-11:	How RPM verification deals with prelinking
2008-08-10:	Anti-spam work is pure overhead How to tell when your bug reporting system is at its limits
2008-08-08:	How to exploit unsigned repository metadata A workaround for the Python module search path issue on Unix
2008-08-07:	The pragmatics of language changes
2008-08-06:	More on the funding capture problem
2008-08-04:	SSL does not create trust Our answer to the ZFS SAN failover problem
2008-08-03:	A performance gotcha with `syslogd` First impressions of using DTrace on user-level programs
2008-08-02:	One reason that it is so hard to challenge Google
2008-07-31:	A crude system verification method SSL's identity problem
2008-07-30:	What is guaranteed in languages in practice
2008-07-28:	What you can (probably) count on for concurrency in Python Another advantage of Python builtins
2008-07-27:	The yum versionlock problem
2008-07-26:	`dict.setdefault()` as a concurrency primitive
2008-07-24:	How packaging systems should handle kernel updates One thing that I dislike about typical debuggers
2008-07-23:	Retracting blog entries in the face of syndication feeds
2008-07-22:	Two different usage patterns
2008-07-20:	Thinking about uses for (system) activity tracers Why I'm mostly out of the email (anti-)spam game
2008-07-18:	One consequence of Linux's dynamic network device naming The advantage of blog comments
2008-07-17:	The not so secret origins of `/usr/bin` and `/usr/sbin` (and `/sbin`)
2008-07-16:	The problem with Usenet
2008-07-14:	What some `fdisk` options actually do
2008-07-13:	How ZFS helps out with the big RAID-5 problem The problem with big RAID-5 arrays
2008-07-12:	When overlapping windows do (and don't) make sense
2008-07-11:	The case of the mysteriously failing connections
2008-07-10:	Internet software decays and must be actively maintained
2008-07-09:	Detailed usage charges versus simpler charging models
2008-07-08:	How to force Solaris to renumber network devices
2008-07-06:	A (D)VCS feature that I'd really like A small drawback to Wietse Venema's TCP Wrappers
2008-07-05:	How OOXML is a complete failure, even for Microsoft
2008-07-04:	Phish spammers who make it easy
2008-07-03:	Why system administrators like interpreted languages
2008-07-02:	Why reverse proxies are good for big web applications
2008-06-30:	The many problems with bad security patches
2008-06-29:	Why user exposure matters for Linux distributions, especially on desktops Why Ubuntu's LTS releases are inferior to Red Hat Enterprise Linux
2008-06-28:	The other reason that shells should be programmable
2008-06-27:	Fault hierarchies and problem reports
2008-06-26:	Virtual desktops versus multiple monitors
2008-06-25:	More on standard interfaces
2008-06-23:	Why I am not really fond of docstrings in Python More thinking about Python's inheritance model
2008-06-22:	The implicit versus the explicit
2008-06-21:	A bug reporting paradox: don't put in too much detail
2008-06-20:	Accidental bittorrent on our networks
2008-06-19:	A thought about filesystem snapshots
2008-06-17:	A simple request for vendor websites Sun flubs another SSH patch
2008-06-16:	Why people persist in sending files by email
2008-06-15:	Why DNS blocklists return information as IP addresses
2008-06-13:	The cost of virtualization
2008-06-12:	The problem with ZFS, SANs, and failover
2008-06-11:	Designing a usable DNS Blocklist result format Tabs versus windows, or why I usually want windows
2008-06-09:	Mirrored system disks should be trivial to set up
2008-06-08:	Thinking about Python's inheritance model Recovering my Eee PC from a post-update problem
2008-06-07:	Why 'file as blog entry' blog engines have problems
2008-06-06:	Why shells should have small programming languages
2008-06-04:	Some corollaries to the charging problem
2008-06-03:	My problem with ZFS
2008-06-02:	Improving RPM as a packaging system Why package systems are important
2008-05-31:	What contracts aren't
2008-05-30:	The fun of `awk` Users are rational
2008-05-29:	Why web spiders should not crawl syndication feeds
2008-05-28:	What promiscuous mode does on modern networks
2008-05-26:	Shimming modules for testing (and fun)
2008-05-25:	Making a good Unix glue language The risks of forcing frequent password changes
2008-05-24:	Dear applications: WEP keys are not passwords
2008-05-23:	Frequent password changes as security mythology
2008-05-21:	Combining dual identity routing and isolated interfaces
2008-05-20:	Getting live network bandwidth numbers on Solaris
2008-05-19:	Segregating your outgoing email to get blocked as little as possible
2008-05-18:	The threat model for website logins Counterproductive password security
2008-05-17:	Why we're interested in many ZFS pools
2008-05-15:	Why it is hard to decommission a DNS blocklist What protects the strength of a ssh connection's encryption
2008-05-13:	Things I have learned about ZFS (and a Linux iSCSI target)
2008-05-12:	Some thoughts on tradeoffs between storage models
2008-05-11:	The history of `readdir()` Another problem with doing your own sysadmin automation
2008-05-09:	An advantage of interpreted languages
2008-05-08:	Getting live network bandwidth numbers on Linux
2008-05-07:	Today's Solaris 10 irritation: the fault manager daemon
2008-05-06:	The Bourne shell is not a programming language
2008-05-05:	The costs of doing your own system administration automation
2008-05-04:	On standard interfaces
2008-05-03:	Why people don't automate sysadmin stuff
2008-05-02:	Automation changes as systems grow
2008-05-01:	What the `co_names` attribute on Python code objects is
2008-04-30:	Why `apt` is always going to be faster than `yum` Why you can't stop 'abuse' of file sharing services
2008-04-28:	Abusing Python frame and code objects
2008-04-27:	Attribute tracing as a mixin class
2008-04-26:	A thought on trackbacks
2008-04-25:	BitTorrent trackers are not innocent bystanders
2008-04-24:	What Linux's RPC queue dump means, sort of A brief mention of some tools for debugging Linux NFS client issues
2008-04-22:	The irritation of single-context applications
2008-04-21:	Dear ZFS: please stop having your commands stall
2008-04-20:	Finding the name of your caller in Python What FAQs are
2008-04-18:	The two (at least) forms of documentation
2008-04-17:	The limits of isolated interfaces
2008-04-16:	My secret mouse fear The appeal of GNU tools
2008-04-15:	Management interfaces as isolated interfaces
2008-04-14:	A sysadmin's review of the ASUS Eee PC
2008-04-13:	How I use Firefox's remote control
2008-04-12:	Different reasons for having comments
2008-04-11:	The appeal of XML When I do and don't read a blog's comments
2008-04-09:	Why there's a bunch of spam from university webmail systems right now
2008-04-08:	An alternate take on availability numbers
2008-04-07:	Get statistics
2008-04-06:	The problem with PID files
2008-04-05:	What I needed to make my custom Fedora 8 environment work Why people are accepting bad uptimes from Internet applications
2008-04-03:	Google Mail has a spam problem
2008-04-02:	ZFS: Reservations versus quotas
2008-04-01:	A simple Python class to trace access to object attributes
2008-03-31:	Keeping secrets as a system administrator The quote of the time interval, on XML
2008-03-30:	Docstrings versus comments in my code
2008-03-29:	Tradeoffs in where you store volume management metadata
2008-03-28:	The stages of Bittorrent encryption
2008-03-27:	An idea for a browser anti-phish feature
2008-03-26:	Why authenticated email won't stop phish spam
2008-03-25:	The easy way to keep a week's worth of something
2008-03-24:	The two sorts of (programmer) certification
2008-03-23:	Why software engineering certification may not work out the way people want
2008-03-22:	Why NFS writes to ZFS are sometimes (or often) slow
2008-03-21:	Journaling filesystems and the `fsync()` problem
2008-03-20:	Why you should ratelimit messages that outside things can cause
2008-03-19:	The problem of charging for things (well, one of them)
2008-03-18:	Some things I dislike about the ASUS Eee
2008-03-17:	Why I expect more from Solaris
2008-03-16:	My problem with Lisp
2008-03-15:	Why accurately counting committed address space is hard
2008-03-14:	Why I like definite answers to support issues
2008-03-13:	Another problem with iSCSI on Solaris 10
2008-03-12:	A `bash` irritation: mutable history
2008-03-11:	The 'Add Comments' problem
2008-03-10:	Why I organize comments on WanderingThoughts the way I do
2008-03-09:	The difference between a SAN and a cluster filesystem
2008-03-08:	What controls Red Hat Enterprise's ethN device names My problem with Ethernet naming on Red Hat Enterprise 5
2008-03-06:	Software RAID, `udev`, and failed disks The difference between operations and system administration
2008-03-05:	How we make Exim discard bounces of spam
2008-03-04:	How we deal with the spam forwarding problem
2008-03-03:	How not to set up your DNS (part 18)
2008-03-02:	How ZFS's version of RAID-5 can be better than normal RAID-5
2008-03-01:	Speed surprises in reimplementing the `.find()` string method
2008-02-29:	An illustration of the speed advantage of Python builtins
2008-02-28:	My likely Firefox 3 extensions
2008-02-27:	Two sorts of languages
2008-02-26:	Something that I do not understand
2008-02-25:	The best way to shroud IP addresses
2008-02-24:	An idea: only use URL fragments as an implementation detail
2008-02-23:	Where the risk is with virtualization (and iSCSI)
2008-02-22:	Why I am not fond of Ubuntu's management of kernel updates
2008-02-21:	Wireless, machine rooms, and the Asus Eee PC The irritation of single-instance applications
2008-02-20:	How our automounter replacement works
2008-02-18:	Coding paralysis ZFS versus SANs: where do you put the RAID?
