2006-07-02: Kerberos PAM modules

I've started working on a new upstream release of the Kerberos PAM module that's currently used in Debian. I started poking at this last week and got a bit more done today. I still want to finish cleaning up the code for style and refactoring a bit more, but I'm mostly at the point where I need to write documentation and do testing.

It's a bit annoying to be duplicating the work that other people are putting into the Red Hat PAM module that most distributions use, but I really don't like it, plus it doesn't support various features that I've already added to the Debian module. I think the Debian one is better structured and easier to deal with, and I managed to add most of the interesting-looking features from the Red Hat module to it in an afternoon of programming.

With a real upstream release, it will be easier to maintain the Heimdal and MIT versions of the package from the same source. I can also then upload a new version for the etch release that should fix all of the outstanding Debian bugs.

Not sure how much work I'm going to get done on it this week, since I'm on vacation and want to spend plenty of time reading and writing, but so far, so good.

2006-07-03: More PAM progress

I think I'm done with all of the code modifications I wanted to make to the Kerberos PAM module, and I've written the new README file. I now need to rewrite the man page and then do some fairly extensive testing to ensure that I didn't break anything and that the new option reading code will work.

The parts that are left are the most annoying parts, since writing documentation and doing testing is always rather tedious, but when I get this done I will be able to cross something major off my to-do list. It's an odd thing to be working on during vacation, perhaps, but I was really enjoying working on this before vacation and now I want to finish it.

Even still, though, I may take more time to read tomorrow and spend less time working on it. Today I wanted to be in front of the computer anyway, so it was easy to work on it in the background.

2006-07-05: Used bookstore haul

I swung by the used bookstore in Roseville today since I'm here on vacation and gave it a pass the last time I was down. It's gotten quite packed with books, enough that it's a little annoying to look for things, but I still managed to find an eclectic mix of stuff to buy.

Marion Zimmer Bradley -- The Mists of Avalon (sff)
Steven Brust -- Five Hundred Years After (sff)
Steven Brust -- Taltos (sff)
Bill Bryson -- Notes from a Small Island (nf)
Algis Budrys -- Hard Landing (sff)
Octavia Butler -- Clay's Ark (sff)
M. John Harrison -- The Centauri Device (sff)
Charlaine Harris -- Dead Until Dark (sff)
Joseph Heller -- Catch-22 (mainstream)
Christopher Hinz -- Ash-Ock (sff)
Aldous Huxley -- Brave New World (sff/mainstream)
Tanith Lee -- The Silver Metal Lover (sff)
James H. Schmitz -- The Hub: Dangerous Territory (sff)
Rex Stout -- And Be a Villain (mystery)
Roger Zelazny (ed.) -- Forever After (sff anthology)

Most of this won't be near the top of the reading pile, but will instead go into the stacks for later reading on a whim.

2006-07-08: Vacation too short

I'm really not ready for vacation to be over. I just started really relaxing Wednesday or Thursday, and don't feel like heading back already, particularly given that I have a bunch of things I have to take care of as soon as I get back.

Oh well.

I finished reading all the Hugo-nominated short fiction today, which didn't change which ones I think should win but does mean that I've now read "Singing My Sister Down." Which is an excellent short story, although it's not really genre. "A Clockwork Atom Bomb" is also pretty good.

"TelePresence" by Michael Burstein, on the other hand, is proof that the Hugo nomination process has some deep problems (not that this is news). I think that's possibly the worst single piece of short SF fiction I've ever read. I think most of the words were spelled correctly; beyond that, there isn't a flaw of SF or writing style that it doesn't have. Gah.

Now I want to write up a page about the 2006 Hugo nominees, since I've read every one of the fiction nominees except the latest George R.R. Martin (I should get a copy of that, but I really don't want to buy it in hardcover). Maybe tomorrow, along with at least one more review.

Not much else happened today. None of the development work that I was hoping to do while on vacation happened other than some work on the Kerberos v5 PAM module, but that's okay. I did get a lot of reading done, which was the other major plan, and I have done a lot of relaxing the last few days.

2006-07-10: Pre-vacation haul

This was the Powell's order that I placed before vacation (as opposed to the trip to the used book store or the order I placed during vacation, since in the words of another, buying a book is buying the illusion that you'll have time to read it).

Mostly, I was going after the other two Nicola Griffith novels.

Peter S. Beagle -- Tamsin (sff)
M.J. Engh -- Arslan (sff)
Nicola Griffith -- Stay (mystery)
Nicola Griffith -- The Blue Place (mystery)
Kazuo Ishiguro -- Never Let Me Go (sff)
Janet Kagan -- Hellspark (sff)

I have two reviews pending, probably three by the end of the night or by the end of tomorrow night at the latest. Although I might write one tonight.

