Posts for March 2006

2006-03-01: Writing day

Today was my work from home day and it turned into proposal writing day. I had three major writeups that had been hanging over my head, and I managed to finish them all (although it took me until after 7pm after starting at 10:30 this morning, so nothing else got done).

Only the first is public. I finally wrote up the details of how we use revision control systems (ETA: link is now dead), for both CVS and Subversion. Most of the CVS details are copied from an old guide I wrote a while back, but now everything is in one place. There are even more details I could put together, but this is a good starting point.

Still on my plate is converting the Debian package build documentation to a web page and writing up how we handle our locally developed packages (the prerequisite for which is putting my release tool up on my pages), but that's somewhat of a lower priority.

The other two were internal proposals, one around how we handle functional accounts, and a second about how we should use LDAP to do fine-grained account management on our client Unix systems.

So, no reviews written today (although I will mention in passing that Parable of the Sower is a damn good book), and no more Debian or Kerberos work. I'm not sure yet what I'm going to tackle tomorrow. It's probably time for me to do more serious coding, but on the other hand fixing the WebAuth web pages finally is rather attractive.

2006-03-02: WebAuth pages

I finally had a chance to look at the old WebAuth pages in some detail (originally written for WebAuth v2), and I think that, with the weblogin help page, we can actually retire the old pages entirely and just replace them with the new pages. That will get rid of a point of old confusion and then I can grab the webauth.stanford.edu virtual host for the new pages.

I also did a lot of cleanup of the pages, removed some old irrelevant entries, and pointed to the new Mailman lists and archives.

Assuming that my proposal is approved, I'll probably move the pages tomorrow or early next week and then expand the FAQ a bit more for some of the more recent questions. I already have a few changes queued for WebAuth 3.4.3, although I need to do a fair bit of work on the weblogin script to handle the (now more complex) SPNEGO requirements.

2006-03-03: WebAuth web pages

Today was spent improving the WebAuth web pages rather than getting anything else done (although I did poke at the gnubg problems on hppa and m68k enough to track down the problem and the necessary bits to fix it are now in progress).

Anyway, the WebAuth pages now have an additional FAQ entry about the segfault problems that people run into most, a bit more cleanup, a long new page on the major features and a comparison to other web authentication systems, and less old cruft. They'll probably become the main WebAuth pages shortly, retiring the old v2 cruft.

Not much else done. Still behind in e-mail, still behind on some other projects, and still behind on writing reviews, but not critically so in any department. I also got a few new books tonight. What I'm doing this weekend is still up in the air; I figure I'll just play it by ear.

2006-03-04: Debian day

Today ended up being a day for working on Debian packages.

A new upload of gnubg is now sitting in Incoming. It disables Guile on AMD64 in the hope of getting rid of the segfault. It's not really what I want to do, but it seems to be the best option. I also got it to build against the current libart and submitted the bug against ftp.debian.org to remove gnubg-bearoffs, so soon hopefully it will be error-free and ready to go into testing.

I also figured out that the ftgl build failure on m68k appears related to the buildd and not the package, so that was good.

Then I started working on libpam-krb5 bugs and found out that its segfault is actually due to a bug in libkrb53. That's been fixed and submitted to the upstream RT. In tracking that down, I ended up building a separate debugging package for the Kerberos libraries, and I think I'm going to make that a standard part of the build if Sam agrees.

Of course, then, in testing the debugging package build, I ran into the long-standing lintian bug that causes it to error out on debugging data packages. So I went ahead and fixed that and proposed a patch; hopefully someone will get a chance to look that patch over soon so that I can commit it.

And then I started doing other lintian work rather than going back to working on libpam-krb5. *heh*. That's always how it goes. But I got a lot done.

I'm having some concentration problems right now (too easily distracted), so I'm letting things flow as they come to me and not worrying too much about prioritizing things right now. Whatever I feel like I can get momentum on, I'm doing. So I'm not catching up in any sort of organized fashion, but I am feeling more productive.