2008-02-16:	The only way you can stop spam with money
2008-02-15:	A weird routing mystery
2008-02-14:	Why does anyone buy iSCSI TOE network cards?
2008-02-13:	A consequence of Python's 'computer science' nature
2008-02-12:	A small annoyance with HTML
2008-02-11:	Why commercial support needs to solve your customers' problems
2008-02-10:	A basic introduction to prelinking on Linux
2008-02-09:	The other reason certified email won't solve the spam problem How your fileservers can wind up spreading over your SAN
2008-02-08:	Why `/usr/local` is now useless (and where it came from)
2008-02-06:	Why ZFS needs a `zfsdump`
2008-02-05:	Prewiring experimental racks
2008-02-04:	The origins of `/usr/share`
2008-02-03:	A note to would-be photo editing applications
2008-02-02:	Why certified/authenticated email cannot solve spam
2008-02-01:	Isolating network interfaces on Linux
2008-01-31:	The sysadmin's life (again)
2008-01-30:	Linux's IP forwarding settings summarized
2008-01-29:	An annoyance in Python's attribute access rules
2008-01-28:	One reason I like Python
2008-01-27:	Classic crontab syntax mistakes
2008-01-26:	The funding capture problem
2008-01-25:	A modest suggestion about test accounts
2008-01-24:	Running a 32-bit Firefox on a 64-bit Fedora or Red Hat Enterprise
2008-01-23:	The weird effects of Firefox's remote control on Unix Linux's `umount -f` forces IO errors
2008-01-21:	Why I believe that you want Solaris if you want ZFS
2008-01-20:	Layering buffering on top of other buffering is usually a bad idea
2008-01-19:	Why the x86 Linux kernel is part of every process's address space
2008-01-18:	What seems to use power on an Asus Eee PC
2008-01-17:	Lab notebooks are not changelogs
2008-01-16:	Why sysadmins should keep a lab notebook
2008-01-15:	What applications are actually crucial at a university
2008-01-14:	A Python pattern: Mutating Proxies
2008-01-13:	The robot logic of ZFS snapshots and quotas
2008-01-12:	A thought about Amazon's S3 and EC2
2008-01-11:	The importance of killing processes with the right signal
2008-01-10:	What you don't know about other peers in BitTorrent
2008-01-09:	There are two different situations for content-types
2008-01-08:	Why I feel that a missing Debian package is a bad sign
2008-01-07:	Some thoughts on Solaris 10 x86 versus Linux
2008-01-06:	Why the server is the right place to determine web content types
2008-01-05:	Why file extensions in URLs are a hack
2008-01-04:	One problem with the current anti-spam environment
2008-01-03:	Scrolling versus panning
2008-01-02:	The various sorts of backgrounding in Unix
2008-01-01:	An unpleasant thing about system administration
2007-12-31:	There are really two GPL v2 licenses
2007-12-30:	The importance of killing processes in the right order
2007-12-29:	SNI doesn't work in practice
2007-12-28:	Please don't make me pick an account name
2007-12-27:	Why I am not entirely fond of Solaris 10 x86's boot archive
2007-12-26:	Two problems with Python's file iterators
2007-12-25:	Process memory layout for 32-bit Linux programs
2007-12-24:	The difference between shells that do job control and shells that don't
2007-12-23:	Multihomed hosts and `/etc/hosts` Shortening hostnames for fun and profit
2007-12-22:	Getting a useful persistent VNC session
2007-12-21:	A thought about Solaris 10 x86's boot process
2007-12-20:	Virtualization does not eliminate security concerns
2007-12-19:	Why setuid scripts are fundamentally a bad idea How x86 Linux executes ELF programs
2007-12-17:	What is a script language on Unix
2007-12-16:	A thought on reading multiline records
2007-12-15:	There are reasons for stupid anti-spam policies
2007-12-14:	Check then use is a dangerous security pattern
2007-12-13:	Doing one-shot booting with GRUB
2007-12-12:	A more abstract view of the generalized `open()` issue Implicit generalized `open()`'s are dangerous
2007-12-10:	A surprise about Linux serial consoles
2007-12-09:	I don't like smooth scrolling
2007-12-08:	A depressing thing about phish spam
2007-12-07:	Using Linux's magic SysRq feature
2007-12-06:	Why large ISPs like SPF (the cynical view)
2007-12-05:	Safely updating files that are read over NFS
2007-12-04:	Dumb switches are now too smart for my good
2007-12-03:	A comment spam precaution that didn't work out
2007-12-02:	How my CGI to CGI/SCGI frontend works
2007-12-01:	My expectations for responsible spider behavior BitTorrent's protocol is not designed to hide
2007-11-29:	Hashes are not complete protectors of privacy
2007-11-28:	The problem the automounter was trying to solve Another aphorism of system administration
2007-11-27:	Taking advantage of polymorphic WSGI
2007-11-26:	The two things I can mean by 'web spider'
2007-11-25:	Why we may not be able to use ZFS
2007-11-24:	Gotchas with dual-headed X with RandR on ATI cards
2007-11-23:	My web spider technical requirements
2007-11-22:	The different types of hash collisions
2007-11-21:	Linux virtual terminals and the X server
2007-11-20:	A lesson learned: Always upgrade Fedora with a respin CD
2007-11-19:	What IPsec being mandatory in IPv6 really means
2007-11-18:	I love Linux's serial console support
2007-11-17:	Fighting spam always costs
2007-11-16:	Improving your life with checklists
2007-11-15:	Platform risk and platform (in)security
2007-11-14:	What NAT is useful for
2007-11-13:	Why `vfork()` got created (part 2)
2007-11-12:	Matching words against a list in the Bourne Shell
2007-11-11:	Why `vfork()` got created (part 1)
2007-11-10:	The risks of spam filtering (part 2)
2007-11-09:	An object oriented design mistake illustrated
2007-11-08:	How Linux handles virtual memory overcommit
2007-11-07:	Understanding the virtual memory overcommit issue
2007-11-06:	A thought about competition between Red Hat Enterprise and CentOS
2007-11-05:	Some notes on Solaris 10 U4 x86 as an iSCSI target
2007-11-04:	Thinking through salts for passwords
2007-11-03:	A thought about the speed of IPv6 deployment
2007-11-02:	Note to self: check for gigabit Ethernet
2007-11-01:	Dynamic rendering versus static rendering for websites
2007-10-31:	What may be causing my random NumLock issues Jumbo frames on gigabit Ethernet on Solaris 10 x86
2007-10-30:	The problem with big systems
2007-10-29:	My problem with learning new programming languages
2007-10-28:	The inconvenience of some DWiki design choices
2007-10-27:	Why I am not really interested in hearing blacklist appeals
2007-10-26:	The Slashdot effect is not like regular load
2007-10-25:	Long term storage management in the field
2007-10-24:	The format of PTR records in Bind irritates me
2007-10-23:	How we sized the overcommit ratio
2007-10-22:	The dangerous appeal of the obvious Vim options it turns out I want
2007-10-21:	How I got a corrupted metadb replica that paniced Solaris 10 x86
2007-10-20:	Why mail systems should not defer rejections to `RCPT TO` time
2007-10-19:	Some notes on booting single user in x86 Solaris 10
2007-10-18:	The Python marshal module versus the cPickle module
2007-10-17:	Our experience with Linux's strict overcommit mode
2007-10-16:	Our old mail system's configuration
2007-10-15:	The arrogance of trying to design for long term storage management
2007-10-14:	Why I think identity blurs into authority
2007-10-13:	Weekly spam summary on October 13th, 2007
2007-10-12:	Getting your networks to your racks
2007-10-11:	A gotcha with command order in pipes
2007-10-10:	How to properly look up hostnames from IP addresses
2007-10-09:	A silly trick with X
2007-10-08:	I have new system enthusiasm
2007-10-07:	An improvement in my comment spam precautions
2007-10-06:	Weekly spam summary on October 6th, 2007
2007-10-05:	Why we don't use cable management arms
2007-10-04:	The corollary to who actually benefits from bug reports
2007-10-03:	A basic principle of system design
2007-10-02:	A gotcha with 'bidirectional' pipes to commands
2007-10-01:	How Exim determines the retry time for local deliveries
2007-09-30:	Understanding Exim's weird way of doing retries Weekly spam summary on September 29th, 2007
2007-09-29:	The first rule of free email-based services
2007-09-28:	Phase objects: simple decent error reporting for Python programs
2007-09-27:	Fixing Ubuntu's ethN device names when you swap hardware
2007-09-26:	Thinking about why Apache waits for CGIs to close standard output
2007-09-25:	How to clear Solaris Volume Manager metadb replicas on Solaris 10 x86
2007-09-24:	Assume the existence of folklore among your users
2007-09-23:	Names are not cheap
2007-09-22:	Weekly spam summary on September 22nd, 2007
2007-09-21:	An interesting `bind(2)` failure
2007-09-20:	Websites should not accept random parameters in requests
