Eagle's Path

Passion and dispassion. Choose two.

Larry Wall

2018-04-15: Free software log (March 2018)

I did get a few software releases out this month, although not as much as I'd planned and I still have a lot of new releases pending that are waiting for me to have a bit more free time.

control-archive got a 1.8.0 release, which catches up from accumulated changes over the past year plus and falls back to GnuPG v1 for signature processing. One of the projects that I'd like to find time for is redoing all of my scattered code for making and checking Usenet control messages.

DocKnot 1.03 adds more support for SPDX license identifiers, which I've started using in my projects, and then 1.04 was a quick bug fix release for something I broke in the test suite on Windows systems.

I also redid the Kerberos authentication plugin for INN to use modern Kerberos APIs, which cleared up some build issues when pointing at non-system Kerberos libraries.

2018-04-14: INN 2.6.2

(As usual, Julien finished this release a bit back, and then I got busy with life stuff and hadn't gotten the announcement out. And yes, I copied and pasted this parenthetical from the last announcement. Tradition!)

In the feature department, this release adds a new syntaxchecks parameter to inn.conf that can be used to disable message ID syntax checking, better header sanitization support in mailpost, support for TLS 1.3, and support for using GnuPG v1 (which is unfortunately important for control messages and NoCeM on Usenet still).

In the bug-fix department, this release always uses the OVDB helper server with OVDB to avoid various stability problems, fixes a header checking bug in inews that was incorrectly rejecting some long headers, fixes some control command reporting in the daily status report, and hopefully fixes buffindexed on systems with a native page size larger than 16KB.

As always, thanks to Julien ÉLIE for preparing this release and doing most of the maintenance work on INN!

You can get the latest version from the official ISC download page (although that download link still points to INN 2.6.1 as of this writing) or from my personal INN pages. The latter also has links to the full changelog and the other INN documentation.

2018-04-01: remctl 3.14

remctl is a client/server protocol supporting remote execution of specific configured commands using GSS-API or ssh for authentication and encryption.

This is a minimal release that fixes a security bug introduced in 3.12, discovered by Santosh Ananthakrishnan. A remctl client with the ability to run a server command with the sudo configuration option may be able to corrupt the configuration of remctld to run arbitrary commands, although I believe this would be moderately difficult to do. Only remctld (not remctl-shel) is vulnerable, and only if there are commands using the sudo configuration option.

There is a more formal security advisory as well.

If you are running remctl 3.12 and 3.13, I recommend upgrading, although there should be no security consequences if you are not using the sudo configuration option. Fixed packages have been uploaded for Debian stable (stretch) and unstable.

You can get the latest version from the remctl distribution page.

2018-03-31: Review: Russell's Attic Interstitials

Review: Russell's Attic Interstitials, by S.L. Huang

Series Cas Russell
Publisher S.L. Huang
Copyright 2014, 2015
Format Kindle
Pages 43

Between Half Life and Root of Unity, Huang published two short stories in the Cas Russell universe. These were separately published, so normally I'd give both of them a full review, but they're extremely short and that felt silly. So both are getting reviewed in this "fake" book.

To make things more confusing, the series has been picked up by Tor and is in the process of being reissued as the Cas Russell series, rather than Huang's original series title of Russell's Attic (which I think is much better, but I don't work in book marketing). But the short stories were published with the subtitle A Russell's Attic Interstitial, so I'm sticking with that for the title here.

You can read both of these for free online if you join Huang's mailing list, or they're about $1 each from ebook retailers.

"A Neurological Study on the Effects of Canine Appeal on Psychopathy, or, RIO ADOPTS A PUPPY": Those who have read the series at all will recognize Rio as Cas's disturbing psychopath friend. Dexter is the analogy that others may be familiar with: Rio is a mass murderer who has adopted Christianity as an external moral code, follows it very precisely but selectively to do good in the world (mostly by going after bad people), and expects to be going to Hell anyway. After all, he does torture and kill people regularly, and religion is rather clear about these things.

