It's now three weeks without gas heating and water in my rooms (in all my rooms, though - i originally hoped to have water in the bath room).
It's now three weeks without gas heating and water in my rooms (in all my rooms, though - i originally hoped to have water in the bath room).
Life is complicated.
Nothing happened on any free software project for quite a
long time, until yesterday at least. It took some time to
recover from
that security hole: I was so sure that "too much trust"
can't
happen to me. The lesson hit me hard.
I actually learned something from it, and did some changes
to the design of the
whois server i started to write this week. Well,
minor
changes, fortunately.
Regarding whois server: the beast will possibly end up as
GPL - $boss mentioned this (why he did it is a different
story).
Even after one week i still believe that the design is
right,
and apart from a few compatibility hacks to allow it to be
used as a drop-in replacement at [unnamed COM-NET-ORG
registrar] it will be quite nice (and even these hacks may
be
turned of).
I'd love to use a template system for the output,
but that will not work out, too many things depend on the
content of a record (at least that's the unfortunate
situation
at the registrar). I'm still undecided whether i'll include
script language code in the output template, or create the
complete output using a script language. [i tend to do the
later, i don't need to parse templates that way].
Aside from that: I'm still living inside a building yard.
The gas heating has been removed, and it will take 10
further days until
the new one is installed (and even then things will get
"funny":
a low temperature boiler will then feed old time radiators).
Right now it's somewhat cold in my rooms ...
Things will get worse: i'll not have water in the kitchen
any longer.
It will pay out in the long run, though.
A totally unrelated question: a friend of mine want's to install a VPN to my site. Nice idea, but i've a strong feeling that PPP over SSH isn't really a bright idea (my understand of TCP congestion control is that it isn't meant to be used over another congestion controlled media). He thinks it works, i think it _can't_ work with a loaded low-bandwidth link. Who is right, or where can i read more?
Released ftpcopy-0.3.3.
When i wrote the program i thought something like "why
bother? It's me own FTP server anyway": I wrote the program
to automatically copy files between 2 servers. When i
re-read the
code i thought the same. Later i decided to use it to mirror
other servers, too, and even later i decided to make the
code
available to others ...
When i read about the scp security hole on bugtraq i
suddenly
*knew* where to look into.
The lesson? Don't allow bad code to exist, even for internal use.
The good news: My caffeine addiction seems to wear off. I
was really, really tired on saturday and sunday, but i'm
beginning to feel better again. No coke, no tea for almost
100 hours ...
I didn't get a caffeine addiction for three years, up to
2000-07.
But then the stress level increased drastically, and i, once
again,
was stupid enough to let work get too much influence on
my life.
The bad news: i detected a security problem in ftpcopy. No buffer overrun, no printf/syslog hole: "too much trust in the FTP server". Damned.
The telekom installed the TAE for the DSL line on monday.
Today
QSC installed the DSL pipeline. It even worked ... 144kbit
isn't
bad.
The provider didn't get the hint on the IP address
application (n IP address _plus_ firewall, so an additional
/30 or a DSL pipe in bridge
mode would have been perfect), but proxy arp is fine for
this
situation, so i went that way.
Changing the IP addresses of five machines was an
interesting
experience. If my customers told me that changing IP
addresses
is beyond them for some reason or couldn't be finished in
the next
few months ... in short, i really didn't believe them. Now
it do.
Change IP addresses. Change main filter. Change DNS server
address. Change multiple application and server
configurations.
Change multiple access lists (host.allow, tcpservers
configuration).
Tell the outside world about the change. Fix multiple access
lists
there. Fix a number of ssh configurations or authorized_keys
since the reverse mapping is not working now. Detected an
overly
long /etc/hosts on one machine. It's quite late now.
I
still have
to move my brothers machine to the new address, but that can
wait until he notices that something is broken.
Anyway, i'm quite happy about that. Seing that the telekom get's something right at the first time is delightful.
On the free software front not much has happened. I finished the basic design of the trouble ticket system. The only thing i left out was indexing - i'll first look at which kind of queries will be needed and then decide how to do that. Actually, this thing begins to interest me, and so the coding was quite easy (still unfinished).
The patch is now where it should have been:
klogd_lose.patch.
Sorry.
I looked at a number of trouble ticket and bug tracking
systems in the last two days. To put it mildly: they all
lack.
I'm astonished that the majority of them, especially the
newer
ones, are web-based. Hey, people, get a clue:
And all i've seen seem to be a bit unflexible. I'm not going
to
introduce different task-systems for company hotline
(non-software customers), software customer support and
developers internal stuff. My cow-orkers would kill me
before
i finish the sentence, i think.
In other words: the basic design has to be very, very
simple,
but extensible.
There is nothing wrong with having a web interface (aside
from
the simple fact that i will not use it if i don't need to
use it), but
being forced to use one? Heck, no.
And you can't easiely put something else about a web
interface,
but you can create some kind of web interface for almost
everything
without too much work.
I also went through my personal todo list:
ftpcopy ftp://re.mo.te/ ./re.mo.te/Not using -print0 is also possible. Files with \n inside the file name are then just not deleted. (i suspect that the are impossible to download anyway).
(cd re.mo.te ; find . -type f -print0) | xargs -0
ftpdelete ftp://re.mo.te/
1. update table where key = x; 2. if (ok) 3. delete from table where key = x;Bug? No, delete-trigger. No single word about it in the code, of course. Ugh.
itp: I think you'll be surprised by the number of people who neither use or like GNOME (or KDE). Not everybody needs the value added by those toolkits.
mjs: You forgot to take some things into account, too. A better procedure may be to:
Finished the xmodem sending. It works. It actually
is even
a little bit faster than lsx from the lrzsz suite. Why? I
didn't think
about performance ...
Error handling is quite simple: count the number of errors
per
block. If it reaches a fixed number then abort. Good enough?
At least not worse than lsx.
Thought about doing a fallback from 1024 to 128 just a
little
bit too late. Well, no other xmodem implementation i'm aware
of can do it, too, but that is no excuse. I feel a bit
stupid. But on the other hand:
it's a prototype, and if there is a reason to prototype
something
then it's to show stupidities early, right?
Anyway, it's time to stop dealing with computers for today.
New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.
Keep up with the latest Advogato features by reading the Advogato status blog.
If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!