Older blog entries for Stevey (starting at number 568)

29 May 2012 (updated 29 May 2012 at 16:06 UTC) »

A heady mixture of photography and programming

The past few weeks have consisted of a heady mixture of taking interesting pictures of cute people, and writing code.

I spent a while getting to grips with seccomp filters, using the facilities present in recent GNU/Linux Kernels to filter system calls binaries are allowed to make.

My initial test was to patch GNU Less to only allow it to open, read, and close files. The side-effect of this was that the built in shell-escape was closed, thus allowing me to test it.

After that I toyed around with interfacing with spidermonkey|seamonkey. In this regard I was less succesful, but I did manage to write code in C that would invoke javascript functions loaded dynamically. Similarly I could call from my (loaded) javascript code into functions defined in C.

I don't have a use for a Javascript to/from C bridge, but I'm sure that time will come.

Photography has been a constant distraction, I took some fun shots of the Edinburgh Marathon, and then distracted myself with a volunteer to take an abstract fishnet photograph. We went on to do some more fun shots begin careful to stay on the safe side of the NSFW limit. I think this is borderline NSFW, but we were both clear exactly what we wanted and we got it perfectly there.

Next week will be quieter, but providing we don't have another mini-heatwave in Edinburgh I'll be cheerful regardless.

ObQuote: One, two, Freddy's coming for you. - A Nightmare on Elm Street (original)

Syndicated 2012-05-29 14:56:16 (Updated 2012-05-29 16:06:34) from Steve Kemp's Blog

On working from home

Recently an ex-colleague of mine changed jobs and suggested that I write something about the pros and cons of working from home. I've thought about this subject, off and on, for a few years and frustratingly I think most of the pros and the cons are the same:

  • When you work from home you're working from home.

I live in a two-bedroom flat in Edinburgh. (Having just spent thousands on a new bathroom I don't expect I'll be moving any time soon. A rough budget of £40-50,000 would let me convert my attic into two/three rooms. So there is growth potential!)

In my flat I have made one of the bedrooms an office. The office contains:

  • A huge desk with two PCs, and two telephones on it.
  • Several book-cases.
  • A wall-mounted fan.
  • Very little else.

One PC is for work. One PC is for me. One phone is for work. One phone is my own.

Every working day I switch on the work router, the work phone, the work PC around 09:30. I then work, taking a lunch-break between either 12:00-13:00 or 13:00-14:00, until 18:00 at which point I switch off the work toys.

I ignore my personal PC during the working day with the exception that it is the source of my music. I can reach across and hit the appropriate multi-media keys to select Play/Pause/Next Track/Previous Track/Volume Up/Volume Down. (When thenever the work-phone rings the first ring is ignored as I scramble to hit "Mute" or "Pause"..!)

So what are some of the advantages/drawbacks? Well I'm at home. So the environment is one that I've made myself, and enjoy. The music is mine. The colour-scheme is mine. The pictures on the walls are mine. I have a Steve-loving chair. There is no soulless air-conditioning, no horrible cubicles, and no noisy people talking.

The downside? No people talking. If I didn't leave my house at lunchtime I'd speak to zero people face to face in an average working day. That took a while for me to notice, but it is not nice.

Since I work from home "the commute" takes seconds. I tend to get out of bed and wander straight to the desk. I'll work non-stop, then get dressed around lunchtime so that I can go out for lunch. Hail, Rain, Snow, or Sunshine I leave the house for lunch every single day (unless waiting for an atypical delivery). Because if I didn't I'd have no human contact. In the afternoon if it is a nice day I'll get undressed again, because I can, so why the hell not?

Providing you're focussed working from home has several advantages that I can think of - I've no qualms about setting the washing machine going before I start work knowing that I can "spare" five minutes to empty it later in the day. Similarly I've no concern about ordering (even large) items, because I know what time the postman comes, and I know I'm never going to be out and miss a delivery.

When I first started working from home I had a laptop instead of a PC and there were mornings when I worked, lazily, from my bed, or from my sofa whilst watching TV. That didn't last for long because I just didn't do a good job. I think I got away with it in the sense that I don't think people noticed, but I expect if it had lasted for longer it would have been quickly apparent. I stopped because the line was blurring between "home life" and "work life".

Having a dedicated working area is essential in keeping me focussed. I don't do "home things" when I'm in "work time" - with very rare exceptions. Yes I wander around and pace if I'm thinking, yes I make more tea and coffee than I would in a real office, and yes I might open windows, phone a friend, read my gas meter, washup dishes, or similar as I'm "making coffee". But on the whole it only works if I work when I'm working.

