@cks@mastodon.social avatar

cks

@cks@mastodon.social

That cks. Overcommitted sysadmin, photographer, bicyclist, and other multitudes. I write a lot of words for a programmer. he/him

This profile is from a federated server and may be incomplete. Browse more on the original instance.

aeva, to random
@aeva@mastodon.gamedev.place avatar

I've been mulling over a joke to the effect of "well maybe someone should fork the old MIT license redis to keep it going, and call it [good redis]", but does anyone use redis outside of corporate cloud scale software development? Like who else builds a nightmare microservice spaghetti monster only to realize in a panic that their "big data" fits entirely in ram?

cks,
@cks@mastodon.social avatar

@aeva @mhoye The open source rspamd[1] spam filtering system (currently) uses Redis as a purely local cache. I have the impression it was the simplest k/v local store they could use (it certainly didn't need any special configuration when we set the whole system up here). Now that Redis has changed license, future rspamd versions may switch to something else (memcached? I dunno).

1: https://rspamd.com/ and then https://rspamd.com/doc/configuration/redis.html

cks, to random
@cks@mastodon.social avatar

Do we sort of (ab)use Prometheus for system inventory/asset tracking, by putting DMI information, SMART serial numbers, etc into metrics and then scraping them? Yes, we do. Am I considering extending this by turning PCIe information into more Prometheus metrics? Also yes.

(I was hoping I could easily find a script for this that generated node_exporter textfile metrics but not so far in casual searches.)

cks,
@cks@mastodon.social avatar

TIL that there are a lot of weird (system) PCIe devices on our servers. Would you like some dummy host bridges? We have a bushel. "Milan data fabric", "Sky Lake-E CHA Registers", MEI controllers, a whole bunch of Intel 'unknown device' system peripherals, it goes on.

cks, to random
@cks@mastodon.social avatar

This is my face when Python's socket.gethostbyaddr() appears not to be able to return multiple names for a single IP address. Or at least it doesn't on Fedora and Ubuntu with their versions of Python 3.

(If you want to test it yourself, try 72.136.172.146, which right now returns 17 DNS PTR results for me. I would be interested if this works for you.)

cks,
@cks@mastodon.social avatar

@lanodan @fink I get a single result from getent (although the name in the result can be random).

cks,
@cks@mastodon.social avatar

The Python socket.gethostbyaddr() 'return single name' behavior appears to be an underlying issue in glibc's gethostbyaddr_r(). For me, it exists if /etc/nsswitch.conf is missing 'resolve' for hosts; if present, everything works. 'resolve' does name resolution directly through systemd-resolved, instead of via (theoretical) DNS queries.

(That is, 'hosts: files dns' does not go, 'hosts: files resolve dns' does go.)

cks,
@cks@mastodon.social avatar

Linux glibc itself considers gethostbyaddr_r() to be deprecated in favour of getnameinfo(). However, getnameinfo() specifically returns only a single name, in contrast to gethostbyaddr_r(). This makes me wonder if the glibc dns NSS module funnels the two through a single function that has the getnameinfo() single-name limitation.

(I could try to read the glibc source, but uh have you ever tried that? I have, and no. I am not that curious.)

cks,
@cks@mastodon.social avatar

My ultimate resolution to my Python problem was that I rewrote the little utility program involved in Go, which will return multiple names for an IP under the right circumstances on any system. Now I can theoretically resolve my sample IP address properly, presuming that the provider involved gave it working forward DNS (all of its claimed PTR names resolve to different IP addresses).

cks, to random
@cks@mastodon.social avatar

It has been '0' days since I discovered a Fedora package update purged all my 'ip rule' rules. This broke approximately everything, a number of things in subtle ways (because of infrequent use plus IPv4 vs IPv6).

cks, to random
@cks@mastodon.social avatar

This is my face when I realize that on a big multi-core machine, I want to do 'sed ... | sed ... | sed ...' instead of the nominally more efficient 'sed -e ... -e ... -e ...' because sed is single-threaded and if I have several costly patterns, multiple seds will parallelize them across those multiple cores.

cks, to random
@cks@mastodon.social avatar

Welcome to the cursed knowledge show, X Window System edition, featuring "backing store" and "save-under".

cks,
@cks@mastodon.social avatar

Blog post: An illustration of how much X cares about memory usage https://utcc.utoronto.ca/~cks/space/blog/unix/XServerBackingStoreOptional
tl;dr: if another window covers up part or all of your window, the X protocol allows the server to throw away those parts of your window, stop you drawing new things to them, and then require you to repaint them later, all so that the server doesn't have to allocate an off-screen buffer for your pixels.

(X clients used to render 'directly' to the screen, not to an intermediate buffer.)

cks,
@cks@mastodon.social avatar

The next bit of the cursed X Window System knowledge show will be about how it's all windows, all the way down. So many windows, at least if you write X clients the way that the designers of X expected you to, instead of how everyone does it today.

(That it's windows all the way down intersects with how X supports and sort of assumes server side graphics rendering.)

cks,
@cks@mastodon.social avatar

Blog post: A peculiarity of the X Window System: Windows all the way down https://utcc.utoronto.ca/~cks/space/blog/unix/XWindowsAllTheWayDown
tl;dr: the original idea of how you would program X apps is that most UI widgets and elements would be protocol-level '(X) Window' objects, in a whole tree of them. This was likely designed to allow various clever tricks to reduce client/server traffic, but it pretty much required server side rendering (of basic X graphic elements). It's now fallen by the wayside.

cks,
@cks@mastodon.social avatar

Today's cursed X Windows System knowledge is about how X has two cut and paste systems and they don't interoperate, because after people used the first system for a while they realized it had limitations and was kind of a bad idea but of course it couldn't be replaced. Do all programs support both? No, of course not.