2006-03-05: kstart 3.2

Turns out that in adding the -g feature (which didn't end up working since MIT Kerberos won't use ticket caches not owned by the running user), we accidentally introduced a bug that caused k5start and krenew to not run aklog even if desired. I went ahead and released kstart 3.2, reverting that feature and fixing the bug.

I still need to rework the code so that I can reuse more code between the three programs and provide a simple source file that we can copy into our suexec implementation when the time comes, but I don't feel like doing that today.

You can get the latest version from the kstart distribution page.

2006-03-06: Small haul

I haven't made one of these posts in a while. I've been very restrained about my book purchases. But I did place a small Powell's order and the out of the blue someone sent me a gift for help with WebAuth, which was really unexpected and nice.

Candas Jane Dorsey -- Black Wine (sff)
Thomas A. Limoncelli -- Time Management for System Administrators (non-fiction)
Alan Moore, Kevin O'Neill, et al. -- The League of Extraordinary Gentlemen (graphic novel)
Robert M. Pirsig -- Lila (non-fiction)
Justina Robson -- Natural History (sff)

The time management book is excellent so far. The real test will be how many useful practices I get from it over time, but it's a fantastic read regardless. Recommended.

In other news, Geoff Ryman won the Tiptree Award for Air, an honor that it thoroughly deserves.

Currently reading: Time Management for System Administrators by Thomas A. Limoncelli, Beauty by Sherri S. Tepper, and Salt: A World History by Mark Kurlansky.

2006-03-07: Roundup

Much of today was spent thinking that VMware was breaking something about AFS system calls, trying to figure out why and how, wasting other people's time to help, staring at KTH Kerberos code, being confused by the Linux kernel defining the system call number for AFS, and then discovering that all of the problems were because AFS is now case-sensitive about cell names and a config file had the cell name in uppercase.

The less said about that, the better.

The rest of the day was spent installing Roundup on my personal workstation as a ticket tracking system so that I can get various bugs in software packages I maintain out of my e-mail and into something more structured. This was incredibly successful. I haven't bothered setting up an e-mail interface yet, but the web interface rocks, and that's rare for me to say. It's also wonderfully customizable, although fiddling with the HTML is a touch tedious. But following the instructions, I added a new field and made it searchable, and that worked as expected.

Now I need to fill it, of course, and then possibly work out some other methods of accessing the data, but so far, so good. Next week, we're going to install an instance for the use of my whole team at work, which will be a bit more of a stress test.

2006-03-08: Schedule thoughts

rone asked how the Time Management for System Administrators book was. I've finished it and hence need to write a fully review, but this is a partial answer, plus a few things that I've been thinking about.

The short answer is that it was good enough, or came at the right time, to get me to start trying the techniques that it talks about. I've been looking for a better system of keeping track of what I need to do for quite a while, without a lot of success, but also without spending a lot of time looking at the major time management systems out there. All of them felt too large and complex and complicated from an outside look and ended up scaring me off.

This book has a simple system that he introduces in phases and makes it pretty easy to pick up bits of it. The core idea is that one has a daily to-do list, one spends time each morning prioritizing the list, doing time estimates, and pushing back to other days lower-priority tasks that don't fit into the day. Then, at the end of the day, anything that's not done gets moved to some other day. It's pretty simple, but just breaking up my to-do list over a bunch of days and being able to write something down that I want to do and give it a realistic time frame has been surprisingly effective so far.

I've only been trying this for three days, though. I'm going to try it for three weeks and then evaluate how well it's working for me. Unless I use it for three weeks whether it feels like it's working or not, I won't be giving it enough of a chance to build new habits.

A few other things I've noticed:

Pushing things you haven't finished back to the next day has a tendency to create this bulldozer effect where each day's to-do list gets longer and longer. I think I can see a few ways of dealing with that, but it will require some attention.