2007-09-19:	The benefit of chronological blog navigation
2007-09-18:	Linux NFS client kernel tunable settings
2007-09-17:	How `mmap(2)` requires a unified buffer cache
2007-09-16:	In praise of Python's Global Interpreter Lock
2007-09-15:	Weekly spam summary on September 15th, 2007
2007-09-14:	A thought on untyped languages
2007-09-13:	Limiting a process's memory usage on Linux
2007-09-12:	Mass scanning via POP3
2007-09-11:	Why I dislike ATX power supplies
2007-09-10:	A small drawback of 64-bit machines
2007-09-09:	Rethinking my views of Fibrechannel
2007-09-08:	Weekly spam summary on September 8th, 2007
2007-09-07:	My view of what 'strongly typed' means
2007-09-06:	When you don't want RAID-5
2007-09-05:	Where to find specifications on HTTP POST behavior Features that I wish ZFS had
2007-09-03:	Why syndication feed readers ignore an entry's 'last updated' time
2007-09-02:	I wish mailers had a real programming language
2007-09-01:	Weekly spam summary on September 1st, 2007
2007-08-31:	Partial entry syndication feeds and updated entries
2007-08-30:	Using reverse proxies to unify web sites
2007-08-29:	One limitation of internal charges
2007-08-28:	A gotcha with Solaris Volume Manager metasets
2007-08-27:	On the naming of machines (part 2)
2007-08-26:	A limitation in Linux's policy based routing
2007-08-25:	Weekly spam summary on August 25th, 2007
2007-08-24:	Linux and accidentally multipathed disks
2007-08-23:	The excessive cleverness of some people's reverse DNS
2007-08-22:	Redirecting traffic to another machine with Linux's iptables
2007-08-21:	The dilemma of website facing
2007-08-20:	Recognizing phish spam from exceedingly RFC compliant mailers
2007-08-19:	A realization about breadcrumbs
2007-08-18:	Weekly spam summary on August 18th, 2007
2007-08-17:	A thesis about language niches
2007-08-16:	How not to set up your DNS (part 17) How to tell a DNS no data reply from a lame delegation
2007-08-15:	The problem that built C++ (a thesis)
2007-08-14:	The benefits of growing your toolbox
2007-08-13:	One problem with distributed identity systems
2007-08-12:	Adventures in network design, illustrated by our new backbone connection Weekly spam summary on August 11th, 2007
2007-08-11:	On the performance of Python longs being used as bitmaps
2007-08-10:	Clever large integers
2007-08-09:	A gotcha with the format of `dump` archives
2007-08-08:	Explaining some university staff peculiarities
2007-08-07:	A surprise with the Provides header in RPM
2007-08-06:	Implementing a preforking network server in Python
2007-08-05:	Thinking about more text formatting for DWiki
2007-08-04:	Weekly spam summary on August 4th, 2007
2007-08-03:	The scope of shell history Using WSGI for performance tuning
2007-08-02:	Link: XML on the web summarized
2007-08-01:	A ZFS-based fileserver design
2007-07-31:	Consequences of allowing packages to quiz users at install time
2007-07-30:	What we want out of our new fileserver design
2007-07-29:	My standard for clear idioms in personal code
2007-07-28:	Weekly spam summary on July 28th, 2007
2007-07-27:	How big is the Slashdot effect?
2007-07-26:	An unexpected performance stress test for DWiki
2007-07-25:	Solaris Volume Manager and iSCSI: a problematic interaction
2007-07-24:	Using iSCSI and AOE to create artificial disk errors
2007-07-23:	An interesting issue when `yum` upgraded `gaim`
2007-07-22:	Universities are not businesses: an implication
2007-07-21:	Weekly spam summary on July 21st, 2007
2007-07-20:	The downside of a unified buffer cache
2007-07-19:	A safety tip: keep your different sorts of source trees separate
2007-07-18:	Why I like Python's large integer support
2007-07-17:	Random passwords are not necessarily good passwords
2007-07-16:	Why SSL and name-based virtual hosts don't get along
2007-07-15:	Problems I see with the ATA-over-Ethernet protocol Weekly spam summary on July 14th, 2007
2007-07-14:	Linux kernel asynchronous IO doesn't work on sockets
2007-07-13:	You can't change a Python function's local variables from outside
2007-07-12:	An interesting mistake with ZFS and iSCSI
2007-07-11:	Why I wish Python had assignment in conditionals
2007-07-10:	Thinking about the Python equivalents of C's `!!` double negation
2007-07-09:	How many bits of information are in a password? How not to set up your DNS (part 16)
2007-07-08:	A suggestion for HMAC signature construction
2007-07-07:	Weekly spam summary on July 7th, 2007
2007-07-06:	What the flags on DNS query responses mean How not to set up your DNS (part 15)
2007-07-05:	What OpenID is good for
2007-07-04:	What OpenID is (and is not) Problems with EXA X acceleration on ATI cards in Fedora Core 6
2007-07-03:	How not to set up your DNS (part 14)
2007-07-02:	What the unified buffer cache is unifying
2007-07-01:	The optimization rule for systems
2007-06-30:	Weekly spam summary on June 30th, 2007
2007-06-29:	The stupidity of being nickled and dimed by vendors Why forwarding all email for users is dangerous
2007-06-28:	Why I don't like inverted `if` conditionals
2007-06-27:	Why you can't use `object.__new__` on everything
2007-06-26:	A small update on comment spammer behavior
2007-06-25:	ZFS's issues with long term storage management The advantage of a SAN Painless long term storage management without disturbing users
2007-06-23:	Weekly spam summary on June 23rd, 2007
2007-06-22:	One reason why the Debian package format is not my favorite A thought on web server capacity measurement
2007-06-20:	More on slot wrapper objects
2007-06-19:	Thinking about types of bugs (and static analysis)
2007-06-18:	What are slot wrapper objects?
2007-06-17:	A use for CSS adjacent selectors
2007-06-16:	Weekly spam summary on June 16th, 2007
2007-06-15:	Why I am in system administration instead of programming
2007-06-14:	Getting source RPMs with `yumdownloader` (part 2)
2007-06-13:	What NFS file-based locking problems can happen
2007-06-12:	'Argument list too long' is a misleading message
2007-06-11:	Getting source RPMs with `yumdownloader`
2007-06-10:	How NFS is unreliable for file-based locking
2007-06-09:	Weekly spam summary on June 9th, 2007
2007-06-08:	Some thoughts on Slashdot's moderation system
2007-06-07:	Why I hate firewalls, especially stateful firewalls
2007-06-06:	Why you want a filesystem consistency checker
2007-06-05:	RPM's multi-architecture file ownership problem
2007-06-04:	RAID-5 versus RAID-6 Why we need our SAN RAID controllers to support logical drives
2007-06-02:	Weekly spam summary on June 2nd, 2007
2007-06-01:	Why our Solaris fileservers still use the automounter
2007-05-31:	Please test your error paths
2007-05-30:	A gotcha with the automounter and loopback mounts
2007-05-29:	On storing source code in some non-text format
2007-05-28:	Why ZFS's data integrity is less important than Solaris's usability
2007-05-27:	Paying for security exploits
2007-05-26:	Weekly spam summary on May 26th, 2007
2007-05-25:	If you want work done, you need to pay for it The risks of spam filtering (part 1)
2007-05-24:	Firefox preferences settings that I use
2007-05-23:	The danger of a web server writeable document area
2007-05-22:	A case for breaking the web server ownership guidelines
2007-05-21:	Linux is a Unix
2007-05-20:	Properties relevant to finding what class supplies a method
2007-05-19:	Weekly spam summary on May 19th, 2007
2007-05-18:	The difficulty of throwing things away
2007-05-17:	Determining what superclass supplies a method in Python
2007-05-16:	My rules of thumb for picking conference talks
2007-05-15:	Sizing your swap space (part 2)
2007-05-14:	Sizing your swap space (part 1)
2007-05-13:	Unix folklore: your swap should be twice your RAM
2007-05-12:	Weekly spam summary on May 12th, 2007
2007-05-11:	Building your own kernel with the Fedora kernel configuration
2007-05-10:	The other problem with network booting
2007-05-09:	CSS separates layout from content less than you'd like
2007-05-08:	Supporting the real world
2007-05-07:	What computer security is
2007-05-06:	What Linux bind mounts are really doing
2007-05-05:	Weekly spam summary on May 5th, 2007
2007-05-04:	A little twitch I have in X Windows
2007-05-03:	A stupid switch configuration trick
2007-05-02:	My view of Ubuntu
2007-05-01:	Some good practices for web servers
2007-04-30:	Being specific about where your systems are
2007-04-29:	What matters about object oriented operating systems Weekly spam summary on April 28th, 2007
2007-04-28:	Why I no longer bother to complain to ISPs about spam
2007-04-27:	My view of Solaris 10 summarized
2007-04-26:	A clever way of doing IP address assignment
2007-04-25:	What do Unix errno values mean?