Reading material: https://utcc.utoronto.ca/~cks/space/blog/sysadmin/XCutAndPasteHistory
https://www.uninformativ.de/blog/postings/2017-04-02/0/POSTING-en.html
https://utcc.utoronto.ca/~cks/space/blog/unix/XtermModernCutAndPaste

cks, to random
@cks@mastodon.social avatar

In re people bypassing infosec policies at work, I feel that infosec should understand that "getting your job done" is everyone's first priority, because in this capitalistic society, not getting your job done gets you fired. You might get fired if you bypass IT security, but you definitely will if you can't do your work. Trying to persuade everyone that it's IT's fault, not yours, is a very uphill battle and not one anyone wants to bet on.

(This is sparked by https://mastodon.social/@lcamtuf@infosec.exchange/112034739819554170 )

cks, to random
@cks@mastodon.social avatar

Blog post: Our probably-typical (lack of) machine inventory situation https://utcc.utoronto.ca/~cks/space/blog/sysadmin/WhyNoMachineInventory
tl;dr: we have any number of different pieces of software that have some list of machines (eg DNS, Prometheus monitoring), but no global list of machines with characteristics and etc etc that we could vaguely try to derive all the other lists from.

(Sparked by a Fediverse conversation.)

b0rk, (edited ) to random
@b0rk@jvns.ca avatar

poll: do you use git on the command line or in a GUI?

(you can pick more than one option if it’s a mix of both, sorry magit users I didn't have space for you in this poll)

cks,
@cks@mastodon.social avatar

@b0rk I voted command line + GUI, with the latter being for my Magit usage (and I guess Github blame view). I use the command line for pull, rebase, log, diff, and many blame operations. I use Magit for committing things, especially selective commits, and thus for checking diffs before I commit and so on. (And some use of git-timemachine in Emacs to move back and forth through the history of a file to track things.)

But my git use is odd since I track and monitor a lot of upstream repos.

cks,
@cks@mastodon.social avatar

@pro @anime @b0rk The Github blame view has two killer features for me for picking through the history of changes to something: it gives me immediate access to the commit and especially a 'git blame' view of the file as it was just prior to that change. The latter is extremely compelling for jumping back through the history of a function or a constant or etc (which I do a lot as I try to understand something in other people's software).

cks, to random
@cks@mastodon.social avatar

Tomorrow's Toronto evening weather forecast features icy rain, up to 70 km/h wind gusts, and warnings of potential icy pavement from a rapid temperature drop. I will bike commute in a lot, but probably not that (not any more).

cks,
@cks@mastodon.social avatar

Toronto's forecast of a (small) weather apocalypse didn't come true after all, although the temperature did crash (from a high of 16C to -5C now). I could have gotten away with biking today for my commute, but I don't feel too bad about not doing so. If I had biked and the weather had been as forecast, it would have been pretty grim.

(Sometimes bike commuting decisions are about risk minimization.)

cks, to random
@cks@mastodon.social avatar

It has been '0' days since I've been irritated by the Bourne shell syntax quirk that you can't write 'command &; othercmd'. You have to write eg 'pkill dhcpd; dhcpd & tail -f /var/log/daemon'.

cks,
@cks@mastodon.social avatar

@penguin42 Yes. It works, it's just irregular, you have to remember that if you want to run a command on the command line after a backgrounded command, you can't use ';' as the separator.

landley, to random
@landley@mstdn.jp avatar

This could charge from a regular U.S. household outlet:

https://www.theverge.com/24083014/microlino-lite-microcar-moped-license-price-specs

Weatherized golf cart with a top speed of 28 miles an hour and 110 mile range from a 11k kilowatt hour battery. So about 4 hours of full speed driving on a full charge.

American household outlets are rated for 1440 watts continuous output, 11000/1440 = 7.64 hours, say 8 with losses to heat. So you get a full charge overnight.

If you crash, you have a seatbelt in a steel box and you were only doing 30.

cks,
@cks@mastodon.social avatar

@gnomon @landley I like bikes, I bike a lot, but I think 'protection from the weather and you sit down comfortably and it's stable' is an extremely attractive proposition to a lot of people. Especially for longer trips.

(I bike in the Toronto winter and it's not great, and you absolutely need special studded tires some times to be safe.)

bitprophet, to random
@bitprophet@social.coop avatar

smoke detector false positives 😩

smoke detectors whose hush buttons don't appear to work 😠

smoke detectors which have to be too high up for anything but a full-on ladder to reach 😡

cks,
@cks@mastodon.social avatar

@bitprophet It's fun how these days I look at pictures of soaring house foyers and the like with dangling lights and all and think 'that's nice but are you going to build a scaffold each time you have to change those light bulbs?' Or go past houses with exterior canlight style lights on the underside of their 2nd or 3rd story eaves (it's a thing in Toronto for some reason, I guess it looks cool).

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • rosin
  • mdbf
  • tacticalgear
  • osvaldo12
  • InstantRegret
  • DreamBathrooms
  • cubers
  • magazineikmin
  • thenastyranch
  • khanakhh
  • Youngstown
  • slotface
  • kavyap
  • megavids
  • ethstaker
  • tester
  • GTA5RPClips
  • Durango
  • modclub
  • Leos
  • ngwrru68w68
  • everett
  • anitta
  • cisconetworking
  • provamag3
  • normalnudes
  • lostlight
  • All magazines
    •