2006-07-12: Upgrade tomorrow

Well, I was going to write a review, but just as I was stopping work (early, since I started this morning at 7am after waking up and not being able to get back to sleep), we uncovered a problem with WebLogin not reporting errors properly, so I dropped everything to fix that. Turned out to be a missing form attribute (plus another, more minor problem that I'll fix in the 3.5.2 release).

Between that, finishing on catching up after vacation, and writing a new man page for pam-krb5, that was the day. Add a little grocery shopping, baking bread, and exercising, and now it's time to go read for a bit. The review of Worldwired will have to wait for tomorrow.

Kind of a shame, since I was almost completely caught up with reviews, but I'm poised to finish several more things soon so it's going to be the weekend before I'm truly caught up. But that also means I've been reading a lot this month, which is a good feeling.

Plane reservations for the AFS Hackathon are all made, and I'll make hotel reservations tomorrow. I'm not really looking forward to travelling again so soon, but the nice thing about a five and a half hour plane flight (plus the inevitable waiting in the airport) is that I should be able to finish a couple more books even if I don't read at all while I'm there.

Currently reading: Jhereg by Steven Brust (yes, I finally started on that series).

2006-07-13: WebAuth 3.5.2

A friendly web site analyzer contacted our security office and let us know about a cross-site scripting attack that was possible against our WebAuth Weblogin servers. Turns out that HTML::Template doesn't escape values substituted into HTML pages unless you explicitly tell it to. Doh. I'm embarassed that I've missed this for years.

I've now released WebAuth 3.5.2 with this fixed in the sample templates, but any site running WebAuth with customized login templates needs to also fix this in their other templates. For more information, see the release announcement. There are also a few other accumulated fixes for the Weblogin code in this release.

You can get the latest version from the WebAuth download page.

2006-07-13: "No Women" Cheese

Dear Lazyweb,

A bit of Google searching seems to reveal that "Beecham's No Women Cheese" is a classical music joke of some kind, but I don't think I quite get it. Does anyone out there reading this know more and feel like filling me in?

(Despite the very strange name, this is excellent cheese, some of the best that I've found. Particularly in combination with oatmeal spice bread.)

2006-07-13: Term::ANSIColor 1.11

Just documentation and test suite fixes, but I added code to test the POD for warnings using Test::Pod if it could be loaded. I also switched the source over to Subversion. I still need to do that for lots and lots of my personal files; I'm still using CVS in way too many places.

You can get the latest version from the Term::ANSIColor distribution page.

2006-07-16: pam-krb5

This evening, I finally got over the hump of starting testing and debugging on the new Kerberos v5 PAM module I've been working on (based on the one currently in Debian). The bzr repository is now publically available and the module basically works. There were, as expected, a bunch of stupid mistakes which are now fixed, and I've tested all the basic functionality.

The next step is to use it myself for a few days and make sure that all the bits I expect to have work do work for me. I'm also going to ask a few other people to test it and make sure it works for them, and then assuming that all looks good, upload it to Debian. I should make a tarball release first for testing, though, since not everyone is going to want to pull it from bzr.

For those that do, though, the bzr repository is at which has the nice property of also doubling as a checked out source tree. The TODO file is currently nonsense; I need to finish it, write a NEWS file, and write a way to generate a changelog. But that should only take an hour, tops.

2006-07-17: Week of meetings

This week is the week of meetings at work. It looks like I'm going to get some work done on Wednesday (my work from home day, thank heavens) and Friday; the rest of the week is mostly a writeoff, although there is some free time on Thursday if I can use it effectively. I have mornings to get through mail and do some small things, but the major work I have pending is remctl 2.0 and pam-krb5 2.0, and both of them require some extended concentration.

I do hope that I'll finish the first draft of the server code for remctl 2.0 on Wednesday. The only thing that might get in the way is if it's too hot and I can't concentrate; hopefully, that won't happen.

The meetings today were... mostly worth going to, particularly the planning meetings for our web upgrades late today. Still, I would have preferred coding and accomplishing things.

Currently, the unbalance of my to-do list is continuing. I'm down to only a few more than 30 to-do actions on my work list, but I'm still hovering around 50 on my personal list. I'm still trying to figure out a way to address that balance, since I often need to do other things (like read) on the weekends to unwind.

2006-07-20: Point and applaud

No updates lately for the simple reason that way too much has been going on. I have something like fifteen hours of meetings this week; if it weren't for oases on Wednesday and tomorrow, no non-meeting work would happen at all. (It's very difficult for me to get anything else substantial done on a day when I have over four hours of meetings, even though logically I should be able to work the difference of the meeting hours and the eight-hour day.)