The biggest win I've gotten so far is reapplying an old change that I tried a long time back and didn't make stick. There is important e-mail and not important e-mail. Important e-mail, like work mailing lists, I do need to read all day. Unimportant e-mail, like technical mailing lists I follow, does not need to be read all day. I am obsessive about reading unread mail, which means that if I have all of my Gnus topics open during the day, I spend a lot of time checking for new mail and reading the small handful of messages that have come in. I've gone back to closing all topics except the important ones and reading that mail in batch, once per day, in the evening. This works much better.

One of the reasons why I couldn't stick to that before is that I'd finish something, be at a loss for what to do next, and start reading just a little mail while I thought. Of course, a little would turn into a lot. Having a concrete to-do list for the day makes it far more likely that I'll just start the next task. I don't have to think about what to do next; I have it written down.

Also, new matra to keep repeating to myself: Usenet is a social hobby. I have no obligation to read Usenet messages. If I'm not enjoying participating in a Usenet thread, I should simply stop. It doesn't matter what other people think of my opinions on Usenet; nothing I'm talking about there is important enough to get into an argument, or continue an argument, about it. If someone on Usenet persistantly pisses me off, I should killfile them and never look back. There are too many interesting, fun people in the world to waste my time on assholes who may or may not stop being assholes if I talk to them long enough. I do not need to read other people's technical opinions on Usenet; I have a multitude of other, far higher-quality, far higher-signal sources to get technical information. As soon as it stops being fun, stop, cut my losses, and move on. The same applies to all social mailing lists. (For whatever reason, I don't have this problem on LJ.)

That's the quick snapshot. Tomorrow, I have a good-sized pile of work to go through, and now it's time to walk and then read. More book reviews hopefully coming soon; I'm building up a backlog.

2006-03-09: WebAuth musings

So far, so good with time management. I think I've gotten more done in the past four days than I normally get done in two weeks. It's kind of scary, really. There is a bit of a bulldozer effect happening, where my to-do list gets longer and longer because I'm pushing things back to the next day, but I'm starting to think that was just an initial effect. There were so many things on my plate that needed dealing with, and when I jumpstarted the to-do list, I wrote them all down at once.

Tomorrow, the list will start smaller than it started today (although not by that much). Most notably, though, it's short a few major, long-duration items. We'll see if it straightens up over time.

The last task of this afternoon was writing up a more thorough specification for the WebAuth weblogin script. That got me thinking about the future of WebAuth, particularly since Cosign is looking nicer and nicer. I keep thinking maybe we should switch, but on the other hand we have such a strong investment in WebAuth. So, I instead started thinking about how I could implement Cosign's site-wide logout feature.

WebAuth supports arbitrary authentication types and arbitrary tokens. This means that I could add a Cosign-style authenticator that's just a session ID for a ticket cache stored on the weblogin server and hand out corresponding id and proxy tokens. When the application server gets an id token of this sort, it could know it has to ping the central server for each request to verify the user is still logged in. It can also use such IDs as proxy tokens when appropriate.

The hard part, of course, is the state maintenance. That's where the Cosign folks have put a lot of work into this. The daemons on the weblogin servers need to communicate state information to each other and deal with crashes, network partitions, and similar problems robustly.

If I implemented this sort of scheme, I think it almost has to be a big switch on the WebKDC to either use one style or the other. Although... you can use a Cosign-style single sign-on authenticator and still use WebAuth-style application authenticators if you want to, since the WebKDC has access to the ticket cache and can cobble up whatever it needs. That's rather interesting. Although to support site-wide logout, you may want to force use of central ticket caches as site-wide policy.

Anyway, I think this is actually doable, and except for all the state maintenance and replication on the WebKDC, not actually that much work. It's a long-term thing, but if we can also get funding to do real Windows WebAuth, that eliminates much of the reason to switch to Cosign.

Writing the Windows WebAuth proposal is a task for either tomorrow or early next week, I think.

2006-03-10: Time management thoughts

So, one week in to trying a new system. How's it going?