In this short story, a starving and injured dog shows up at Rio's doorstep, and Rio of course takes care of the dog because that's what one is supposed to do. It's mostly an opportunity to show a day in Rio's life from his own perspective, including his constant temptation towards torture and artistic slaughter (indulged once here against one of his targets, so there's a lot of very graphic violence). If you like Rio more than I do and want the details of how Rio copes with his compulsions, there's a lot of that here, but I think it's obvious and skippable. I didn't learn anything of consequence about Rio that wasn't already obvious from the rest of the series, and I found being inside his head disturbing and not particularly enjoyable. The best thing about the story was the title. (4)

"An Examination of Collegial Dynamics as Expressed Through Marksmanship, or, LADIES' DAY OUT": Pilar decides that since she's around people who are constantly using deadly weapons, she should learn how to shoot. So she asks Cas, who is entirely nonplussed by the request. But Pilar is very good at talking people into doing things.

Pilar is one of the few people who could tolerate Cas's acerbic grumpiness. Cas has no desire to be a teacher, but she can see exactly what Pilar's doing wrong with every attempt, so she's surprisingly good at it. But the depth of the story comes not from the teaching, but from Pilar's reactions to having and potentially using a gun, intermixed with Cas's fights with her own demons and her willingness to kill.

This, I liked, at about the level of the rest of the series. Since it's an optional interstitial, it does suffer from an inability to make any dramatic forward progress with characterization or life decisions for the characters. But I like both Pilar and Cas as characters, and I like watching them interact. If you enjoy the rest of the series, this is worth your time. (7)

Rating: 6 out of 10

2018-03-24: DocKnot 1.04

The last release of DocKnot (my program for maintaining various bits of package documentation) had a bug in one of the new tests on Windows systems. This release fixes only that bug, mostly to make the automated CPAN testers stop mailing me. (Such an excellent service.)

You can get the latest release from the DocKnot distribution page.

2018-03-18: control-archive 1.8.0

This is the software that maintains the archive of control messages and the newsgroups and active files on ftp.isc.org. I update things in place, but it's been a while since I made a formal release, and one seemed overdue (particularly since it needed some compatibility tweaks for GnuPG v1).

In code changes, signing IDs with whitespace are now supported, summaries when there is no log file for the summary period don't produce an error, and gpg1 is now used explicitly with flags to allow weak digest algorithms since the state of crypto for Usenet control messages is rather dire.

On the documentation side, there are multiple fixes to the README.html file that's also shipped with pgpcontrol, updating email addresses, URLs, package versions, and various other details.

For hierarchy changes, the grisbi.* key has been cleaned up a bit for hopefully more reliable verification, and everything related to gov.* has been dropped.

You can get the latest release from the control-archive distribution page.

2018-03-17: DocKnot 1.03

This is the software that I use to generate documentation for my software. Currently, it just handles README, README.md, and the top-level web page for the package.

This release adds a new metadata file, support/extra, which includes information that should be added to the middle of the normal SUPPORT section of README and README.md files. It also adds an explanatory paragraph about SPDX to the default templates, and adds SPDX license identifiers to the package itself.

I've spent quite some time looking at good ways of maintaining accurate license metadata for my packages (and for Debian packages I maintain), including writing a truly ugly Perl script that generates a Debian copyright-format 1.0 file from a source tree. (There are multiple versions of this; mine is pickier than any other that I'm aware of.) Rather than trying to solve the free-form comment parsing problem, some form of structured metadata that's broadly adopted feels like the correct engineering solution (putting aside the fact that it will be hard to get everyone to adopt it). The SPDX project is trying to solve this, and although it seems very bureaucratic and the spec is almost unreadable, it does seem to be catching on to a degree.

I'm therefore adopting it in my packages at least to the extent of adding SPDX-License-Identifier headers to my source files and using the SPDX-standard identifiers (which annoyingly differ from the Debian copyright-format identifiers). I added a test to check that all the files have these headers and will start adding that to all my packages as I release them.

I'm still generating the LICENSE file with my messed-up Perl script. I want to switch from that to a better script that supports SPDX and I don't have to maintain, and will take a look at both the SPDX tooling and cme when I have a chance.

You can get the latest release from the DocKnot distribution page.

2018-03-08: My friend Stirge

Eric Sturgeon, one of my oldest and dearest friends, died this week of complications from what I'm fairly certain was non-alcoholic fatty liver disease.

It was not entirely unexpected. He'd been getting progressively worse over the past six months. But at the same time there's no way to expect this sort of hole in my life.

