Election Humour
Martin, Harper and Layton are flying on the Executive Airbus to a gathering in British Columbia when Martin turns to Harper and says, chuckling, "You know, I could throw a $1000 bill out the window right now and make someone very happy." Harper shrugs and replies, "Well, I could throw ten $100 bills out the window and make ten people happy." Not to be outdone, Layton says, "Well I could throw a hundred $10 bills out the window and make a hundred people happy."
ldap on debian
I've started writing a debian authentication from ldap tutorial. Here is the unfinished text: Ldap Authentication on Debian I've seen a much more ass kicking one on Planet Debian recently from Edd Dumbill. Here is a link: Turn your world LDAP-tastic, and Visual LDAP administration tools - a recent fallowup
Error while mapping shared library sections
It irks me when I am searching for a solution to a problem I have, get a few dozen hits on google, but all I get are people stating the same problem. Here is my attempt at improving the scoring of solutions. In gdb 6.0 there is a frequently seen problem where the debugger complains about "Error while mapping shared library sections". I was unable to find the real cause of this, but this link stated that an upgrade to gdb 6.1 fixes the problem. There is also a link to a related redhat bugzilla bug entry.
IRC over email gateway
12:47 <@ bartman> hey, you know what would be cool… if you could ahve an email-to-irc proxy 12:48 < muffy> bartman: Please explain why that would be cool. 12:48 <@ bartman> then people, like Tyler, who have opprisive French overlords could use irc by just emailing a bot 12:48 <@ bartman> ofcourse IP-over-email sould be even cooler 12:49 < muffy> But how would Tyler receive messages? One email per message would be too much I would think. 12:59 < steve> the bot could send (digest) messages to respective users when their username appears in the line 12:59 <@ bartman> nod 13:00 <@ bartman> queue up for a few seconds/minutes and then purge in one email 13:00 <@ bartman> even private conversations could be maintained bu using the Reply-To: tag 13:00 < muffy> I suppose. But that takes them out of the general conversations. I would think queueing up and sending every few minutes might be better. 13:01 < steve> i still like my way, send iff their username appears in the line 13:01 < steve> so long as everyone “plays nice” and addresses it to them, they get messages important to them 13:02 < dave0> Would be simple to take the evil at http://www.dmo.ca/projects/hacks/IRC/ircnotify and put it in a .procmailrc 13:02 < muffy> Well, we could always give them the option of whether they want just messages addressed to them or global ones. 13:02 < dave0> but mailing of digests is a little more painful 13:03 <@ bartman> steve: note that you didn’t “play nice” 13:03 < steve> i never do 13:04 <@ bartman> getting only the addressed messages would be pointless 13:04 < steve> oops, that should have been 13:04 steve never does 13:04 <@ bartman> you would get only 1% of the conversation 13:04 <@ bartman> and no context 13:04 < steve> i meant for the name to be a “trigger”, which would then send the digest from the last trigger to now 13:05 <@ bartman> a trigger, not filter… gotcha 13:05 <@ bartman> there would have to be a timed trigger too …
brute force attacks sshd?
This will show you the IP addresses that have failed to login as well as the number of attempts that failed. grep ‘Failed password ’ /var/log/auth.log | sed ’s/^.* ([0-9]+.[0-9]+.[0-9]+.[0-9]+) .*$/\1/’ | sort | uniq -c | sort -n | tail -n 10 You can safely ignore a few failed attempts, but I was getting close to 3000 over the last week from one IP. I decided that warranted some action. :)
LDAP authentication (part 1)
. Wasted some time this week converting my server to LDAP directories and renumbering UIDs/GIDs to the “Debian numbering ranges” from the RedHat ranges that I have lived with for 7 years – I have a lot of data to migrate over to the new IDs… data is intact. LDAP is so ugly after you used SQL, and is a bitch to setup, but after a few hours I managed to get it working with PAM and NSS. I will have to document my steps because I had to read ~10 documents on the web to finally get things working – the Debian packages do not do all the work for you in this case.
sawfish workspace themes
(Don't get too excited... it may not be what you think) I have been using sawfish for many years now, and written a few custom hacks for it. My current theme is Tlines. I've tried most the other window managers and come back to sawfish every time I get adventurous, because sawfish is so bloody configurable. Recently I started using the following settings, as a very cool time saver: focus = enter-only root-window binding 'button1-click2' locks my screen root-window binding 'w' start galeon root-window binding 't' start 3 vertical non-overlapping terminals root-window binding 'g' start gimp + gqview (also non-overlapping)
Mini-DV to divx using mencoder
I occasionally have footage to take off my MiniDV camera and need to convert it to a format that I can easily burn and archive. I am not much into mastering DVDs, just being able to play the file on my computer is good enough for now. I've been using kino to do this job before, but that is hard to script. So I decided to play a bit with mencoder. I have no idea what I am doing, so I tried to encode at the highest possible bitrate/quality I could get out of the DivX (mpeg4) encoder.
notes on vserver
[ this entry will be updated as I think of more stuff to add ] ssh & X forwarding For a while I was having issues with ssh X forwarding to my vserver. Finally found the problem. The problem is actually with X authentication against localhost, and setting localhost to the IP address of the machine in /etc/hosts solved that. Also someone recommended putting "X11UseLocalhost no" in /etc/ssh/sshd_config. raw access to block devices
fast kernel logging
As part of some driver work for a client I looked at some fast logging methods since logging via printk() to syslog sucks. Here are the hits I got: ULOG - it's what netfilter uses for logging packets. It relies on netlink for transport and a ulogd in user space to treat the logs. Apparently ULOG2 is in the works. DBUS - patch from Robert Love that adds a fast event notification mechanism to the kernel. It too relies on netlink for transport. It's mostly meant for events like "Your CPU is overheating", not packet logging. relayfs - a patch that adds a flexible buffering scheme for logging. Seems like the most flexible of the bunch.