The real answer is: too soon to tell. I got more done this week than I would normally get done in two or three weeks, which is rather nice. At least some of this is probably due to being more organized. However, I'm also in the middle of a productivity streak anyway and it's not yet clear that time management will help manage my mood cycle, much of that gain was from doing something I already knew would work (not reading unimportant e-mail during the day), and I cut back on both writing and reviewing time and need to bring that back into balance. So I saw substantial improvements, but I'm not comparing apples to apples yet.

However, time management certainly isn't hurting. Laying out each morning what I'm going to do that day is incredibly helpful, as is having an effective prioritization system. Forcing myself to put time estimates on everything has been very helpful in spotting where my estimates are off. (I generally overestimate any task involving interacting with other people, and underestimate any coding task.) And I do feel more under control of my schedule by being able to push things days into the future and know they'll turn up again.

I'm going to use the inexpensive $20 planner I picked up for the first 21 days of this while I'm doing habit building and evaluating whether it's going to work, but I can already see that if I stay with this system, I'm going to end up springing the $110 for a real DayTimer sooner or later. I'm thinking about holding off until July when the next set of pages start out of a completely dumb desire to avoid waste, but I may not. Something that lays flat is nice, using the planner for information other than just the daily schedules would be nice, I do need the calendar pages I think, and I want something that's self-contained enough to have a place for a pen (or pencil -- I'm still undecided on writing instrument).

I'm about to test one hoped-for feature of this system, namely that I'm intentionally not scheduling weekends and pushing all work-related tasks back into the next week. I think that if I stay with this system, I'm going to be more intense during the week, even if I rebalance so that I can go back to writing earlier in the evening. I'm not going to be reading unimportant e-mail during the day, so I'm always going to have that catch-up at night, which will cut into other things. I'm also probably going to be a bit more tired at night, since I'm working more efficiently during the day. So, all of that means that I want my weekends to be even more free than they have been, not taken up by all the stuff that I felt like I couldn't get done during the week. We'll see how that works.

All in all, though, so far, so good. I don't think I could have hoped for anything better at this early stage. The real test is in going a few months with it, though; one week really isn't enough to tell, and I've dropped more things than I can count after only doing them for a week or two.

2006-03-11: lintian joy

Taxes are done, paper mail has been sorted through, some additional e-mail has been cleaned out, and a new gnubg package has been uploaded that should fix the segfault on AMD64 and be a good candidate for migration to testing.

The rest of the day was spent working on lintian, which is becoming more and more fun the more I get the hang of it. I don't know what the linda people were complaining about; I find lintian quite easy to work on. One does have to use a very wide editor window, since the code lines aren't wrapped, but I've gotten used to it.

It's rather fun just going through the bug log and checking and applying old patches or fixing old problems. 17 bugs are now fixed in Subversion and waiting for the next upload, many of which were false positives and similar annoying problems. Most, but not all, of those commits were mine.

What I was going to do today was look at installing new blog software, but I decided the prospect was too intimidating to deal with right now. I'm guessing that converting my Movable Type databases is going to be a pain in the ass, since I used BerkeleyDB instead of MySQL for the backend. Maybe I can push them all into MySQL using something internal to Movable Type and then convert. I'm still torn between Serendipity and WordPress for the next blog package. Serendipity looks rather nice.

I think I'm going to worry about this some other time, though.

2006-03-13: Project ramp-up

Things are definitely starting to intensify at work. Currently I'm working on a new WebAuth release with enhanced SPNEGO (in general, Apache REMOTE_USER) support. Since I was in the code anyway, I'm going to clean up the documentation and some of the code for the weblogin scripts and really document the template parameters, which means that I think this next release is going to be 3.5.0 since template parameter names are going to change.

The target release date for something for internal testing is Wednesday. I hope to get a public release out Friday (and really should send out an announcement about the new web site and mailing lists before that -- and now I've written that down, so I'll remember to do it).