2007-04-24:	RPC is surprisingly expensive
2007-04-23:	Extra security systems for Unix should be explicit, not implicit
2007-04-22:	Why Red Hat 7.3 is (still) so present on servers
2007-04-21:	Weekly spam summary on April 21st, 2007
2007-04-20:	Why organizations buy software from commercial companies
2007-04-19:	A thought about attitudes towards support requests
2007-04-18:	An advantage of CSS layouts for accessibility
2007-04-17:	Why the University of Toronto can't just use Google Mail A disappointment with ZFS
2007-04-16:	Using CSS instead of tables is still using a hack
2007-04-15:	`chkconfig --add` considered misleading
2007-04-14:	Weekly spam summary on April 14th, 2007
2007-04-13:	A little gotcha about binding services to interfaces
2007-04-12:	Why Evolution is not my favorite mail reader
2007-04-11:	Users don't really benefit from filing bug reports
2007-04-10:	A limitation of Debian's `/etc/network/interfaces` control file
2007-04-09:	Why indirect xdm probably doesn't work on your Linux machine
2007-04-08:	A limitation of Python properties Weekly spam summary on April 7th, 2007
2007-04-07:	An interesting observation about web cracker behavior
2007-04-06:	Why network booting is not a good answer
2007-04-05:	Wanted: remote controllable DVD drives An irritation about rails
2007-04-04:	A brief sad note about root passwords Social problems are the real problems
2007-04-03:	Why charging for email won't do what people want
2007-04-02:	Some lighttpd bits
2007-04-01:	An advantage of virtualization for license servers Please leave IOError and OSError alone Weekly spam summary on March 31st, 2007
2007-03-31:	Created functions and exception stack backtraces Microsoft has another problem Link: you are what you code A simple debugger feature that I would really like
2007-03-30:	What an Ethernet splitter looks like
2007-03-29:	Usability issues with blog URLs
2007-03-28:	A surprise to remember about starting modern machines Dual identity routing with Linux's policy based routing
2007-03-27:	The VPN routing problem Some problems with iSCSI on Solaris 10 (on x86)
2007-03-26:	Quality Solaris 10 software:
2007-03-25:	Fitts' Law and edge-flipping in window managers
2007-03-24:	Weekly spam summary on March 24th, 2007 How comment spammers behave Randomly engaging NumLock considered irritating
2007-03-23:	Counterintuitive RAID read performance
2007-03-22:	An irony of conditional GET for dynamic websites Making user home directories on a stock Solaris machine
2007-03-21:	Users are almost always right
2007-03-20:	On educating users
2007-03-19:	The three strata of virtualization
2007-03-18:	Why Unix setuid is incompatible with real network filesystems
2007-03-17:	Weekly spam summary on March 17th, 2007
2007-03-16:	GRE is a translucent tunnel Things I have learned while doing GRE tunnels on Linux
2007-03-15:	An annoying limitation of Linux IPSec
2007-03-14:	The problem of machine startup order dependencies
2007-03-13:	Machine room archaeology What I currently do to stop comment spam on WanderingThoughts
2007-03-12:	New warning messages might as well be fatal errors
2007-03-11:	I consider __dict__ an implementation detail Weekly spam summary on March 10th, 2007
2007-03-10:	What a sysadmin's machine should be able to do
2007-03-09:	Why hashcash schemes for email will never be adopted
2007-03-08:	A bad popup dialog A belated set of more power consumption numbers
2007-03-07:	A gripe about sun.com
2007-03-06:	Why I don't like USB keyboards
2007-03-05:	Some useful new Linux software RAID features
2007-03-04:	Handling lines with something-separated fields for Python Weekly spam summary on March 3rd, 2007
2007-03-03:	On useful front-panel LEDs
2007-03-02:	A story of network weirdness
2007-03-01:	An irritating limitation of listening sockets
2007-02-28:	Using Unix domain sockets from Python
2007-02-27:	Things I did not know about until recently: Ethernet splitters
2007-02-26:	Things I have learned about effective sysadmin meetings
2007-02-25:	Ordered lists with named fields for Python How CSLab currently does email anti-spam stuff Weekly spam summary on February 24th, 2007
2007-02-24:	Thesis: any server push technology inevitably breeds spam The problem with browser minimum font size settings Most world-editable wikis are doomed Some things to remember when implementing `__getitem__`
2007-02-23:	The downside of distinctive hostnames
2007-02-22:	A simplified summary of Python's method resolution order My zeroth law of compromised machines A note about the ordering of mixin classes
2007-02-21:	Fixing Python's string `.join()` The quick overview of DiskSuite failover
2007-02-20:	Getting around LiveJournal's new minimum page width
2007-02-19:	What I currently know about Fibrechannel versus iSCSI versus AoE Another aphorism of system administration
2007-02-18:	Why we do NFS fileserving with a SAN Weekly spam summary on February 17th, 2007
2007-02-17:	Programming fun
2007-02-16:	I hate hardware (Dell 2950 edition) QOTD: There are three types of authentication
2007-02-15:	Something all full-service backup systems should have
2007-02-14:	RPM tricks for dealing with multiarch machines
2007-02-13:	On Python's grammar
2007-02-12:	Why thin clients are doomed (part 2)
2007-02-11:	How to do locking in shell scripts
2007-02-10:	Weekly spam summary on February 10th, 2007 A temptation with challenge/response anti-spam systems Link: Why the ease of installing Java matters
2007-02-09:	What System V did to the poor `ln` command
2007-02-08:	The danger of validating your XHTML
2007-02-07:	Why I think thin clients are doomed
2007-02-06:	What the Solaris 8 `nfs3_max_threads` parameter probably controls
2007-02-05:	An irritation with `yum localupdate` Another small user interface suggestion
2007-02-04:	A sysadmin twitch about `dump`
2007-02-03:	Weekly spam summary on February 3rd, 2007
2007-02-02:	A modern environment's need for broadband Why don't SQL servers do a lot of caching?
2007-02-01:	Transparent versus non-transparent caching
2007-01-31:	The inherent fragility of complex systems (in system administration) Why I am not fond of DHCP in lab environments
2007-01-29:	A gotcha with `<textarea>` How to have your web spider irritate me intensely (part 2)
2007-01-28:	Why DWiki doesn't use fully REST-ful URLs Weekly spam summary on January 27th, 2007
2007-01-27:	Why I think that DNS whitelists are going to fail
2007-01-26:	First impressions of pyOpenSSL
2007-01-25:	A clever trick to deal with students powering off workstations
2007-01-24:	An irritation with current GUI interfaces
2007-01-23:	How to stop DiskSuite resyncing a mirror on Solaris 8
2007-01-22:	Why host authentication has to check who the certificate belongs to
2007-01-21:	Sometimes system administration requires a hacksaw
2007-01-20:	Weekly spam summary on January 20th, 2007 Browsers are the wrong place to report HTML validation errors
2007-01-19:	Link: Peter Gutmann on PKI
2007-01-18:	Why I want direct certificate checking instead of having to rely on CAs
2007-01-17:	A grump about the socket module's SSL support
2007-01-16:	Why I don't have a GPG key
2007-01-15:	Configuring VLANs on Fedora Core
2007-01-14:	Wrapping exceptions versus propagating them untouched An alarming reflex in my use of `find`
2007-01-13:	Weekly spam summary on January 13th, 2007
2007-01-12:	The easy way to get me to not comment on a weblog
2007-01-11:	Xen versus VMware for me An interesting Bourne shell limitation
2007-01-10:	A gotcha with `inetd`/`xinetd` and popular UDP services
2007-01-09:	Solving an automounter timeout problem with brute force
2007-01-08:	What I really want from an automounter
2007-01-07:	Another issue with C's `volatile`
2007-01-06:	Weekly spam summary on Janury 6th, 2007 Fixing up `.rpmnew` files
2007-01-05:	Henry Spencer on C's `volatile`
2007-01-04:	The scars of my NPTL experience
2007-01-03:	The problem with C's `volatile` qualifier
2007-01-02:	My current views on webmail providers
2007-01-01:	Solaris's impressive ABI compatibility Link: Threads Cannot be Implemented as a Library
2006-12-31:	A (Solaris 8) automounter irritation
2006-12-30:	Weekly spam summary on December 30th, 2006
2006-12-29:	What can go wrong if your compiler is not thread aware
2006-12-28:	A thought on the advance of X auto-configuration
2006-12-27:	Solaris 8 DiskSuite's lack of good monitoring HTTP as it is seen in the wild
2006-12-26:	Link: OpenBSD spamd Link: varnish, a HTTP accelerator
2006-12-25:	The problem with `#ifdef` A thought of the day Link: A lovely summary of the XHTML issue
2006-12-24:	What Google Sitemaps isn't
2006-12-23:	Weekly spam summary on December 23rd, 2006
2006-12-22:	Another example of why Bourne shell quoting makes me grumpy
2006-12-21:	Something to avoid in callback email address verification
2006-12-20:	How many root DNS servers are reachable over Internet II?