I could save money by using my work-internet instead of paying for personal-internet, but keeping the two links separate is another way of being focussed. I don't do "dodgy" things on the internet, on the whole (haha), but if I do I'd want to be damn sure that that was via my link and not the work-link - and having two PCs and two network links I know that is the case. There have been times when the work link has broken and I've used my personal link + openvpn to continue working, or at the very least re-join our internal chatroom and say "Internet down, brb".

As a system administrator there are times when I have to do things either early in the morning, late at night, or even during a weekend. I guess a final advantage is that this is not a struggle - providing I don't schedule such operations at times when I'm in the pub, meeting friends, or taking pictures of cute strangers, it isn't a struggle to say "I'll do this after 8pm tonight", or set the alarm early. No long walk to an office, and if I've already got food cooking for my tea I can eat it nearby whilst still configuring things and testing sites/services/machines.

So pros: I'm in my own environment, I don't worry about receiving parcels, meter-readings, and have wonderfully pleasant music all day. Ancillory bonuses are really side-effects of being in my environment: I have my good coffee, my nice cups, I can eat food I enjoy. etc, etc.

Cons: You must be dedicated. You must be focussed lest you give in to temptation and cease working for minutes/hours at a time. You lose part of your home space - I can't turn this room into a childrens bedroom, for example.

Nothing earth-shattering. I've done this for five years now, and although I was a little skeptical initially I thought "Why not?" It has worked out well and I think if I ever did need to leave my current position I'd have no hesitation about working from home in the future.

Finally it has to be said that when I've had partners in my life they've traditionally been the type to wake up later than me. I get significant brownie points for being able to wake them up around 10/11AM with a cup of hot coffee & breakfast in bed every morning. By virtue of having a separate space I can close the door and not be disturbed by them walking around.

I'm sure I've forgotten things - but as an initial pass the benefits and disadvantages of working from home are the same: You're in your own house.

ObQuote: "Explorers in the further regions of experience." - HellRaiser

Syndicated 2012-05-12 08:23:29 from Steve Kemp's Blog

So I have a new bathroom

The work on my bathroom is complete. The two weeks of noise and mess were well worth it.

The old and unpleasant room is now completely different. The only issue I see is that I've managed to fill up the storage already.

I'm particularly impressed with the sink, but special mention must go to the step, and the light switch (this is touch-sensitive and apparently incapable of electrocuting me).

Rest assured that despite all the changes none of my dinosaurs are missing!

Oh well I can always mount a new shelf, or three.

ObQuote: - "Tell me of your homeworld, Usul.", Dune.

Syndicated 2012-04-25 23:05:08 from Steve Kemp's Blog

Work on my bathroom continues

Work on my bathroom continues. I had expected it to be complete on Friday but it lookse like the new completion date will be Tuesday or Wednesday.

It will be very nice to have a working shower, and a toilet I don't need to "flush" with a bucket.

The only interesting thing I've been doing is planning on a kernel to support long-term for some poor unfortunate souls who cannot use Debian-based kernels.

I know building, supporting, and maintaining a kernel will be a pain. But at the moment it looks like a valid thing to be suggesting.

Otherwise life goes on. I've been hit by the DIY bug, largely as the result of seeing all the bathroom work going on, and figuring I was going to live with dust/mess anyway - so I've erected some more book-shelves, and ordered a pair of ceiling fans.

The only other thing to report is that I've started deleting emails. (shock!)

I look after a few machines for myself, friends and so on. Each one will send me automated emails at times. I've got them going back years - but no longer:

#
#  Prune old mailboxes.
#
for maildir in .Automated.backups .machines.spotlight .machines.skx; do
   nrecent --keep=150 $HOME/Maildir/${maildir}/cur
done

Another new use for my nrecent tool. (Note: Only delete files from ./cur, to avoid deleting messages I've not read. Maildir is your friend!)

ObQuote: "I'm sorry I'm sweating on you... " - Knocked Up.

Syndicated 2012-04-22 14:27:11 from Steve Kemp's Blog

moreutils makes a lot of sense to me

I've installed moreutils on several hosts now, and each time I find a new use for one of those tools I'm very happy.

Unfortunately I suspect that too many of us continue to hoard our little shell script archives, continuing to re-invent wheels with slightly different colours, shapes, and sizes.

I suspect I've just re-invented the wheel again, writing nrecent, because there seems to be no "simple" way of doing the job of keeping the most N recent files in a directory.

I guess the standard approach would be to use "ls", or "find", to find all files in a directory, reverse-sorted by mtime, then use "tail +n2 to skip the ones you want to keep, removing the rest.

Anyway nrecent - keep the most recent N files in a directory:

nrecent --keep 20 /tmp

Written as naively/hurridly as possible as it solved, and continues to solve, a real need.

