Daisy, Daisy, give me your patches, do

Holy crap, I'm busy these days. First off, it's MS patch week. That means I'm in here on a Saturday afternoon patching by hand. Yes, you're right, it's very ugly; this is why I'm trying out a couple of things that I hope will make it easier. The first is Daisy, a program (and by the way, the next time someone says "solution" when they mean "program" ah munna punchem inna cock) from the University of Virginia Virginia Tech (thanks, Joe) that

• automates Windows patches, and
• is Free Software. Yay!

It has a couple problems that seem mostly due to the program they use to scan for missing patches -- always seems to say that the same three patches are needed, whether or not they've been applied -- but overall I'm quite happy with it.

The next thing I'm trying is running Daisy remotely, by installing Cygwin and SSH on each of the machines. Unfortunately, this isn't working so well; the same command-line options that work from a local shell (whether Cygwin or cmd) just don't when I'm logged in by SSH: it says that it can't see that any patches have been applied, tries to download 'em all from the local repository I've set up, and is very unhappy when they're not there.

Next thought is to try installing crontab and shutdown with Cygwin and use crontab to run Daisy (or other patches) locally. That has problems too: Cygwin looooooves updating everything, and if you've (say) installed Cygwin a year ago and haven't bothered updating it since, it runs around trying to download newer versions of everything. What's more, there's no way to turn off that behaviour in the installer...very annoying. I think I'll try installing crontab and shutdown individually (managed to find a script a while back to do that properly), and see how it goes. Of course, since I've just applied all the patches for this month, it's gonna have to wait.

Which is fine, because second, I found out on Thursday that a dozen people are moving to a temporary office for two months, they'll be there May 2nd, and I have to make sure they can still work while they do that. A bunch of them are doing nightly regression tests; this means their files will need to be here, but a 1Mb/s cable link and X forwarding is gonna be mighty painful. (Or so I'm told...why they can't just use SSH and vi for everything is beyond me...grumble...)

I called around to see if anyone could set up a temporary LAN extension over fiber or some such, for two months, with two weeks' notice. HA! Not a chance: a six-month contract and a six-week lead time was the best anyone was willing to offer. But hey, not a problem -- the new place is maybe 150 metres away as the crow flies, and we've got line of sight in between here and there -- hell, I can see the corner office from here.

So I called up Telus and asked them if they could do this. "Sure can!" said the bright young man I was dealing with, and you could hear the wind from his enthusiastic nodding. "We'll do 802.11g between here and there. It's perfect! And it only takes 8 weeks to do a site survey!" I reminded him of my two week deadline. "Not a problem! We'll just convert it after the move to wireless Internet access over your entire office! The boardroom, the desktop, the kitchen...and we remotely monitor it to prevent intrusion! We'll use whatever authentication standard you're using! We try to stay away from WAP, but we can use WEP if you like!" Sigh...okay, how much? "Forty-five thousand dollars. How soon do you think you'll be able to take advantage of this opportunity?"

Fortunately, I found another ISP that's interested in mounting an antenna on the roof just to be able to offer their service to other tenants. Looking good so far. And since they offer gigabit Internet access for $500/month, I'm thinking the price can't be that bad. (Yeah, gigabit 'til the first router that isn't theirs. But still.)

Third, I'm still trying to get the Promise VTrak up and running here. Still running out of space, still haven't had much time to play around with it. Well, except for today. Starting to find a couple things that are annoying (besides the GPL violations, I mean). First off, it looks like changing the cache policy on a logical drive (ie, from write-through to write-back) requires a reboot of the array itself (!) to take effect. Second, even without changing the write-back policy, it looks like a reboot of the array makes a newly-created logical drive orders of magnitude faster -- ie, bringing it up to an acceptable speed. (I'm not certain of that, though, so grain of salt etc.) Third, no MIBs/OIDs -- whatever the proper term is -- for SNMP are shipped with the documentation...still trying to get this out of Promise.