2006-12-19:	An Internet dependency
2006-12-18:	A basic principle of website security
2006-12-17:	How to get me to block your web ads in a flash Weekly spam summary on December 16th, 2006
2006-12-15:	An unsurprising discovery about spammer behavior
2006-12-14:	Fedora Core's memory problem
2006-12-13:	An example of Unix's slow fossilization A SMTP implementor's conundrum
2006-12-12:	A limitation of OpenBSD bridging NAT firewalls
2006-12-10:	An irony of web serving Weekly spam summary on December 9th, 2006
2006-12-09:	How DWiki uses partial function evaluation
2006-12-08:	What I want out of a Linux partitioning program Why I don't expect result-oriented work hours to work out
2006-12-07:	Another obnoxious discovery about Ubuntu's `/var/run` stuff How not to set up your DNS (part 13)
2006-12-06:	Setting up switches to avoid unwanted VLAN leakage
2006-12-05:	A small annoyance with Unix wildcards
2006-12-04:	How SSH achieves forward secrecy
2006-12-03:	More fun with Python's indentation rules
2006-12-02:	Weekly spam summary on December 2nd, 2006
2006-12-01:	Ubuntu's attention to detail in `init.d` scripts
2006-11-30:	How Python parses indentation
2006-11-29:	Turning off HTTP basic authentication in urllib
2006-11-28:	Progress towards an all 64-bit application world
2006-11-27:	Some words of wisdom on email certification programs Why I don't rip my CDs
2006-11-26:	An irritating X Windows limitation with wheel mice Link: Serif vs. Sans Serif Legibility Weekly spam summary on November 25th, 2006
2006-11-25:	The quest for a nice Linux CD player application
2006-11-24:	A classical Unix tape gotcha
2006-11-23:	Why I don't file bug reports very often
2006-11-22:	Why ssh validates host keys using the exact name you supplied
2006-11-21:	A small script: `bsearch-nums`
2006-11-20:	A DiskSuite annoyance: `metastat`
2006-11-19:	How https: should work Weekly spam summary on November 18th, 2006
2006-11-18:	Link: Golden Rules for Bad User Interfaces Should you care about whether you can upgrade hardware? The good old days of Unix
2006-11-17:	How to quiesce NFS traffic the brute force way
2006-11-16:	An annoying omission in the Solaris 8 DiskSuite toolset
2006-11-15:	A little regexp thing to remember about \b (and \w) Why the Bourne shell is not my favorite language
2006-11-14:	Some more power consumption numbers
2006-11-13:	People aren't suspicious
2006-11-12:	Some ways to break your syndication feed Broken syndication feeds are worse than no feed
2006-11-11:	Weekly spam summary on November 11th, 2006 A thought about disaster recovery planning
2006-11-10:	Link: On Bots
2006-11-09:	A fundamental problem with challenge/response anti-spam systems The importance of printable objects
2006-11-08:	Link: Pumas on Hoverbikes The quest for the mythical `C.UTF-8` locale
2006-11-07:	Link: Unicode Spaces
2006-11-06:	HTML character sets
2006-11-05:	An interesting Python garbage collection bug
2006-11-04:	Weekly spam summary on November 4th, 2006
2006-11-03:	Installing Wine on Fedora Core 5 x86_64
2006-11-02:	Knowing things versus being able to prove them
2006-11-01:	The downsides of remailing
2006-10-31:	A Solaris 8 `make` bug An Internet rule of thumb
2006-10-30:	A brief Exim observation First irritations with Fedora Core 6
2006-10-29:	Python's `assert` is a weak debugging tool
2006-10-28:	Weekly spam summary on October 28th, 2006
2006-10-27:	In (modest) praise of Solaris DiskSuite
2006-10-26:	Languages need comments
2006-10-25:	Another advantage of distributed version control systems
2006-10-24:	Google and YouTube
2006-10-23:	A `dump` performance hint: the block size really matters
2006-10-22:	Why cursors blink
2006-10-21:	Weekly spam summary on October 21st, 2006 An irritating iptables limitation
2006-10-20:	Why releases are important
2006-10-19:	A paradox of ignorance An Ubuntu astonishment
2006-10-18:	CSS is assembly language Getting your spam crossed
2006-10-17:	Link: HTML Doctype declarations inventoried An Amanda gotcha with dumps to disk
2006-10-16:	Why have an MX record to yourself?
2006-10-15:	On the various meanings of `<tag />`
2006-10-14:	Weekly spam summary on October 14, 2006
2006-10-13:	Why quoting in the Bourne shell makes me grumpy Link: Warning Signs for Tomorrow
2006-10-12:	How stable my AMD 64-bit systems have been
2006-10-11:	Getting nice looking TrueType fonts on Fedora Core A spectacular web spammer failure
2006-10-10:	Cross building i386 RPMs on an x86_64 Fedora Core 5 machine A trivial script: `wcat`
2006-10-09:	I ♥ Fedora Extras
2006-10-08:	A reason to read blogs in reverse chronological order
2006-10-07:	Weekly spam summary on October 7th, 2006
2006-10-06:	A Python quoting irritation
2006-10-05:	Thoughts on machine identity
2006-10-04:	A pyramid of little scripts: `nsdig`
2006-10-03:	Some numbers for modern disk performance
2006-10-02:	The longevity of old hardware
2006-10-01:	The advantage of vendor packages
2006-09-30:	Weekly spam summary on September 30th, 2006
2006-09-29:	Gnome daemons you'll want to run in a custom environment
2006-09-28:	Why I hate `$LANG` and locales on Unix
2006-09-27:	How not to set up your DNS (part 12)
2006-09-26:	Why people still like TCL/TK Web site security theatre
2006-09-25:	Some reactions to a dual monitor X setup
2006-09-24:	Two approaches to Unix environments Weekly spam summary on September 23rd, 2006
2006-09-22:	A NFS mount accident on Linux
2006-09-21:	The danger of relying on Javascript for input validation An amusingly truthful hostname
2006-09-20:	A peculiarity of hardware at universities
2006-09-19:	One of the reasons I dislike SELinux
2006-09-18:	Why `/var/log/btmp` may be using up a lot of space in your `/var` My current view of Linux system filesystem sizes
2006-09-17:	How to convert a time string in GMT to seconds since the epoch
2006-09-16:	Weekly spam summary on September 16th, 2006
2006-09-15:	The temptation of LVM
2006-09-14:	A bonus to writing documentation The brute-force way to install missing Solaris 9 packages
2006-09-13:	The really irritating thing about voicemail
2006-09-12:	A quick note about how extended partitions work
2006-09-11:	Python's extra-clever `help()` function 'In place' filesystem defragmentation with Disksuite
2006-09-10:	A thought on iTunes and similar online services Weekly spam summary on September 9th, 2006
2006-09-09:	Something I really wish vendor product pages did
2006-09-08:	A Solaris 8 Disksuite single user mode surprise I hate hardware (AMD CPU edition) Link: IRON File Systems
2006-09-07:	Industrial strength Python Some wise words from Henry Spencer on backups
2006-09-06:	How fast an LCD refresh rate is going to be fast enough?