Then, I have a few weeks while that's being tested, during which I need to work on remctl and during which we'll be finalizing the work that we want to contract out for the Kerberos migration. Then, starting at the beginning of April, I expect both the Kerberos development and our new web developer to start at the same time, which means I'll be completely swamped with that work.

I'm starting to think that May may be better for my trip to Canada than April, just because it's becoming less and less clear whether I can get away in April at all. Rather a lot is going to be going on.

I'm hopeful but nervous about this Kerberos upgrade. Having it done is going to be fantastic, but there are a lot of steps still and a lot that can go wrong. But that's the reason why we're getting detailed migration plans and upgrade documentation before we start, and I think after I have all of that in my hands, this will look much better. And ideally we can provide a good enough test environment that the contractors can do some testing of the plan.

Then, after all that's done and I have a chance to catch my breath, more parts of the Kerberos project continue. Plus, I get to do a major upgrade of Stanford's Usenet servers and a significant rework of our account creation infrastructure.

Life is definitely not going to be boring.

2006-03-17: lbcd 3.2.4

This is only a documentation change. We ran into a situation where we had a system that not only had multiple interfaces but whose multiple interfaces were participating in different load-balance pools. lbcd when listening to all interfaces (the default) responds on whatever interface the kernel decides is best for reaching a given remote host, but since lbnamed uses the source address to map incoming packets to hosts that it had queried, this meant that one of the interfaces always showed down.

I was going to modify lbcd to always respond on the same interface that the query came from, but it turns out that this is insanely difficult to do. Either you have to use deep magic in recvmsg (and somewhat non-portable deep magic as well), or you have to listen on each interface separately (and thus use deep magic to get a list of interfaces).

So I gave up and just documented the situation and the workaround of running multiple copies of lbcd with the -b flag.

You can get the latest version with the documentation update from the lbcd distribution page.

There's lots of wonderful information on the web, but when it comes to a specific question about Unix network programming, there's still no substitute for Stevens.

2006-03-17: Journal lameness

Well, I've certainly not been doing well at writing journal entries lately.

I've been hard at work on, well, work, and in the evening, I've been reading technical mailing lists and then going off to read books. This means that both reviews and journal entries haven't been written (which means that I'm also badly behind on writing book reviews). On the other hand, quite a bit of other things have gotten done.

I think the bulldozer effect of my new time management system (yes, still sticking with it) is getting better. Admittedly, that's partly because I actually worked far too much this week and need to cut back on how much I'm tackling each day, and I also am still underestimating the amount of time things take. However, I'm now only pushing five items (four hours of estimated work) back to next week, whereas last week I pushed twenty items on to this week (and over eleven hours of work). I've now pushed more of my long-term to-do list into the group Roundup tracker; I only have one other stash of to-do items to sort through and then push into the work tracker and my personal tracker. So slowly this system is helping me get on top of all the things I'm supposed to be doing.

The little planner I bought when I was first getting started with this is holding up surprisingly well, although it doesn't have a calendar. I really do need to re-read the time management book, though, and pay close attention to some of the things I skimmed over the first time.

On the technical side, the internal testing pre-release of WebAuth went out on Wednesday as planned, despite seven hours of meetings that day (most of which was one five-hour once-per-year meeting). I didn't get the public release out today, as you might have noticed, but I have hopes for getting it out on Monday. I also got a bit of remctl development work done this week, which was a very nice feeling.

Enough for this week. The weekend is completely unscheduled beyond a vague intention to get back to INN, and will probably involve quite a bit of watching basketball and a new baby social visit. Now, it's off to read for a bit before I fall asleep.

Currently reading: Salt: A World History by Mark Kurlansky and Spin by Robert Charles Wilson.