I've known Stirge for twenty-five years, more than half of my life. We were both in college when we first met on Usenet in 1993 in the rec.arts.comics.* hierarchy, where Stirge was the one with the insane pull list and the canonical knowledge of the Marvel Universe. We have been friends ever since: part of on-line fiction groups, IRC channels, and free-form role-playing groups. He's been my friend through school and graduation, through every step of my career, through four generations of console systems, through two moves for me and maybe a dozen for him, through a difficult job change... through my entire adult life.

For more than fifteen years, he's been spending a day or a week or two, several times a year, sitting on my couch and playing video games. Usually he played and I navigated, researching FAQs and walkthroughs. Twitch was immediately obvious to me the moment I discovered it existed; it's the experience I'd had with Stirge for years before that. I don't know what video games are without his thoughts on them.

Stirge rarely was able to put his ideas into stories he could share with other people. He admired other people's art deeply, but wasn't an artist himself. But he loved fictional worlds, loved their depth and complexity and lore, and was deeply and passionately creative. He knew the stories he played and read and watched, and he knew the characters he played, particularly in World of Warcraft and Star Wars: The Old Republic. His characters had depth and emotions, histories, independent viewpoints, and stories that I got to hear. Stirge wrote stories the way that I do: in our heads, shared with a small number of people if anyone, not crafted for external consumption, not polished, not always coherent, but deeply important to our thoughts and our emotions and our lives. He's one of the very few people in the world I was able to share that with, who understood what that was like.

He was the friend who I could not see for six months, a year, and then pick up a conversation with as if we'd seen each other yesterday.

After my dad had a heart attack and emergency surgery to embed a pacemaker while we were on vacation in Oregon, I was worrying about how we would manage to get him back home. Stirge immediately volunteered to drive down from Seattle to drive us. He had a crappy job with no vacation, and if he'd done that he almost certainly would have gotten fired, and I knew with absolute certainty that he would have done it anyway.

I didn't take him up on the offer (probably to his vast relief). When I told him years later how much it meant to me, he didn't feel like it should have counted, since he didn't do anything. But he did. In one of the worst moments of my life, he said exactly the right thing to make me feel like I wasn't alone, that I wasn't bearing the burden of figuring everything out by myself, that I could call on help if I needed it. To this day I start crying every time I think about it. It's one of the best things that anyone has ever done for me.

Stirge confided in me, the last time he visited me, that he didn't think he was the sort of person anyone thought about when he wasn't around. That people might enjoy him well enough when he was there, but that he'd quickly fade from memory, with perhaps a vague wonder about what happened to that guy. But it wasn't true, not for me, not ever. I tried to convince him of that while he was alive, and I'm so very glad that I did.

The last time I talked to him, he explained the Marvel Cinematic Universe to me in detail, and gave me a rundown of the relative strength of every movie, the ones to watch and the ones that weren't as good, and then did the same thing for the DC movies. He got to see Star Wars before he died. He would have loved Black Panther.

There were so many games we never finished, and so many games we never started.

I will miss you, my friend. More than I think you would ever have believed.

2018-03-04: Free software log (February 2018)

Last month, I did a single software release: a new version of pgpcontrol, the collection of tools to check signed Usenet control messages. This is a pure maintenance release to keep it alive using GnuPG 1.0. The package is kind of a mess and needs a clean rewrite that I haven't had time to do yet (which is why I don't even have a software page for it).

Other than that, I didn't finish anything sufficiently to generate a new release, but I'm close on a bunch of fronts. Most of the user-visible (eventually) work went into podlators, the conversion tools from POD (Perl's documentation format) to text and man pages. Based on an excellent series of bug reports from eponymous alias, I fixed a bunch of long-standing bugs in Pod::Text, Pod::Text::Color, and Pod::Text::Termcap, and continued the slow process of reworking the package test suite to be cleaner and easier to maintain.

In C TAP Harness, I took an idea from the Rust assert macros and changed the arguments for all the TAP functions from wanted and seen to left and right. This way, one doesn't have to care about the order in which to pass arguments (which I can never remember). It will make it easier to update the INN test suite to the current TAP library interface, since I had used the opposite order for all of the original INN tests I wrote.

I spent a bunch of time adding SPDX identifiers to my utility functions that are intended for copying into other packages, and laid the groundwork for using SPDX identifiers in all of my projects. I picked up the habit of being careful about license notices from Debian work, and SPDX (if a bit weird in places, such as its utterly opaque file specification) is the first comprehensive and unambiguous labeling system. I have a horrible Perl script that does a lot of guesswork to generate a license file for my packages now, and am hoping to replace that with something (largely) based on SPDX.