2006-09-05:	Stupid web spammer tricks
2006-09-04:	A thought about interactive development environments
2006-09-03:	Why writing documentation is no fun
2006-09-02:	Weekly spam summary on September 2nd, 2006
2006-09-01:	Link: The Single Unix Specification et al Why Postfix is not my favorite mailer
2006-08-31:	`SIGCHLD` versus Python: a problem of semantics How `dd` does blocking
2006-08-30:	A problem with debugging threaded Python programs How to lose readers of your syndication feed
2006-08-29:	An interesting filesystem corruption problem Documentation should be cheap
2006-08-27:	Documentation is not free
2006-08-26:	Weekly spam summary on August 26th, 2006
2006-08-25:	Please don't use session cookies Another stupid spider mistake
2006-08-24:	More on the Solaris ssh stuff (part 3) How not to get our business
2006-08-23:	Why I am irritated with `evince` An update on impending changes to access to Solaris patches
2006-08-22:	How not to set up your DNS (part 11) Link: Csh Programming Considered Harmful `fork()`, `wait()`, and threads
2006-08-21:	Most new products are upgrades How not to set up your DNS (part 10)
2006-08-20:	Finally, a good reason to periodically reboot servers
2006-08-19:	Weekly spam summary on August 29th, 2006 Documentation needs testing
2006-08-18:	Why `apt-get` is not my favorite application (part 2)
2006-08-17:	Idealist versus Realist The quick secret to bootable USB keys
2006-08-16:	The fun of 32-bit bugs
2006-08-15:	Hardware RAID versus software RAID
2006-08-14:	The importance of numerical literacy Distributions: keep your hands off `vi`
2006-08-13:	The real Bourne shell problem
2006-08-12:	Weekly spam summary on August 12th, 2006
2006-08-11:	An unhappy spam milestone
2006-08-10:	A Bourne shell gotcha: redirection order
2006-08-09:	A Bourne shell irritation
2006-08-08:	Slashdot's tacit admission of failure
2006-08-07:	A problem in Python's implementation of closures
2006-08-06:	A fun little regular expression bug
2006-08-05:	Weekly spam summary on August 5th, 2006
2006-08-04:	My current set of Firefox extensions
2006-08-03:	Link: When the "best tool for the job"... isn't. How to irritate your successor (on Solaris)
2006-08-02:	In praise of installing from Live CDs
2006-08-01:	One serial problem I should remember
2006-07-31:	The limitations of Unix `atime`
2006-07-30:	XHTML on the web is for masochists Weekly spam summary on July 29th, 2006
2006-07-29:	Link: Ten Risks of PKI Another little sysadmin twitch or two
2006-07-28:	A plug for blastwave.org
2006-07-27:	Unix files do not have creation times
2006-07-26:	xterm's ziconbeep feature
2006-07-25:	An `awk` idiom: getting fields backwards from the end of the line Reading Unix manpages
2006-07-24:	Link: Linguistic blindness illustrated A brief history of cut and paste in X Walking away from Slashdot: a story of design
2006-07-23:	Weekly spam summary on July 22nd, 2006
2006-07-22:	Solaris's sparseness
2006-07-21:	What Linux distributions we use (and sort of why)
2006-07-20:	Why I like Python more than Perl Link: non-errors in English
2006-07-19:	A sysadmin habit: screen locking Using Python to test system behavior Link: 'Document Centric'
2006-07-18:	Why you can't mix wildcard IP port binding with other bindings
2006-07-17:	Thesis: SMP is a failure for most Internet servers
2006-07-16:	Weekly spam summary on July 15th, 2006
2006-07-15:	A robot wish
2006-07-14:	SELinux bites man: a story Pointers to some SELinux explanations
2006-07-13:	A thought on Linux installation versus Solaris 9 installation
2006-07-12:	Why I like 'lib64' better than 'lib32' for the x86_64 transition
2006-07-11:	Why `nofollow` is useful and important
2006-07-10:	A suggestion for people with 'Out of Office' autoreplies
2006-07-09:	Weekly spam summary on July 8th, 2006
2006-07-08:	The problem of IT winning arguments
2006-07-07:	Sysadmins are an overhead
2006-07-06:	More on tabs
2006-07-05:	On tabs
2006-07-04:	A surprise with using `object()` instances
2006-07-03:	Why Solaris is not my favorite operating system
2006-07-02:	Weekly spam summary on July 1st, 2006
2006-07-01:	Link: The virtual furniture police Another annoying RSS feed trick
2006-06-30:	Some thoughts on the Fedora Core 5 Gnome desktop
2006-06-29:	`screen -x`
2006-06-28:	The problem with cool URLs
2006-06-27:	More on the Solaris ssh stuff (part 2) Microsoft has a problem
2006-06-26:	How not to report spam (part 1) WSGI versus asynchronous servers
2006-06-25:	Weekly spam summary on June 24th, 2006
2006-06-24:	A problem with signals in Python
2006-06-23:	Respecting Unix signals
2006-06-22:	An extreme example of C preprocessor (ab)use
2006-06-21:	A year (and a bit) of WanderingThoughts More on the Solaris ssh stuff
2006-06-20:	How to improve programming productivity
2006-06-19:	Impending changes to access to Solaris patches An odd choice of hostname WSGI: the good and the bad
2006-06-18:	Weekly spam summary on June 17th, 2006
2006-06-17:	Metrics considered dangerous
2006-06-16:	`/etc/inittab` versus `/etc/rc.d`
2006-06-15:	How to have your web spider irritate me intensely Dispelling a nightmare (a sysadmin tale)
2006-06-14:	How to supply an IP address in Red Hat's Kickstart
2006-06-13:	A web validation aphorism
2006-06-12:	Why charging for things is deadly at a university
2006-06-11:	Link: The Unix Heritage Society Weekly spam summary on June 10th, 2006
2006-06-10:	Fixing the bad Solaris ssh patch
2006-06-09:	Seeing Quicktime movie trailers on Fedora Core 5
2006-06-08:	Some computer power consumption numbers
2006-06-07:	Some Fedora Core 5 experimentation
2006-06-06:	Internet Distance (In Memoriam)
2006-06-05:	A Python coding mistake People are ordinary
2006-06-04:	Weekly spam summary on June 3rd, 2006
2006-06-03:	The fundamental problem of spam
2006-06-02:	An object identity gotcha in Python
2006-06-01:	Link: a Unix sysadmin rosetta stone The cynical take on nofollow
2006-05-31:	A simple way to get a disk space usage summary Fiddling with X selections from shell scripts
2006-05-30:	An shell script idiom for choosing what file to operate on
2006-05-29:	An obvious way to do bulk initialization of dictionaries
2006-05-28:	Weekly spam summary on May 27th, 2006
2006-05-27:	Today's dilemma: wiki page or blog entry?
2006-05-26:	A message you do not want to see from your backup software The problem with treating RAID arrays as single disks
2006-05-25:	Link: Classic Mistakes Enumerated A Linux `su` surprise SCGI is a form of caching
2006-05-24:	The not so secret history of vmlinuz
2006-05-23:	Link: Why overtime is bad for everyone A defense of Unix that always irritates me
2006-05-22:	A little failsafe feature in 3-prong electrical plugs
2006-05-21:	My mistake with the `Host:` HTTP header Weekly spam summary on May 20th, 2006
2006-05-20:	Things that irritate me about Python's socket module
2006-05-19:	Some modest suggestions on vendor tradeshow giveaways
2006-05-18:	The future of spam is advance fee fraud
2006-05-17:	Where to find package inventories on Solaris 9
2006-05-16:	A Python limit I never expected to run into
2006-05-15:	PlanetLab hammers on `robots.txt`
2006-05-14:	Absolute versus relative URLs in syndication feeds Link: an engineering management hack A small user interface suggestion Weekly spam summary on May 13th, 2006
2006-05-13:	Safely updating Unix files
2006-05-12:	The problem with preforking Python network servers
2006-05-11:	Building a boot floppy for BIOS flashing
2006-05-10:	Another really stupid web spider The practical cost of forking in Python
2006-05-09:	Bad patch management at Sun
2006-05-08:	Link: an excerpt from On Writing Well A really stupid web spider
2006-05-07:	Link: Search engine page size limits for indexing SCGI versus FastCGI Weekly spam summary on May 6th, 2006
2006-05-06:	Using a stock kernel.org kernel on Fedora Core 5
2006-05-05:	Link: Readable colour text combinations Peeking under mount points with NFS
2006-05-04:	A subtle advantage of simple wikis
2006-05-03:	Fedora Core 5's missing 32-bit shared library symlinks
2006-05-02:	CSS and syndication (another CSS limitation)
2006-05-01:	Emergency repairs with GRUB
2006-04-30:	Weekly spam summary on April 29th, 2006
2006-04-29:	Another little script: `field`
2006-04-28:	Some first impressions of Fedora Core 5
2006-04-27:	A picture of what university IT is like
2006-04-26:	Common web spider mistakes
2006-04-25:	Linux's `%iowait` statistic
2006-04-24:	People are social
2006-04-23:	The sort of command line I can wind up typing Some CBL stats for the week ending on April 22nd, 2006 Weekly spam summary on April 22nd, 2006
2006-04-22:	Link: Scaling Apache at ftp.heanet.ie
2006-04-21:	Working on RPMs with `quilt`: an illustrated guide A CSS limitation: it's not supported by `lynx`
2006-04-20:	The spread of syndication
2006-04-19:	A gotcha with analyzing syslog logs
2006-04-18:	How Solaris matches names in NFS exports
2006-04-17:	What do variable names mean (in Python and elsewhere)?