I'm currently fighting hard against talking about politics: fighting because of what's going on in the world right now I despair of changing any entrenched positions or reaching any conclusion to a discussion that justifies the (extremely high) amounts of stress, and hard because I am so deeply angry and disgusted that I have a hard time not railing at the world. Not so much at what's being done, as that is sadly predictable and no different than what has been happening for years, but at the lies that are being told about it.

Into that mood, though, came the following journal post from Ken MacLeod:

Nothing has done more to corrupt humanity than the attempt to civilise warfare. Just War Theory is an utter perversion of the moral sense, a doctrine of literally mediaeval barbarism, invented by clerics to regulate wars between Christian kings. Its finest moral discrimination to date is that it's legitimate to kill a munitions worker on his way to work, but a crime to kill him on his way home. It tells us that to aim a bomb at an enemy soldier and kill a hundred civilians is -- if the necessity is there -- legitimate collateral damage, but to deliberately aim one bullet at one enemy civilian is murder. In its pedantic, casuistic jesuitry it still stinks of the cringing, quibbling fusspots who invented it, and retains too its usefulness to a useless and barbaric ruling class. It does nothing whatsoever to restrain their behaviour. Its only function is to befuddle those who oppose, protest and fight them. It justifies every horrific, predictable consequence of imperialist assault as an unintended consequence, and condemns every horrific, predictable consequence of resistance to that assault as an intended consequence. Their violence against civilians is mass murder, ours is collateral damage.

Amen, sir, and bravo. Letting out some of the vitriol I feel helps a great deal; having someone else let it out for me is even better.

Comments disabled. Listen or don't, think or don't, and hold what opinion you wish of me; I'm not in the mood to discuss it with you.

2006-07-21: Anti-Disney haul

I expect I'll get into this more when I write reviews, but I've recently been putting a finger on exactly why Disney annoys me so much despite (or perhaps because of) the company's ability to generate cute and inoffensive stories. This order was primarily to acquire the original treatments of works that have been distorted or overwritten by the Disney treatment.

J.M. Barrie -- Peter Pan (children's)
Elizabeth Bear -- Blood and Iron (sff)
Barry Lopez -- Resistance (mainstream)
Sarah Monette -- Mélusine (sff)
Dodie Smith -- The 101 Dalmatians (children's)
Dodie Smith -- Starlight Barking (children's)

I have another book already finished and ready to review and am nearly done with Delany's About Writing. I'll probably start something new tonight.

2006-07-23: Now with series information

Well, I didn't get done many other things that, in an ideal world, I should have done today, but I did cross one very long-term project off my to-do list. The index of my book reviews now contains series information, and it doesn't even seem to look too hideous or cluttered.

There are several bits left to do on this project; I'm not completely finished. I have to update the software I use to build the structure around reviews to cope with having series information and adding it in correctly when I write a new one. Not horribly difficult, but probably an hour or two of programming. I then want to go through all of the individual reviews themselves, make sure that the sidebar review information says something useful, and add notes to the end of the review about which book comes next in the series. That will take a while, but it's a good thing to do while I'm otherwise brain-dead.

I'm probably also at the point where I need to break up the main page into separate indexes, probably one per first letter of last name for SF authors and one index page for each of the other types of books. But I'll want to keep one unified index as well, for those that want it. That's a bit farther down the road.

I also switched things around so that the books outside of series were listed before the books in series, since that looked better with the series information. I haven't yet done the same thing in the rating index and probably should for meaningless consistency.

Hopefully, the whole thing doesn't look too hideous on anyone's browser. Tomorrow, another actual review, assuming work doesn't eat my brain.

2006-07-27: spin 1.63

While revising my review index to add series information, I noticed that there wasn't a way to add class information to <dt> tags. That's now been fixed (and my release process has been updated to use Subversion since that's what I keep the source for my web pages in).

You can get the latest version from my web tools distribution page.

2006-07-29: Asimov's, March 2006

Review: Asimov's Science Fiction, March 2006

Editor: Sheila Williams
Issue: Volume 30, No. 3
ISSN: 1065-2698
Pages: 144

The non-fiction bits this month were interesting enough to be worth a comment. I usually find Sheila Williams's editorials rather pedestrian, but this month she explained the point of sudoku and some of its history. Since I was probably the last person on earth who hadn't heard the explanation, I appreciated that. Silverberg talks about life on Earth that lives in extreme conditions -- mostly details I've heard before, but he expresses them well. Joe Lazzaro provides an update on current space flight initiatives, and Paul Di Filippo provides a satisfyingly long set of book reviews.