ObQuote: "You're like the drummer from REO Speedwagon. Nobody knows who you are. " - Employee of the month

Syndicated 2012-04-15 15:03:52 from Steve Kemp's Blog

Bye-bye AOL

Today I took that final step:

touch /srv/_global_/blacklisted/domains/aol.com

I remember, even a couple of years ago, I had friends who would mail me from their @aol.com email addresses. These days people have moved on.

The two single biggest mail-providers I see in terms of spam are:

  • @yahoo.com - 832 in the past nine days.
  • @aol.com - 242 in the past nine days.

I'd like to drop @yahoo.com but I have some (misguided) friends who continue to use it to mail me. I might start dropping non-friend mails from that domain, but that's a bigger job.

Yes, this is a dull entry. Sorry. My existing bathroom has been ripped out and turned into this as a stepping stone into its new incarnation. I'm trapped in my office. Dust almost everywhere. Noise everywhere else.

ObQuote: "There can be no understanding between the hand and the brain unless the heart acts as mediator. " - Metropolis

Syndicated 2012-04-09 13:38:01 from Steve Kemp's Blog

So I want a backup solution

I look after a lot of systems, and most of them want identical and simple backups taking of their filesystems. Currently I use backup2l which works but suffers from a couple of minor issues.

In short I want to take a full filesystem backup (i.e. Backup "/"). I wish to only exclude a few directories and mounted filesystems.

So my configuration looks like this:

# List of directories to make backups of.
# All paths MUST be absolute and start with a '/'!
SRCLIST=(  / /boot -xdev )

# The following expression specifies the files not to be archived.
SKIPCOND=( -path '/var/backups/localhost' -o -path '/var/run/' -o \
    -path '/tmp'  -o -path '/var/tmp' \
    -o -path '/dev' -o -path '/spam' \
    -o -path '/var/spool/' )

The only surprising thing here is that I abuse the internals of backup2l because I know that it uses "find" to build up a list of files - so I sneakily add int "-xdev" to the first argument. This means I don't accidentally backup any mounted gluster filesystem, mounted MySQL binary/log mounts, etc.

backup2l then goes and does its jobs. It allows me to define things to run before and after the backup runs via code like this:

# This user-defined bash function is executed before a backup is made
PRE_BACKUP ()
{
   if [ -d /etc/backup2l/pre.d/ ]; then
      run-parts /etc/backup2l/pre.d/
   fi
}

So what is my gripe? Well I get a daily email, per-system, which shows lots of detail - but the key thing. The important thing. The thing I care about more than anything else, the actual "success" or "fail" result is only discoverable by reading the mail.

If the backup fails, due to out of disk, I won't know unless I read the middle of the mail.

If the pre/post-steps fail I won't know unless I examine the output.

As I said to a colleague today in my view the success or failure of the backup is the combination of each of three distinct steps:

  • pre-backup jobs.
  • backup itself
  • post-backup jobs.

If any of the three fail I want to know. If they succeed then ideally I don't want a mail at all - but if I get one it should have:

Subject: Backup Success - $(hostname) - $(date)

So I've looked around at programs such as backup-ninja, backup-manager and they seem similar. It is a shame as I mostly like backup2l, but in short I want to do the same thing on about 50-250 hosts:

  • Dump mysql, optionally.
  • Dump postgresql, optionally.
  • Dump the filesystem. Incrementals are great, but full copies are probably tolerable.
  • Rsync those local filesystem backups to a remote location.

In my case it is usually the rsync-step that fails. Which is horrific if you don't notice (quota exceeded. connection reset by peer. etc). The local backups are good enough for 95% of recovery times - but if the hardware is fried having the backups be available, albeit slowly, is required.

Using GNU Tar incrementally is trivial. If it weren't such a messy program I'd probably be inclined to hack on backup2l - but in 2012 I can't believe I need to.

(Yes, backuppc rocks. So does duplicity. So does amanda. But they're not appropriate here. Sadly.)

ObQuote: "Oh, I get it. I see now. You've been training for two years to take me out, and now here I am. Whew! " - Blade II - An example of a rare breed, a sequel that doesn't suck. No pun intended.

Syndicated 2012-04-05 21:12:14 from Steve Kemp's Blog

So I have a new camera. Again.

Until recently I've had a Canon EOS 1000D, my starter-camera, and a Canon EOS 40D which is my real-camera.

The 40D is older, but it probably counts as a "semi-pro" body, albeit an old mid-range one. From an image size point of view there isn't too much to tell them apart - both produce 10MP images. But from a hardware and ease of use sense the 40D has several key features which made it a compelling upgrade:

  • Dual controls. So we can use one wheel for shutter speed, and one for aperture size.
  • Better feeling body, which is slightly larger and more solid.
  • Top display for instantly obvious settings.

Anyway both these cameras have been my friends for the past year or two, although I did buy a toy camera for those times when I didn't want to carry the DLSR around.