2006-04-16:	Weekly spam summary on April 15th, 2006
2006-04-15:	The problem of the growth of syndication feeds Public interfaces and Solaris 9 `patchadd` exit codes
2006-04-14:	Why `del` has to be a Python builtin
2006-04-13:	An obnoxious RSS feed trick
2006-04-12:	Something to remember about networking restarts
2006-04-11:	A little script: `howmany`
2006-04-10:	`xiostat`: better Linux disk IO statistics The fun and charm of quoting URLs properly
2006-04-09:	Weekly spam summary on April 8th, 2006
2006-04-08:	Apple joins the webmail hall of shame A common socket programming mistake: not handling short IO
2006-04-07:	A `bash` irritation A pleasing Python regularity with `__future__` Some quick SMTP connection statistics
2006-04-06:	Some things about `smpatch`
2006-04-05:	Keeping up with new Python features The other dynamic linking tax
2006-04-04:	Why I don't like resorting to caching
2006-04-03:	An ugly spam attempt Spiders should respect `rel="nofollow"`
2006-04-02:	Weekly spam summary on April 1st, 2006
2006-04-01:	The best April Fools joke I've seen here A Firefox CSS irritation
2006-03-31:	The perfection trap: a lesson drawn from Worse is Better The difficulty of punishing people at universities
2006-03-30:	What disk IO stats you get from the Linux kernel
2006-03-29:	Easier Solaris patch management with `pca`
2006-03-28:	Hotmail spam stats revised Using threading to implement a 'busy' cursor (a tale from long ago)
2006-03-27:	A helpful Apache safety tip
2006-03-26:	Weekly spam summary on March 25th, 2006
2006-03-25:	A little gotcha with `os.path.join`
2006-03-24:	Setting up to build RPMs
2006-03-23:	Side effects are bad: a personal illustration We apologize for the disruption in syndication feeds Atom versus RSS Solaris patch exit codes and what they mean
2006-03-22:	Google Desktop and conditional GET (part 2)
2006-03-21:	The backend for our recent mirroring
2006-03-20:	An optimization thought
2006-03-19:	Weekly spam summary on March 18th, 2006
2006-03-18:	Some little things Firefox gets right
2006-03-17:	How not to set up your DNS (part 9) The problem with LiveJournal
2006-03-16:	A tricky memoization decorator
2006-03-15:	The aftermath of our mirroring
2006-03-14:	Some problems with `iostat` on Linux
2006-03-13:	Preparing a high load web mirror setup
2006-03-12:	A DNS realization Weekly spam summary on March 11th, 2006
2006-03-11:	Web design trends that I don't understand (part 1)
2006-03-10:	Why dynamic linking The dynamic linking tax on `fork()`
2006-03-09:	Making things simple for busy webmasters Closures versus classes for capturing state
2006-03-08:	Thinking about project failures
2006-03-07:	A modular approach to Apache configuration
2006-03-06:	How not to set up your mail server (part 1) A thought about Technorati
2006-03-05:	Weekly spam summary on March 4th, 2006
2006-03-04:	`os.walk` can be surprisingly slow
2006-03-03:	Visualizing dynamic program flow
2006-03-02:	A robots.txt surprise The `:;` shell prompt trick
2006-03-01:	Unicode is not simple
2006-02-28:	Practical RAID-1 read balancing A sad day for SGI: it's now a spammer A web spider update: not actually Uptilt's web spider A surprising effect of RAID-1 resynchronization
2006-02-27:	Python's extra-clever function parameters
2006-02-26:	Weekly spam summary on February 25th, 2006 The hassle of email (as compared to RSS)
2006-02-25:	More clever (ab)use of `and` and `or` A trick for handling mutable default arguments
2006-02-24:	Wanted: RSS feeds for vendor software updates
2006-02-23:	Checking systems with RPM verification (part 1)
2006-02-22:	Peter Drucker on the Five Deadly Business Sins
2006-02-21:	An annoyance with $PATH on Red Hat
2006-02-20:	More on regular expression performance
2006-02-19:	Irony in a Referer spammer Weekly spam summary on February 18th, 2006
2006-02-18:	Automation promotes action Stupid web spider tricks
2006-02-17:	Some regular expression performance surprises
2006-02-16:	An interesting IDE to SATA migration problem
2006-02-15:	Fun with control characters and the web
2006-02-14:	An advantage of using a non-standard shell
2006-02-13:	GNU bc for the birthday paradox The problem with <pre>
2006-02-12:	Weekly spam summary on February 11th, 2006
2006-02-11:	The return of how to get your web spider banned
2006-02-10:	The charm of Sun's Freeware collection Session IDs and the Birthday Paradox
2006-02-09:	Using the tempfile module to get temporary files
2006-02-08:	The `id` attribute considered dangerous
2006-02-07:	$PATH in Solaris
2006-02-06:	The sysadmin's life More on simple markup languages
2006-02-05:	Weekly spam summary on February 4th, 2006
2006-02-04:	Why simple markup languages make sense
2006-02-03:	Van Jacobson illustrates the importance of cache effects
2006-02-02:	The rise of wikiblogs
2006-02-01:	A suggestion: read your own syndication feed
2006-01-31:	Getting console messages in X
2006-01-30:	An impending Debian derailment
2006-01-29:	Weekly spam summary on January 28th, 2006
2006-01-28:	A bad product name
2006-01-27:	Pointer: The Unix-Haters Handbook
2006-01-26:	A Unix annoyance
2006-01-25:	Site navigation stuff goes on the right side
2006-01-24:	A digression on spelling
2006-01-23:	Why case independent filenames are a bad idea
2006-01-22:	Weekly spam summary on January 21st, 2005
2006-01-21:	Please have stable ids for your feed entries
2006-01-20:	The limits of web spider tolerance
2006-01-19:	A Python length gotcha
2006-01-18:	A portability gotcha with `accept()`
2006-01-17:	The economics of CPU performance
2006-01-16:	Some words of wisdom for all ISPs The danger of specific errno values
2006-01-15:	How not to set up your DNS (part 8) Weekly spam summary on January 14th, 2006
2006-01-14:	Writing HTML considered harmful
2006-01-13:	An unconventional reason for large RAID stripe sizes
2006-01-12:	How not to set up your DNS (part 7) On not logging things
2006-01-11:	Recording attribute access and method calls
2006-01-10:	The peculiar effects of grant funding at universities
2006-01-09:	How Linux names network interfaces
2006-01-08:	Weekly spam summary on January 7th, 2006 Towards assessing SORBS' false positive rate
2006-01-07:	Some notes on Solaris 9's Sunscreen IP filtering package
2006-01-06:	The old nameserver glue record hell
2006-01-05:	Is concurrency 'hard'?
2006-01-04:	Python synergies in list addressing
2006-01-03:	In practice, there are multiple namespaces for URLs
2006-01-02:	Universities are peculiar places
2006-01-01:	Weekly spam summary on December 31st, 2005
2005-12-31:	Notes on getting a Solaris hardware inventory A logical consequence of `def` being an executable statement
2005-12-30:	On Lisp's fundamental data structure A Python surprise: the consequences of variable scope
2005-12-29:	What I use asserts for
2005-12-28:	Unix folklore: using multiple `sync` commands
2005-12-27:	A thought about free software licenses
2005-12-26:	Thinking about a closure confusion
2005-12-25:	Weekly spam summary on December 24th, 2005
2005-12-24:	When comment spammers attack
2005-12-23:	Why the (Sun) JVM is irrelevant to me
2005-12-22:	What I really want is error-shielding interfaces
2005-12-21:	How to get your web spider banned from here
2005-12-20:	Another problem of secrecy A sociopolitical advantage of distributed version control
2005-12-19:	Initializing Python struct objects with optional defaults
2005-12-18:	Emulating C structs in Python Weekly spam summary on December 17th, 2005
2005-12-17:	The problem of secrecy On the web, text colours are an all or nothing thing
2005-12-16:	On the name of USB flash memory drives
2005-12-15:	Another introspection trick Reddit versus Digg: a little detail that matters
2005-12-14:	A thing I don't like about Linux
2005-12-13:	What Python threads are good for
2005-12-12:	Waiting for both network IO and inter-thread notifications
2005-12-11:	Weekly spam summary on December 10th, 2005
2005-12-10:	How not to set up your DNS (part 6)
2005-12-09:	A surprising hazard of running as root all the time Security versus resilience
2005-12-08:	How not to set up your DNS (part 5)
2005-12-07:	Google Desktop and conditional GET
2005-12-06:	How not to set up your DNS (part 4) An explanation for the popularity of threads
2005-12-05:	Dropping packets versus rejecting them in firewall rules
2005-12-04:	Weekly spam summary on December 3rd, 2005
2005-12-03:	CBL listings broken down by ISP How to do TCP keepalives in Python
2005-12-02:	Iptables modules that aren't in the iptables manpage
2005-12-01:	Stopping brute-force ssh scans the easy way
2005-11-30:	An advantage to introspection and an interactive interpreter
2005-11-29:	A little gotcha in shell scripts
2005-11-28:	How not to set up your DNS (part 3) What Python's global interpreter lock does (and doesn't) protect
2005-11-27:	Weekly spam summary on November 26th, 2005
2005-11-26:	How not to set up your DNS (part 2) How not to set up your DNS (part 1)
2005-11-25:	Making self-signed SSL certificates with OpenSSL A little sysadmin twitch
2005-11-24:	Solaris 9's slow patch installs Multiprocessors are a leaky abstraction
2005-11-23:	A quick outline of Firefox extension structure
2005-11-22:	How to fiddle with Firefox .jar files relatively easily
2005-11-21:	Why I don't write '`if (NULL == foo)`' in C code
2005-11-20:	Weekly spam summary on November 19th, 2005
2005-11-19:	Solaris 9 sendmail irritations
2005-11-18:	SQL as metaprogramming
2005-11-17:	Why Linux threads use up so much memory
2005-11-16:	How not to do DNS for internal domains
2005-11-15:	The scope of the peril of having a highly dynamic web site
2005-11-14:	Banning MSNBot: an open letter to MSN Search
2005-11-13:	Weekly spam summary on November 12th, 2005
2005-11-12:	Why using local variables is fast in Python
2005-11-11:	The importance of understanding Python's implementation
2005-11-10:	How doing relative name DNS lookups can shoot you in the foot
2005-11-09:	Using Python introspection for semi-evil
2005-11-08:	Fun with DNS: a semi-obscure problem
2005-11-07:	Examining Python's string concatenation optimization
2005-11-06:	Weekly spam summary on November 5th, 2005
2005-11-05:	Minimizing object churn to optimize Python code
2005-11-04:	Modifying Linux kernel configuration options the easy way
2005-11-03:	Fun with upgrading our backup server
2005-11-02:	How well do some Atom feed fetchers do conditional GETs?