Finally, I updated my Debian packaging with Git notes, and wrote new notes on using sbuild.

2018-02-28: Review: Coding Freedom

Review: Coding Freedom, by E. Gabriella Coleman

Publisher Princeton University Press
Copyright 2013
ISBN 0-691-14461-3
Format Trade paperback
Pages 223

Subtitled The Ethics and Aesthetics of Hacking, Coding Freedom is a rare beast in my personal reading: an academic anthropological study of a fairly new virtual community. It's possible that many books of this type are being written, but they're not within my normal reading focus. It's also a bit of an awkward review, since the community discussed here is (one of) mine. I'm going to have an insider's nitpicks and "well, but" reactions to the anthropology, which is a valid reaction but not necessarily the intended audience.

I'm also coming to this book about four years after everyone finished talking about it, and even longer after Coleman's field work in support of the book. I think Coding Freedom suffers from that lack of currency. If this book were written today, I suspect its focus would change, at least in part. More on that in a moment.

Coding Freedom's title is more subtle and layered than it may first appear. It is about the freedom to write code, and about free software as a movement, but not only that. It's also about how concepts of freedom are encoded in the culture and language of hacking communities, and about the concept of code as speech (specifically free speech in the liberal tradition). And the title also captures the idea of code switching, where a speaker switches between languages even in the middle of sentences. The free software community does something akin to code switching between the domains of technical software problems, legal problems, and political beliefs and ideologies. Coleman covers all of that ground in this book.

Apart from an introduction and conclusion, the book is divided into five chapters in three parts. The opening part talks about the typical life story and community involvement of a free software hacker and briefly sketches the legal history of free software licenses. The second part talks about the experience of hacking, with a particular focus on playful expression and the tension between collaboration, competitiveness, and proving one's membership in the group. The final part dives into software as speech, legal and political struggles against the DMCA and other attempts to restrict code through copyright law, and the free software challenge to the liberal regime of capitalism and private property, grounded in the also-liberal value of free speech.

There's a lot here to discuss, but it's also worth noting what's not here, and what I think would have been here if the same field work were done today. There's nothing about gender or inclusion, which have surpassed DMCA issues to become the political flash point de jour. (Coleman notes early in the book that she intentionally omitted that topic as one that deserves its own separate treatment.) The presentation of social norms and behaviors also felt strongly centered in an early 2000s attitude towards social testing, with low tolerance of people who haven't proven their competence. Coleman uses the term meritocracy with very few caveats and complications. I don't think one would do that in work starting today; the flaws, unwritten borders, and gatekeeping for who can participate in that supposed meritocracy are now more frequently discussed.

Those omissions left me somewhat uncomfortable throughout. Coleman follows the community self-image from a decade or more ago (which makes sense, given that's when most of her field research and the majority of examples she draws on in the book are from): valuing technical acumen and skilled play, devoted to free speech, and welcoming and valuing anyone with similar technical abilities. While this self-image is not entirely wrong, it hides a world of unspoken rules and vicious gatekeeping to control who gets to have free speech within the community, what types of people are valued, and who is allowed to not do emotional labor. And who isn't.

These are rather glaring gaps, and for me they limit the usefulness of Coding Freedom as an accurate analysis of the community.

That said, I do want to acknowledge that this wasn't Coleman's project. Her focus, instead, is on the way free software communities noticed and pushed into the open some hidden conflicts in the tradition of liberalism. Free political speech and democratic politics have gone hand-in-hand with capitalism and an overwhelming emphasis on private property, extended into purely virtual objects such as computer software. Free software questions that alliance, pokes at it, and at times even rips it apart.

The free software movement is deeply embedded in liberalism. Although it has members from anarchist, communist, and other political traditions, the general community is not very radical in its understanding of speech, labor, or politics. It has a long tradition of trying to avoid disruptive politics, apart from issues that touch directly on free software, to maximize its political alliances and avoid alienating any members. Free software is largely not a critique of liberalism from the outside; it's a movement that expresses a conflict inside the liberal tradition. It asks whether self-expression is consistent with, and more important than, private property, a question that liberalism otherwise attempts to ignore.

