Older blog entries for jfs (starting at number 6)

Working on LDAP for two days, first day waiting for a guy from Intel to do a demonstration on Shiva (not worth giving an URL, even if simple, since they just have a Solaris and NT version) Access Manager. I was quite fired up, because

  1. the guy was not prepared for the questions regarding LDAP integration we were going to make him, although we sent them a week in advance. Moreover, it took me thirty minutes to see how to make it work and he was not able even to find it on the help
  2. The versions are supposed to provide the sam stuff but there is no documentation in the Solaris version, whileas the NT Console comes with many help files. I do not say that they have to port the Administration GUI (even if it would not be difficult) but for heaven's sake, give me the documentation to configure it by myself (i.e without the GUI).

I was quite disappointed of commercial support.

Today I've been working with Netscape's LDAP, trying to build a new schema, I did not find a lot of documentation, until I looked at iplanet instead of NDS. The point is, I do not want to use the Java console for administration... just vi :)

I've had time to make a new package, or rather, adopt it. It seems that sac had not been updated in Debian, and I read in the wnpp that it was orphaned, so I took the latest version, updated it and sent it to the University's server in order to upload it to master today...

I've been to a Newlink group of conferences, and product presentations... nice to see that many are going to the appliances market (easy to install, configure, hardware boxes) and that some of them work with Linux. Even though the guy said it run on Linux 2.0 and didn't know what to answer when I asked: is it based on any distribution or is it home-brewed? (BTW, it was Watchguard's Firebox.. small and red).

Nice to see too that Checkpoint has more throughput on Linux even if the guy from Nokia insisted that it was better with their own propietary OS. They put Linux (Redhat 6.1) the last of the table, Nokia the fist, NT, Sun in between, but Linux gave the best througput of the lot. Anyway, I don't like comparatives that are done on different OS and different hardware.

The technical guy at from Aladdin, when talking about etoken (using bus cards for authentication) said they had developed PAMs for Linux and Solaris, as well as 2000, NT et al... although in their web page there is no mention of Linux systems... oh well.. I am checking with proyects are there for USB cards, it seems that linux-usb.org might be worth checking as well as linuxnet.com.

And after doing it I've found here that Aladdin's etoken is not supported (yet). I might be thinking on downloading the SDK and do it myself but there's already someone working on one.. so we'll see...

Another day at work.... I have for the moment been able to post a new notice in barrapunto (spanish version of slashdot) regarding Microsoft's latest and worst client vulnerability. If someone told you that NetBIOS and SMB was secure, you will think it twice after reading bugtrack and Network Security Focus. announce. I tackled smbclient's sources, but was unable to properly code an exploit, alas, the Nsfocus team posted an exploit last monday (which worked perfectly BTW).

I find it fun that I can work with Debian GNU/Linux 100% of the time and contribute with bug reports (for example xfig strange, but at the same time, understandable behavior with WMaker, description here, and make new packages. I have just submitted to the upload queue:

  • libexpect-perl_1.08-1_all.deb
  • libio-stty-perl_0.02-1_all.deb
  • libio-tty-perl_0.04-1_i386.deb
  • libnet-snmp-perl_3.6-1_all.deb

Taken from CPAN, which I needed in order to make Vlad work. BTW there are a lot of CPAN packages, someone should try to check automatically which are not yet packaged in Debian.

I'm seriously thinking on joining Debian's security team, since I keep track of bugtrack now (spend at least 1h a day reading advisories) they are overloaded, and I find it fun to play with the source in order to find a reasonable exploit... Another good thing of my work is that you need to learn a lot (I read yesterday an article on buffer overflow, wirtten by mixter, boy was it good!)

I'm doing search within a proyect in order to define and develop access to a LDAP database. Did'nt know much about LDAP up to last friday :)

I'm impressed, however, on how easy to install OpenLDAP is vs. other commercial directories (Netscape's Directory Server) on Linux. The later seems to have an installer compiled against *old* libraries and I can only get it to "core dump", the former is installed nicely using debconf :)

Also, there are a number of useful open source proyects:

  • Of course openLDAP.
  • gq: VERY nice gtk LDAP client (tried it against OpenLDAP, Netscape's Directory Server and Sun's)
  • Frood a Gtk+Perl interace using Mozilla's Libperl
  • libnet-ldap-perl easy to use Perl Modules, not be confused with
  • Mozilla::LDAP which is another implementation using Netscape's C SDK.

Well... back to coding in Perl to test LDAP features...

Well, my box just crashed... not really (had to do a soft reboot) but I did not like those "kswap cannot free page..." messages (it was, more exactly kernel: VM: do_try_to_free_pages failed for kswapd (I've checked and it seems to appear in many mailing lists at least comes up in a security announcement).

I have been able to do all my work without having to switch to M$ 2000. Navigator does fine for mail+web (I like it's addressbook although I do not like it being stored in binary format...), and StarOffice does fine for all the documents they send my in doc and xls format.

For the rest of stuff, you guess: many gnome-terminals.

I have (finally) all the Debian binary Cds, but only 1 source yet. Maybe Debian should find a way to send source+binaries out (like when Linux Central sent it) when a release is done. Thay way I could do some contributing in work (and not lose that much time downloading+toasting it)

Strangely enough, I do not find some packages in the Cds I downloaded... oh well..

I have started checking LDAP for a proyect, I will see how many free implementations are out there, curiously, when I checked for Radius stuff I saw that one of the most used has been made by Miquel (and I met him a while back :)

I have also had time today to start coordinating the translation of the CVS book in Lucas (the spanish group of translators of GNU/LDP/FDL documentation).

This is one of the things that pisses me off...people starting work and then leaving it as we say in Spain "manga por hombro", there's no record whatsoever of who volunteered in the proyect and how where the chapters given out.

Ironically, in LuCAS CVS repository, only three chapters are available, no much info to start with so I had to mail the full list in order to get some backup from people that might be working on chapters and are reading the list...

I'm not really sure what a diary entry is ... but I guess I could just put here what I can do in my spare time on free sw which now is, since I started working, less than I wanted.

I have just updated the security.debian.org spanish page which was way out of date, just in time to read the thread on debian-www regarding the program I wrote about a year ago but which was not yet adopted.

It seems that neither Josip nor James understand the point of translation-check.wml since it might turn around the flow of information, the problem is they are not aware that translators not always keep their senses and check their pages, they might be away... very busy....

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!