2005-11-01:	Another tip: Label your hard drives
2005-10-31:	A tip: Always include NAT in your Linux kernel configuration
2005-10-30:	Weekly spam summary on October 29th, 2005
2005-10-29:	Affiliate marketing is undead The problem with If-Modified-Since as a timestamp
2005-10-28:	Inside building RPMs with Python distutils
2005-10-27:	Databases are APIs
2005-10-26:	An example of why DBAs make money
2005-10-25:	A smooth disk swap
2005-10-24:	On banning web search engines
2005-10-23:	One reason why I like Unix Weekly spam summary on October 22nd, 2005
2005-10-22:	A gotcha with Python and Unix signals
2005-10-21:	How ETags and If-Modified-Since headers interact MSNbot (still) has problems with binary files
2005-10-20:	A Python surprise: exiting is an exception Accidentally shooting yourself in the foot in Python
2005-10-19:	Thoughts on Jakob Nielsen on weblog usability
2005-10-18:	Another aphorism of system administration
2005-10-17:	The Myth of Support (Part 3)
2005-10-16:	Weekly spam summary on October 15th, 2005
2005-10-15:	How Hotmail is doing on the spam front Estimating search engine popularity
2005-10-14:	On the naming of machines
2005-10-13:	Try things out with new machines
2005-10-12:	Really understanding availability numbers
2005-10-11:	Improve your web experience by turning Javascript off
2005-10-10:	A useful resource: gmane.org
2005-10-09:	Troubleshooting versus support Weekly spam summary on October 8th, 2005
2005-10-08:	Exploring some spamblogs Solaris 9 'Power management'
2005-10-07:	Three levels of database usage
2005-10-06:	First irritations with Solaris 9
2005-10-05:	Thinking about redundant power supplies
2005-10-04:	A left-field aphorism Keeping changing systems stable
2005-10-03:	Some important notes on getting all objects in Python
2005-10-02:	Weekly spam summary on October 1st, 2005
2005-10-01:	Some problems in common definitions of 'spam email' The many consoles of Linux
2005-09-30:	Pinging weblogs.com in Python
2005-09-29:	Something C programmers should not write in Python code
2005-09-28:	MSNbot goes crazy with RSS feeds
2005-09-27:	Some hints on debugging memory leaks in Python programs
2005-09-26:	A peril of having a highly dynamic web site
2005-09-25:	Weekly spam summary on September 24th, 2005
2005-09-24:	A spammer roundup It's a multi-protocol world after all
2005-09-23:	Be cautious with numbers in `awk` The (probable) importance of accurate Content-Types
2005-09-22:	Excluding buggy RPMs from a `yum` repository
2005-09-21:	More Fedora Core 4 problems with X What vendor updates are pending on your Linux system?
2005-09-20:	Some words of wisdom for free webmail providers Two Python `import` tricks
2005-09-19:	Function definition order in Python
2005-09-18:	Weekly spam summary on September 17th, 2005
2005-09-17:	Demon Internet joins the webmail hall of shame
2005-09-16:	Getting a list of all objects in Python Web browsers make bad text editors
2005-09-15:	Efficiently distributing huge files to lots of workstations
2005-09-14:	Why I really dislike the Singleton design pattern
2005-09-13:	Concurrency is tricky The problem of being overcautious
2005-09-12:	Things not do for your network daemon's debugging option The annoyance of arbitrary limits
2005-09-11:	Weekly spam summary on September 10th, 2005 Comment spam writ large
2005-09-10:	Hotmail's Other Spam Problem Hotmail has a spam problem More Fedora Core 4 Anaconda fun
2005-09-09:	When Python classes are pointless
2005-09-08:	Another Fedora Core 4 Anaconda bug
2005-09-07:	The MSN search spider has gone crazy
2005-09-06:	Two sides of Internet identity
2005-09-05:	Why print-based debugging is so popular
2005-09-04:	Weekly spam summary on September 3rd, 2005
2005-09-03:	Varying interpretations of improper CIDRs
2005-09-02:	The 'Trade Press' and blogs
2005-09-01:	On blocking access from large IP ranges
2005-08-31:	LILO vs GRUB: why LILO still wins for servers
2005-08-30:	The Version Control System dependency problem
2005-08-29:	Python's dangerous automatic Unicode conversions
2005-08-28:	Weekly spam summary on August 27th, 2005
2005-08-27:	How not to package software in RPMs
2005-08-26:	Two faces of RSS
2005-08-25:	Explaining rubber duck debugging
2005-08-24:	Another aphorism of system administration Completely using an alternate `yum` configuration
2005-08-23:	Diagnosing an install problem: a case study in indirect failures
2005-08-22:	On being nibbled to death by moths
2005-08-21:	Weekly spam summary on August 20th, 2005 Mutating Referer Spammers
2005-08-20:	Disk setup in our Fedora Core 4 Kickstart environment
2005-08-19:	The March of the Cheap
2005-08-18:	The pains of modern disk storage
2005-08-17:	Parallelizing DNS queries with `split` Remember to think about the scale of things Annoying RSS Feed Tricks
2005-08-16:	Things that could happen to your backups
2005-08-15:	Check your backups
2005-08-14:	Weekly spam summary for August 13th, 2005 Those amusing Referer spammers
2005-08-13:	The anatomy of a DWiki bug
2005-08-12:	Chiming in on static versus dynamic typing
2005-08-11:	Some interesting software tools (part 1) An aphorism of system administration
2005-08-10:	Why open source needs distributed version control
2005-08-09:	My first comment spam
2005-08-08:	Security is a pain
2005-08-07:	XBL rejection stats, August 6th 2005
2005-08-06:	The importance of 'transparency' in data structures
2005-08-05:	Perimeter firewalls and universities
2005-08-04:	Keep your hands off my font size
2005-08-03:	Why Perl is not my favorite language
2005-08-01:	Multilevel list comprehensions in Python Spam breakdown by SBL listing, July 31st 2005
2005-07-31:	Spam storm aftermath, July 30th 2005
2005-07-30:	Briefly doing DNS queries in Perl
2005-07-29:	How spammers seem to be coping with greylisting
2005-07-28:	Doing DNS queries in Python
2005-07-27:	Spam Storm, July 26th 2005
2005-07-26:	What ASNs are most actively spamming us
2005-07-25:	Reliably archiving things
2005-07-24:	Spam summary for July 23rd 2005 The necessary evolution of mail servers
2005-07-23:	The Myth of Support (Part 2)
2005-07-22:	The Myth of Support (Part 1)
2005-07-20:	Please produce useful error messages
2005-07-19:	Exceptions as efficient programming Exceptions and casual programming
2005-07-17:	Skills I use when troubleshooting How many places actually send us email?
2005-07-15:	First Irritations with Fedora Core 4 How AMD killed the Itanium
2005-07-13:	The legend of Debian Linux
2005-07-12:	Chasing a problem in our Gnome customizations
2005-07-11:	Adding submenus to Gnome
2005-07-10:	Tools versus frontends in systems programs
2005-07-09:	The minimum antispam features of a modern SMTP server
2005-07-08:	Why `apt-get` is not my favorite application
2005-07-07:	What RSS can learn from Usenet
2005-07-06:	Mozilla versus SeaMonkey
2005-07-05:	Fedora Core 4's buggy Anaconda
2005-07-04:	The big trick of running lots of systems There's two sorts of large systems
2005-07-03:	Checking for dead DNSBls
2005-07-02:	What shouldn't be a method function
2005-07-01:	Why this site has almost no design
2005-06-29:	Reconsidering network authentication delays
2005-06-28:	Scripting and automation capture knowledge
2005-06-27:	Some quick CBL stats Dangerously over-broad error catching
2005-06-26:	Some spam stats at June 25th, 2005
2005-06-24:	An open letter to free webmail providers An unchanging system should be stable
2005-06-23:	A real use for `staticmethod`
2005-06-22:	Future Sysadmin Jobs
2005-06-21:	The problems with enforced UTF-8 only filenames
2005-06-20:	Small details can matter (or: a little nifty Python bit)
2005-06-18:	SMTP IP firewall stats at June 18th, 2005
2005-06-17:	The problem with CPAN (and other similar systems)
2005-06-16:	AJAX vs Dialups Iterator & Generator Gotchas
2005-06-14:	Putting a pleasant Python surprise to use Pitfalls in generating `Last-Modified:`
2005-06-12:	Making a Python mountain out of a molehill Why a Blog?
2005-06-11:	web/HTTPRedirects web/CSSIrritation

This is a Category/PageManagement page.