2006-03-18: Beauty

Review: Beauty, by Sheri S. Tepper

Publisher: Bantam
Copyright: 1991
ISBN: 0-553-29527-6
Pages: 463

Beauty is the daughter of a noble, a father with a wonderful estate but little in the way of attention for his daughter. This is just part of life, however, and she's not too unhappy with it. Her mother is dead or gone, and no one will talk about her except negatively. She was raised largely by an array of herb-named aunts and the local priest, and has heard the rumors and whispers about being cursed long before she knew that being cursed was something bad. There is something bright and burning in her chest, but it has little impact on her life. Until, that is, she discovers a letter from her mother: her mother was from Faery, returned to Faery, and she was cursed by a fairy godmother to prick her finger and fall into an enchanted sleep.

Tepper starts by setting up a classic retelling of the Sleeping Beauty myth, with an engaging first-person style in the form of Beauty's journal entries, but there are over 400 pages here and Sleeping Beauty is not a particularly complex story. Indeed, the eponymous hero escapes her sleeping fate through a well-handled ambiguity and Beauty quickly wanders far afield, turning into a grab bag of fractured fairy tales, stories of Faery, good versus evil polemic, time-travel, and futuristic dystopia. Some of these stories are engrossing and excellent, some are frustrating and shallow, and some are little but thinly veiled excuses for Tepper to rant. Taken as a whole, they form a novel that is deeply flawed but still worth reading.

The fractured fairy tales are the best part of the book. Apart from the Sleeping Beauty motif that forms the stage for the story, there are retellings of Cinderella and Snow White, a frog prince, and a passing mention of Rapunzel, plus doubtless many other allusions that went past me unnoticed. Beauty brings a practical empathy to the stories and a wry amusement when she recognizes them along with the reader (having learned them during her time in the twentieth century). Tepper adds a nice layer of reality while still preserving the details of the stories. This isn't minutely realistic historical fiction, but Tepper does a good job of putting stories into a 14th century context, adding some complexity to the supporting characters, and coming up with amusing explanations for minor details. The best is the treatment of Snow White, featuring a collection of Basque dwarf miners and an unspeakably beautiful Snow White with slightly less brains than the average cabbage.

Less successful is the time travel dystopian plot. Immediately after the opening sequence, Beauty is taken to a future where the world is covered with high-density apartments, the environment has been destroyed by relentless population pressure, and people are fed with tasteless processed algae. This scene, the subsequent escape to the twentieth century, and the events that follow are mostly an excuse for Tepper to rant about the evils of pro-life fanatics, religion, population growth, horror, slasher movies, and porn, using a dystopian scenario that feels like it escaped from the 1960s or 1970s. It's not particularly realistic, even in the areas where I probably agree with Tepper politically, and it leaves a bad aftertaste of heartfelt but unoriginally simplistic political obsessions. The eye-rolling induced by sweeping proclamations about porn leading to rape and snuff films interferes somewhat with reading the novel.

This vision of a catastrophic future thankfully fades into a background motivation for Beauty and the book is better for it. Time travel is otherwise used as an excuse to let Beauty write with the same assumptions as the reader, providing a more sympathetic (but less unique) narrator for the rest of the book, and to tie the main thesis of the story to the history of Faery.

Faery is the other major subplot of the book. Beauty spends time there, trying to get to know her mother and come to terms with that side of her heritage. Tepper throws in a retelling of the story of Thomas the Rhymer (inferior, though, to Ellen Kushner's excellent treatment) and does a good job with Faery fading from a land of beauty to a land of illusion. This is one of the better bits of subtlety in the novel; the parallels between Faery's determined ability to ignore real ugliness and cover it in glamor and the long decline of beauty in the world are thought-provoking. It's a shame that so many of the Faery are stupid and a little silly, which makes it difficult for the Faery war subplot to gather much emotional momentum.