I've made sure I only bought "posh" lens, including the fabulous and horrifically expensive 70-200 f/2.8 MK 2 lens (Just short of £2000) and I'd been wanting to use those on a full-frame camera.

Now it is upgrade time once more and I've just bought the EOS 5D MK II - a full-frame camera which means I don't have to worry about crop-factors any more.

So far I've only had it a couple of days but I'm in love. The output images are 21MP so I get far fewer to a (CF) card. But the detail is sublime.

Future portraits and photos of people will be wonderful - although I hope they already are to a large degree!

This upgrade was a hard choice. The 5D is a full-frame, but a little slow. (Faster than my 40D by a hairs-bredth) The alternative would have been a 7D which is fast, and wonderful, but still uses a cropped sensor. Given that I have fast lenses and don't do sports (often) the 5D seemed like the sanest approach.

For my reference - my Canon serial numbers:

EOS 1000D 1780312242
EOS 40D 1230734041
EOS 5D MK II 4131916951

ObQuote: "Courage is only required when facing that which you fear. " -Stargate: The Ark Of Truth

Syndicated 2012-03-25 21:16:58 from Steve Kemp's Blog

My code makes it into GNU Screen, and now you can use it. Possibly.

Via Axel Beckert I learned today that GNU Screen is 25 years old, and although development is slow it has not ceased.

Back in 2008 I started to post about some annoyances with GNU Screen. At the time I posted a simple patch to implement the unbindall primitive. I posted some other patches and fixed a couple of bugs, but although there was some positive feedback initially over time that ceased completely. Regretably I didn't have the feeling there was the need to maintain a fork properly, so I quietly sighed, cried, and ceased.

In 2009 my code was moved upstream into the GNU Screen repository (+documentation update).

We're now in 2012. It looks like there might be a stable release of GNU Screen in the near future, which makes my code live "for real", but in the meantime the recent snapshot upload to Debian Experimental makes it available to the brave.

2008 - 2012. Four years to make my change visible to end-users. If I didn't use screen every day, and still have my own local version, I'd have forgotten about that entirely.

Still I guess this makes today a happy day!

Wheee!

ObQuote: "Thanks. For a while there I thought you were keeping it a secret. " - Escape To Victory

Syndicated 2012-03-21 12:24:53 from Steve Kemp's Blog

Happy birthday to me

Recently I accidentally flooded Planet Debian with my blog feed. This was an accident caused by some of my older blog entries not having valid "Date:" headers. (I use chronicle which parses simple text files to build a blog, and if there is no Date: header present in entries it uses the CTIME of the file(s).)

So why did my CTIMEs get lost? Short version I had a drive failure and a PSU failure which lead to me rebuilding a few things and cloning a fresh copy of my blog to ~/hg/blog/.

My host is now once again OK, but during the pain the on-board sound started to die. Horribly crackly and sounding bad. I figure the PSU might have caused some collateral damage, but so far thats the only sign I see.

I disabled the on-board sound and ordered a cheap USB sound device which now provides me with perfect sound under the Squeeze release of Debian GNU/Linux.

In the past I've ranted about GNU/Linux sound. So I think it is only fair to say this time things worked perfectly - I plugged in the device, it was visible in the output of dmesg, and /proc/asound/cards and suddenly everything just worked. Playing music (mpd + sonata) worked immediately, and when I decided to try playing a movie with xine just for fun sound was mixed appropriately - such that I could hear both "song" + "movie" at the same time. Woo.

(I'm not sure if I should try using pulse-audio, or similar black magic. Right now I've just got ALSA running.)

Anyway as part of the re-deployment of my desktop I generated and pass-phrased a new SSH key, and then deployed that with my slaughter tool. My various websites all run under their own UID on my remote host, and a reverse-proxy redirects connections. So far example I have a Unix "s-stolen" user for the site stolen-souls.com, a s-tasteful user for the site tasteful.xxx, etc. (Right now I cannot remember why I gave each "webserver user" an "s-" prefix, but it made sense at the time!)

Anyway once I'd fixed up SSH keys I went on a spree of tidying up and built a bunch of meta-packages to make it a little more straightforward to re-deploy hosts in the future. I'm quite pleased with the way those turned out to be useful.

Finally I decided to do something radical. I installed the bluetile window manager, which allows you to toggle between "tiling" and "normal" modes. This is my first foray into tiling window managers, but it seems to be going well. I've got the hang of resizing via the keyboard and tweaked a couple of virtual desktops so I can work well both at home and on my work machine. (I suspect I will eventually migrate to awesome, or similar, this is very much a deliberate "ease myself into it" step.)

ObQuote: "Being Swedish, the walk from the bathroom to her room didn't need to be a modest one. " - Cashback.

Syndicated 2012-03-10 12:54:21 from Steve Kemp's Blog

559 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!