The stories were on the good side of average. Several grabbed my attention in different ways, but none of them were entirely satisfying.

"The Gabble" by Neal Asher: A follow-on of sorts from Asher's previous story "Softly Spoke the Gabbleduck", this one dives a bit deeper into the origin of the apparently sentient but incomprehensible gabbleduck as it follows two anthropologists exploring a world of bizarre creatures. The drama comes from the puzzles more than much plot action and characterization outside of the puzzle of the story felt desultory to me. The climax has some drama but doesn't really answer questions, and takes matters towards an explanation that I personally find unsatisfying. Overall, not bad, but a bit of an eh. (6)

"46 Directions, None of Them North" by Deborah Coates: A teenage girl wants to go to Alaska because that's where the aliens are landing. She knows that theoretically from messages on her cell phone, but mostly because she believes. This story is rather silly, trying perhaps too hard for a tone of breathless teenage drama. What I did like, though, was the dynamic between the protagonist, her father, and finally her mother. Her father dropped out of the corporate life and is her idol, but he won't take her to Alaska. It's only when she manages to reach a part of her mother that's both like and completely unlike her father that the story reaches an emotional connection. I didn't like that the protagonist never seemed to understand what was going on, but the final emotional twist gained more depth the more I thought about it. (6)

"Dark Eden" by Chris Beckett: I liked the setup here: a space program based on random jumps to try to find life, so far unsuccessful, and a good set of characters with competing motives and of types not often seen in this sort of story (a Christian crusader, a promiscuous womanizer, and a black female cop). Unfortunately, the plot dies halfway through, the background all but disappearing and turning the story into a pure character dynamic between the womanizer and the black female cop. Both are decent characters; neither are sufficiently powerful to keep the story interesting when they hold the stage alone. By the end, I thought the story lost all purpose and direction. (5)

"Rwanda" by Robert Reed: Second person present is at best a challenging voice in which to write a story, particularly when the reader is being put in the position of a small child, and I'm not sure it worked here. Still, it does fit Reed's desire to have a character explain the world to the reader, and I'm not sure the sting in the tail of this story could have been handled another way. "Rwanda" tries to immerse the reader in minute observations of the world and then twist emotions as the specter of war and genocide is slowly introduced; it's not ineffective, but I found the viewpoint frustrating and at times forced. I'm not sure the ambiguity in the ending explanation was intentional or just a side effect of the position from which the reader has to hear the story. Memorable, but not entirely successful. (6)

"Dead Men Walking" by Paul J. McAuley: This is an odd story; it feels like part of some larger whole (and it is part of a larger story sequence) and seemed incomplete on its own. The plot takes a lot from spy novels and reaches a clear conclusion: an assassin who escaped his handlers and struck out to live a normal life tries to track down the murderer who is in danger of exposing him. But without any additional background, I felt like the story was mostly exposition and I never felt like the protagonist was placed in the larger world. The story doesn't lack emotional subtext, but I think I needed to see his background in more than just an infodump to feel the intended emotional punch of the climax. (6)

"Companion to Owls" by Chris Roberson: I adored this background. The protagonist cleans ghosts off the roof of a giant cathedral, one large enough that people spend their entire lives on the roof, in the middle sections, or in the basement. There are some particularly persistant ghosts in the steeple for which he's responsible, so he has to escort a necromancer who can perform the stronger sort of banishing. The plot itself didn't do much for me and the conclusion was a bit too predictable, but I'd love to see more in this world, particularly a story that digs deeper into its history, politics, and dynamics. (7)

"The Kewlest Thing of All" by David Ira Cleary: Set in a San Francisco marked by sea rise, largely floating on pontoons in the ocean, this story is apparently about the conflict between a corporate-driven identity and a choice of identity driven by whatever is aesthetically cool. Body modification in the form of implants that display patterns like screens are ubiquitous, as are deeper forms of genetic modification, apparently including some sinister forms that tie people to particular corporations. The story starts as an anti-establishment rebellion, but driven by a surprisingly dictatorial counter-establishment; by the end of the story, one despairs of any real escape from the consumerism and consumption that seems to be driving everything, even "kewl." Inbetween, the story jerks and jumps erratically, leaving me unsure what it was saying and what the reader is expected to make of the rather pathetic protagonist and her efforts at recruitment to kewl. I'm not sure what to make of the ending; I think there's a sharp, cynical observation about the futility of counter-culture movements lurking there, but I didn't get enough help from the author to fully unpack it. Interesting, but mostly frustrating. (6)

Rating: 6 out of 10