It's hard to find at times under the sprawl of plotlines, but if Beauty could be said to be about one thing, it is the decline and fading of the concept of beauty. Beauty herself is, through her "curse," a guardian of sorts of the concept of beauty, which Tepper approaches from a pastoral, romantic perspective and links to the beauty of the environment, simple love, imaginative stories, and a Heaven-like abstract rightness. Against beauty stands the Dark One, Satan in essence, who creates a hell full of pornographers and horror movie producers (Tepper really is a little obsessed) and who attempts to capture and destroy Beauty through the story. It's all very black and white, even featuring whispered references to the Holy One, and while this fits Beauty's starting 14th century Christian mindset, I prefer more shades of grey in the moral conflict of novels I read. Faery could have provided that, as sympathetic but disobedient former allies of the Holy One who now pay a tiend to Hell, but they end up as mostly superficial dupes.

As a novel, Beauty is all over the place, and I think it suffers from attempting too much at once. Tepper's grasp of her themes is uneven and I doubt all of the book will be to anyone's liking. I wish Tepper had stuck to the after-the-fact loquacious journal style of the excellent opening chapters (the journal headings remain, but the style shifts more and more to real-time first-person as the story goes along), had trimmed much of the polemic, and had dropped one or two major themes. It's not that the book is plodding or long, but the numerous threads only vaguely cohere into a unified story. Still, Beauty herself is a compelling character and held my interest through the entire story. I was afraid that the outraged good versus evil dualism was going to drown the ending of the book, but right at the end Tepper returns to the fractured fairy tale style that she does best and salvages a satisfying ending.

I'm not sure I'd recommend this one, but I didn't regret reading it.

Rating: 6 out of 10

2006-03-19: Wonderful catch up

I love a weekend devoted to cleaning things up, organizing things, getting things off my to-do list or out of places where they're nagging at me, and coming away feeling far more organized.

Using Roundup to store long-term issues is going to work quite well. I'm still just laying the groundwork for organization rather than doing very much, but I can feel already that I'm going to be far more organized about accomplishing things. All of the old gateway bugs have been sorted out and are now in my local Roundup instance. All the work stuff is in the work tracker (which is even better, since that means other people can pick things out of it to work on). I have fewer groups in Gnus with ticked articles than I have in years, and I still have some low-hanging fruit that I can clean up tomorrow.

And, as a bonus, I sorted through the pending INN stuff and built another test release of INN 2.4.3. Tomorrow I put that on headwall and make it available for general testing, and if nothing major turns up, I'm going to release it on Tuesday or Wednesday. It's been long enough.

Only one review written this weeked, and after walking tonight I'll have three pending. I think this coming week is going to be the week when I start figuring out how to quit a bit earlier and leave more time in the evening for doing other non-work things, since I'm certainly working more than 40 hours a week for Stanford right now.

2006-03-20: WebAuth 3.5.0

This is the product of the past couple of weeks of work. Originally, the SPNEGO support was an all or nothing thing; now, all the user interface changes and page flow work has been done to also allow it to work in a voluntary mode, where the user can decide whether or not to try SPNEGO. While I was at it, I also drastically improved the documentation of weblogin and its configuration options.

Not a lot of changes to the other parts of the system, but I did make WebAuthExtraRedirect the default since we run that way everywhere around here and it works fine. I also allowed the module to accept it as a server config option as well as in a directory block.

You can get the latest release from the WebAuth pages.

2006-03-22: INN 2.4.3

INN 2.4.3 has finally been released. This is a long-overdue bug fix release (overdue by about a year) confirming that yes, we're still working on INN. I'm really glad to have finally kicked this out the door (yesterday, actually), and attribute that to using a time management system.

You can get the latest version from the ISC FTP site.

Now, the next trick will be to find time on an ongoing basis to work on the next version. That's going to be a lot harder, as I have a lot of different projects going on at the same time right now and not a great deal of time. However, I do have vacation coming up week after next, which might be a good time to get started.

2006-03-23: Unicode

I finally got around to looking at a contribution I received a while back to merge the misc-fonts Unicode characters into the 10x20 Neep font I use as an X screen font. Nice. I'm going to install it on my desktop system for testing, and that eliminates the reason why I hadn't switched everything over to Unicode yet. So tomorrow, I switch locales finally to en_US.UTF-8 (although still with LC_COLLATE set to C, since the en_US collation is not at all what I want), change my fonts for everything, change my less configuration to default to UTF-8, and start being able to look at Debian changelog files in less without seeing them mangled.