This is the part of the book I found fascinating: looking at my community from the outside, putting emergent political positions in that community into a broader context, and showing the complex and skillful ways that the community discusses, analyzes, and reaches consensus on those positions while retaining a broad base of support and growing membership. Coleman provides a sense of being part of something larger in the best and most complicated way: not a revolution, not an ideology, but a community with complex boundaries, rituals that are both scoffed at and followed, and gatekeeping behavior that exist in part because any human community will create and enforce boundaries.

When one is deeply inside a culture, it's easy to get lost in the ethical debates over whether a particular community behavior is good or bad. It takes an anthropologist to recast all those behaviors, good and bad, as humans being human, and to ask curious questions about what social functions those behaviors serve. Coding Freedom gave me a renewed appreciation of the insight that can come from the disinterested observer. If nothing else, it might help me choose my battles more strategically, and have more understanding and empathy.

This is a very academic work, at least compared to what I normally read. I never lost the thread of Coleman's argument, but I found it hard going and heavy on jargon in a few places. If, like me, you're not familiar with current work in anthropology, you'll probably feel like part of the discussion is going over your head, and that some terms you're reading with their normal English meaning are actually terms of art with more narrow and specific definitions. This is a book rather than an academic paper, and it does try to be approachable, but it's more research than popularization.

I wish Coding Freedom were more engaged with the problems of free software today, instead of the problems of free software in 2002, the era of United States v. Elcom Ltd. and Free Dmitry. I wish that Coleman had been far more critical of the concept of a meritocracy, and had dug deeper into the gatekeeping and boundaries around who is allowed to participate and who is discouraged or excluded. And while I'm not going to complain about academic rigor, I wish the prose were a bit lighter and a bit more approachable, and that it hadn't taken me months to read this book.

But, that said, I'm not sorry to have finally read it. The perspective from the anthropological view of one's own community is quite valuable. The distance provides an opportunity for less judgmental analysis, and a reminder that human social structures are robust and complex attempts to balance contradictory goals.

Coleman made me feel more connected, not to an overarching ideology or political goal, but to a tangled, flawed, dynamic, and responsive community, whose primary shared purpose is to support that human complexity. Sometimes it's easy to miss that forest for the day-to-day trees.

If you want to get more of a feel for Coleman's work, her keynote on Anonymous at DebConf14 in Portland in 2014 is very interesting and consistent in tone and approach with this book (albeit on a somewhat more controversial topic).

Rating: 6 out of 10

2018-02-11: February Haul

Most of this is the current StoryBundle: Black Narratives, in honor of Black History Month in the United States. But there's also a random selection of other things that I couldn't resist.

(I'm still reading this year too! Just a touch behind on reviews at the moment.)

Alicia Wright Brewster — Echo (sff)
T. Thorne Coyle — To Raise a Clenched Fist to the Sky (sff)
T. Thorne Coyle — To Wrest Our Bodies from the Fire (sff)
Julie E. Czerneda — Riders of the Storm (sff)
Julie E. Czerneda — Rift in the Sky (sff)
Terah Edun — Blades of Magic (sff)
Terah Edun — Blades of Illusion (sff)
L.L. Farmer — Black Borne (sff)
Jim C. Hines — Goblin Quest (sff)
Jim C. Hines — The Stepsister Scheme (sff)
Nalo Hopkinson — The Salt Roads (sff)
S.L. Huang — Root of Unity (sff)
Ursula K. Le Guin — Steering the Craft (nonfiction)
Nnedi Okorafor — Kabu-Kabu (sff collection)
Karen Lord — Redemption in Indigo (sff)
L. Penelope — Angelborn (sff)
Elizabeth Wein — The Pearl Thief (mainstream)

I'm slowly reading through the Czerneda that I missed, since I liked the Species Imperative series so much. Most of it isn't that good, and Czerneda has a few predictable themes, but it's fun and entertaining.

The Wein is a prequel to Code Name Verity, so, uh, yes please.

2018-02-11: pgpcontrol 2.6

This is the legacy bundle of Usenet control message signing and verification tools, distributed primarily via ftp.isc.org (which hasn't updated yet as I write this). You can see the files for the current release at archives.eyrie.org.

This release adds support for using gpg for signature verification, provided by Thomas Hochstein, since gpgv may no longer support insecure digest algorithms.

