Posts for November 2012

2012-11-02: Welcome, Planet Debian

As part of a discussion about something else on debian-project, it seemed clear that people were interested in more than just Debian-relevant posts on the Planet Debian aggregator. I'd previously only pushed Debian-related posts there, but I asked explicitly and people want the full feed. So this is the first untagged post going there (and something of a test).

The difference, for Planet Debian readers, is that you'll get a lot more book reviews (of non-technical books), and a smattering of software announcements. You'll also get posts like the below whenever I buy more books. I got into the habit of making haul posts from enjoying a friend's version of that, and now I use them as a way of keeping track of what I've already bought until I get around to putting stuff into a real book database. (I'm currently leaning towards Tellico, for what it's worth.) I'll try to add at least a bit of commentary so that it won't just be a list of books.

If I can get back into the habit, you'll also get regular postings of photographs. I've been out of the habit for about a year, though, so we'll see how that goes.

Anyway, a small haul:

Kevin Barry — Dark Lies the Island (mainstream)
J. Robert Lennon — Familiar (mainstream)
Ken & Jo Walton — GURPS: Celtic Myth (RPG)

This is notable because it's my first Indiespensible shipment. Powell's Books, from which I buy nearly all of my books, has a subscription club called Indiespensible, which sends a new novel, usually from independent presses, every six weeks. I've been eyeing this for a long time and finally decided to go ahead and try it for a while. I mostly read science fiction and fantasy, so this is a good way to try to read more mainstream fiction, and since I know absolutely nothing about what's good in mainstream fiction, something curated is a good idea. I haven't cracked open either of the books yet, but I quite enjoyed the chocolate toffee.

GURPS: Celtic Myth was because I discovered that there was a role-playing supplement by one of my favorite authors, so that had to be acquired, even if I'm not a GURPS player.

2012-11-05: WebAuth 4.3.3

So, funny story. And by funny, I mean "doh."

We had a production outage of our WebLogin servers a bit before I went on vacation because the hardware load balancer died, and then when it came back the load was so heavy that the WebLogin servers were overwhelmed with connections. WebLogin, due to the way that it involves accepting an Apache connection and then turning around and connecting back to itself to talk to the WebKDC, has a tendency to get into overload deadlocks. Worse, because the WebLogin script runs under FastCGI, when it deadlocks waiting for Apache to reply to it, mod_fastcgi decides that the script isn't responding and starts killing all the scripts. It's an obnoxious meltdown scenario.

I want to find some way of getting around this (such as running WebLogin via ngnix and running the WebKDC on another port), but in the short term the best solution is to just increase MaxClients to handle more load. The limitation there is the amount of memory on the servers, which was a problem since they were built 32-bit (for historical reasons). So, this weekend I started working on rebuilding them all 64-bit.

Imagine my surprise when I installed WebAuth and WebLogin on the newly-built 64-bit system and it segfaulted. It turns out that when allocating memory for a struct, it's good to allocate enough memory for the whole struct, not just for a pointer to the struct. (This is exactly the reason why I hate typedefs for structs in C, but in this case it was XS code where I don't have a good alternative, and I didn't pay close enough attention.)

So, lots of debugging later, along with a detour to set up comprehensive valgrind testing of WebAuth (at least all the parts of it that aren't the Apache modules), this release fixes one uninitialized memory error and one memory allocation size error. The latter is theoretically exploitable, although since it's inside Perl XS code with pretty sharply bounded external inputs, it's going to be pretty complicated to figure out how to exploit it and therefore I decided it didn't warrant an explicit advisory.

Obviously, anyone running earlier versions of mod_webkdc or WebLogin (4.2.0 or later, sigh) should upgrade to this release.

You can get the latest release from the official WebAuth distribution site or from my WebAuth distribution pages.

2012-11-18: Powell's anniversary haul

Powell's was holding an anniversary sale and giving out free gift cards with a qualifying order, so it seemed like a good idea to pick up a few books.

Ben Aaronovitch — Midnight Riot (sff)
Patricia Briggs — Alpha & Omega (sff)
Patricia Briggs — Moon Called (sff)
Mark Forster — Get Everything Done (non-fiction)
Lynn Galli — Wasted Heart (romance)
Sam Harris — Lying (non-fiction)
K.E. Lane — And Playing the Role of Herself (romance)
Jack McDevitt — Firebird (sff)
Marshall Rosenberg — Nonviolent Communication (non-fiction)
Deborah Tannen — The Argument Culture (non-fiction)
Bill Willingham, et al. — Fables: Animal Farm (graphic novel)

I'm not sure if the Forster will be worth the cost, but I've really liked his other writing about time management, so I thought I'd take a chance on it. I think the Tannen and the Rosenberg are on roughly the same topic, but I arrived at them through different recommendation paths. I've been feeling like reading about how to communicate lately.

The McDevitt novel is the latest in the Alex Benedict series. I'm only a couple of books away from being caught up. I've gotten lots of positive recommendations for Aaronovitch's series, so thought I'd get the first one.

There's also a variety of random stuff, mostly on the Kindle, that I'd not added to one of these posts, noted here mostly for my own records. Alpha & Omega is a novella rather than a novel, which I grabbed because I picked up and read Cry Wolf during vacation.

Last modified and spun 2017-03-25