I've been meaning to do this for eons. It's really nice to have finally gotten around to doing it.

Other than that, very busy, still not writing many reviews, but getting lots of things done. I've finally dug through the huge backlog of to-do entries that I had when I started with this new time management system, and I now only have a couple of things already written in for tomorrow. That means I can move into phase two and start pulling things out of my trackers to do each morning, but probably not until I've finished cleaning out all of my e-mail folders.

2006-03-24: Building RPMs

So is it just me or did no one ever bother to write actual documentation for building RPMs, and in particular, for the spec file?

I got a really nice contributed spec file for kstart (based on the spec file for Nagios plugins apparently). It used lots of macros and RPM variables and I thought "gee, that's rather neat, nice to provide automation like that." It still didn't hold a candle to the Debian packaging tools, but hey.

So today, I go to integrate a co-worker's spec file for remctl into the new package I'm working on, and I noticed that it didn't use most of those nice macros. Huh. So off I went to learn more about what all those macros and variables meant and did.

Er, well, not so much. It's possible that my Google-fu has simply failed me, but as near as I can tell, there is no actual manual for RPM building anywhere. There's a HOWTO (at several locations), which mentions about 10% of these macros and variables. There's a book, Maximum RPM, which is available on-line (nice) and essentially worthless (not so nice). I suppose it's okay if you've never done this before, but again it doesn't document any of the stuff that people actually use and didn't answer any of my questions. All the links to it point out that it's horribly out of date, which inspires a great deal of confidence. Oh, and there's www.rpm.org, which is, I dunno, adequate I guess if RPM were some average free software project maintained by people who know nothing about effectively organizing web sites, but which doesn't help you find anything. At least if, like me, you're looking for detailed information about the spec format.

Or, to sum this all up, what the fuck? Millions of people actually use this shit? By preference?

I've got to be missing some awesome killer documentation resource or something, since this would otherwise just be silly. I knew that Debian Policy was a killer advantage for Debian, but I thought that was just in all the areas that it specified the use of metadata and the rules it creates for packages to follow that Debian packages actually follow. I didn't think that the sheer existence of documentation about basic tools was also a major advantage. Yeesh.

So, I have a remctl spec generated via 100% pure unadulterated cargo-cult poking with a stick. It builds on a RHEL 4 system. If I had some documentation of spec file formats, I'd have some idea if it built on any of the other myriad of RPM-based systems that I don't personally have access to. As is, not a clue. Maybe I used some Red-Hat-specific feature somewhere. Who could tell?

PS: Dear RPM developers, your man pages suck. Please (a) learn how to write nroff or (b) teach your tools how to write nroff that doesn't look like crap. Little known fact: man pages do not actually have to be full of extraneous and pointless blank lines, nor do they have to be full of badly wrapped command examples. While you're at it, you may want to actually add useful content, like, say, anything whatsoever of use about your programs besides their command-line options.

Oh, and don't get me started on how rpmbuild requires that you run it as root and let it spew all over system directories and the documented and preferred way around that is to download a bunch of random local configuration files from someone's personal web site that you can copy into your home directory. 'cause, you know, what kind of weird person would not want to build RPM packages as root?

The mind, it boggles.

2006-03-31: bundle 2.29

It's been a long time since I released a new version of this.

Hua provided a patch to specify a directory for bundle to cd into before applying a bundle. This looks like an odd feature to want, but we frequently want to apply a bundle as an action in remctl and pull the files from an AFS directory that's access-restricted. We run bundle under kstart, but we can't cd until after kstart obtains the right tokens. This feature avoids having to have kstart start sh -c or writing another shell script wrapper around the bundle.

You can get the latest version from the bundle distribution page.

Last modified and spun 2017-07-01