Honestly, all the Perl Usenet control message code I maintain is a mess and needs some serious investment in effort, along with a major migration for the Big Eight signing key (and probably the signing key for various other archives). A lot of this stuff hasn't changed substantially in something like 20 years now, still supports software that no one has used in eons (like the PGP 2.6.3i release), doesn't use modern coding idioms, doesn't have a working test suite any longer, and is full of duplicate code to mess about with temporary files to generate signatures.

The formal protocol specification is also a pretty old and scanty description from the original project, and really should be a proper RFC.

I keep wanting to work on this, and keep not clearing the time to start properly and do a decent job of it, since it's a relatively large effort. But this could all be so much better, and I could then unify about four different software distributions I currently maintain, or at least layer them properly, and have something that would have a modern test suite and could be packaged properly. And then I could start a migration for the Big Eight signing key, which has been needed for quite some time.

Not sure when I'm going to do this, though, since it's several days of work to really get started. Maybe my next vacation?

(Alternately, I could just switch everything over to Julien's Python code. But I have a bunch of software already written in Perl of which the control message processing is just a component, so it would be easier to have a good Perl implementation.)

2018-02-04: Debian packaging with Git notes

I finally found the time today to update my notes on how I package for Debian using Git. They're rather long (even after dropping my beginner Git tutorial, which seemed pointless given how many good ones there are now), so I'm not including the full text here. Take a look if you're curious.

The major differences from the previous version (last revised in 2012, and originally written in 2008) are:

On my current development machine, I'm experimenting with using btrfs as the root file system, including using sbuild instead of pbuilder to build packages since it can use btrfs snapshots. So far, I'm extremely happy with that configuration. It was hard to find good documentation for the process, so I wrote up how I configure sbuild with btrfs in case it's of interest to anyone else. It's noticably faster than using pbuilder, and once I got used to it I think it feels a bit cleaner.

2018-02-04: Free software log (January 2018)

The only sofware releases I got out this month were both for work: versions 0.4.0 and 0.4.1 of groupy, the client library for Merou, the authorization management system we use. We're not doing formal releases of the latter yet, just building from Git, and probably need to settle on a final public project name before we do.

At some point I'll build proper software release pages for both of these, since I seem to be doing most of the release management for groupy.

The 0.4.0 release was in support of the new service account model. The 0.4.1 release was an attempt to reduce the number of Python modules that had to be installed to configure the build, since too much setup_requires was causing various issues and version conflicts in our internal build system. Python has a slightly odd (at least to me) way of allowing modules to inject more commands into setup.py that are only useful in specific situations, and it's hard to find the right place in the dependency metadata to put those modules. I'm still not totally happy with the compromise we arrived at.

I also did a bit of work on control-archive, but didn't finish making a new release. I think the only thing left is to rewrite the documentation to use DocKnot. Hopefully this month.

On the INN front, I tracked down a few test failures and fixed them upstream in rra-c-util, and also expanded the documentation links for INN on my web site.

Finally, I uploaded new versions of a couple of Debian packages: libnews-article-perl (just a packaging refresh), and libnet-duo-perl (now donated to the Perl packaging team). I may end up orphaning Net::Duo, since I'm not currently actively using it, although I'm still hanging on to it since I'm considering using it for some personal stuff.

Overall, I would have liked to get a few more full software releases out, but I'm pretty happy for this month for a January, a return-to-work month, and a month during which I was on-call for a week. Definitely better than the months of "I didn't do much" towards the end of last year!

2018-01-30: Review: My Grandmother Asked Me to Tell You She's Sorry

Review: My Grandmother Asked Me to Tell You She's Sorry, by Fredrik Backman

Series Britt-Marie #1
Translator Henning Koch
Publisher Washington Square
Copyright 2014
Printing April 2016
ISBN 1-5011-1507-3
Format Trade paperback
Pages 372

Elsa is seven, going on eight. She's not very good at it; she knows she's different and annoying, which is why she gets chased and bullied constantly at school and why her only friend is her grandmother. But Granny is a superhero, who's also very bad at being old. Her superpowers are lifesaving and driving people nuts. She made a career of being a doctor in crisis zones; now she makes a second career of, well, this sort of thing:

Or that time she made a snowman in Britt-Marie and Kent's garden right under their balcony and dressed it up in grown-up clothes so it looked as if a person had fallen from the roof. Or that time those prim men wearing spectacles started ringing all the doorbells and wanted to talk about God and Jesus and heaven, and Granny stood on her balcony with her dressing gown flapping open, shooting at them with her paintball gun

The other thing Granny is good at is telling fairy tales. She's been telling Elsa fairy tales since she was small and her mom and dad had just gotten divorced and Elsa was having trouble sleeping. The fairy tales are all about Miamas and the other kingdoms of the Land-of-Almost-Awake, where the fearsome War-Without-End was fought against the shadows. Miamas is the land from which all fairy tales come, and Granny has endless stories from there, featuring princesses and knights, sorrows and victories, and kingdoms like Miploris where all the sorrows are stored.

Granny and Miamas and the Land-of-Almost-Awake make Elsa's life not too bad, even though she has no other friends and she's chased at school. But then Granny dies, right after giving Elsa one final quest, her greatest quest. It starts with a letter and a key, addressed to the Monster who lives downstairs. (Elsa calls him that because he's a huge man who only seems to come out at night.) And Granny's words:

"Promise you won't hate me when you find out who I've been. And promise me you'll protect the castle. Protect your friends."

My Grandmother Asked Me to Tell You She's Sorry is written in third person, but it's close third person focused on Elsa and her perspective on the world. She's a precocious seven-year-old who I thought was nearly perfect (rare praise for me for children in books), which probably means some folks will think she's a little too precocious. But she has a wonderful voice, a combination of creative imagination, thoughtfulness, and good taste in literature (particularly Harry Potter and Marvel Comics). The book is all about what it's like to be seven, going on eight, with a complicated family situation and an awful time at school, but enough strong emotional support from her family that she's still full of stubbornness, curiosity, and fire.

Her grandmother's quest gets her to meet the other residents of the apartment building she lives in, turning them into more than the backdrop of her life. That, in turn, adds new depth to the fairy tales her Granny told her. Their events turn out to not be pure fabrication. They were about people, the many people in her Granny's life, reshaped by Granny's wild imagination and seen through the lens of a child. They leave Elsa surprisingly well-equipped to navigate and start to untangle the complicated relationships surrounding her.

This is where Backman pulls off the triumph of this book. Elsa's discoveries that her childhood fairy tales are about the people around her, people with a long history with her grandmother, could have been disillusioning. This could be the story of magic fading into reality and thereby losing its luster. And at first Elsa is quite angry that other people have this deep connection to things she thought were hers, shared with her favorite person. But Backman perfectly walks that line, letting Elsa keep her imaginative view of the world while intelligently mapping her new discoveries onto it. The Miamas framework withstands serious weight in this story because Elsa is flexible, thoughtful, and knows how to hold on to the pieces of her story that carry deeper truth. She sees the people around her more clearly than anyone else because she has a deep grasp of her grandmother's highly perceptive, if chaotic, wisdom, baked into all the stories she grew up with.

This book starts out extremely funny, turns heartwarming and touching, and develops real suspense by the end. It starts out as Elsa nearly alone against the world and ends with a complicated matrix of friends and family, some of whom were always supporting each other beneath Elsa's notice and some of whom are re-learning the knack. It's a beautiful story, and for the second half of the book I could barely put it down.

I am, as a side note, once again struck by the subtle difference in stories from cultures with a functional safety net. I caught my American brain puzzling through ways that some of the people in this book could still be alive and living in this apartment building since they don't seem capable of holding down jobs, before realizing this story is not set in a brutal Hobbesian jungle of all against all like the United States. The existence of this safety net plays no significant role in this book apart from putting a floor under how far people can fall, and yet it makes all the difference in the world and in some ways makes Backman's plot possible. Perhaps publishers should market Swedish literary novels as utopian science fiction in the US.

This is great stuff. The back and forth between fairy tales and Elsa's resilient and slightly sarcastic life can take a bit to get used to, but stick with it. All the details of the fairy tales matter, and are tied back together wonderfully by the end of the book. Highly recommended. In its own way, this is fully as good as A Man Called Ove.

There is a subsequent book, Britt-Marie Was Here, that follows one of the supporting characters of this novel, but My Grandmother Asked Me to Tell You She's Sorry stands alone and reaches a very satisfying conclusion (including for that character).

Rating: 10 out of 10

Last spun 2018-04-15 from thread modified 2008-08-13