FYT #1: New Firefox 1.5 Beta. It's great: wicked fast, and they've added drag-n-drop tabs. Slashdot comment pages render in a heartbeat. But it's pissing me off right now for two reasons. First, the Profile Manager only seems to come up if no other Firefox window is running. If there is another window running, it comes up with that profile no matter what arguments you pass (-P, -ProfileManager, -P Profile Name, ). (When I was first writing this entry, I tried that last one just to make sure. When the current profile came up yet again I closed it -- but closed the browser window that had this entry, too. I'm writing this in vi in an xterm now.)
This is irritating because I have two profiles: Default and Wide Open. Default is where I spend nearly all my time; Java, JavaScript, pop-up windows and flash are turned off; AdBlock shoots to kill; animations go once and then stop; I'm asked about cookies. I hate dancing baloney. Wide Open is where I go if I need to visit my bank's website (it's not that wide open, of course), or if there's something that won't work in my Default profile that I'm convinced is worth the effort (which doesn't happen often). Keeping two profiles is much easier than toggling all that nonsense each time.
Second, a lot of the extensions I love aren't yet ready for 1.5 (or at least, don't say they're ready...I seem to remember when the upgrade to 1.0 happened that you could edit some of the extensions directly and just lie about what version was required). Adblock is running -- if it wasn't for that, I don't think I'd be using the new version at all. But Session Saver, Sage and Mozex aren't, and I've come to rely on them. We'll have to see.
FYT #2: I went into work this morning to reboot a couple of servers. I'd let everyone know about it, and got up with my wife at 4.45am. But when I got to the building, the card that let me in the front door would not make the elevators go -- they just sat in the lobby waiting for, I don't know, drugs or Jesus. (Double punishment!) I'd used the card before to make the elevators go, so WTF? (Stairwells are not an option; you can't get into your floor [or any other] using your key or any access card.)
After failing to find a security guard anywhere, I called tenant services for the building. They said that the elevators might be turned off, but they couldn't be sure; I could get a better answer calling back during the week. (Fair enough, since our building's managed by a company that owns buildings all across Canada.) Oh, and security starts at 8am. Fuck. I'll have to reschedule for during the week, but after making sure that I can get in at 6am. Double fuck!
FYT #3: Why am I rebooting servers? Good question: they're running FreeBSD, after all, so it's not like it should need to happen all that often. The answer is: because amd sucks ass through straws. Not only does amd:
create a mess of symlinks (people who complain about SysV init
symlinks messes need to look at amd: /home/foo symlinked to
/net/machine/home/foo symlinked to /.amd/_mnt/machine/host/home/foo,
the only place the directory is actually mounted) (interesting: quick
Google for sysv init symlink turns up this post by my
namesake)
interact badly with FreeBSD symlink caching (okay, FreeBSD's fault maybe)
but it will also get wedged sometimes, requiring a reboot -- and
don't talk to me about the -r option for amd, because that simply
doesn't work.
F'r instance: a while back one guy at worked moved from FreeBSD to Linux. I took the opportunity to give him a bigger hard drive; he'd had a second one, mounted at /home/foo/scratch, because he'd run out of room on the first. Unfortunately, one of the servers in question had /home/foo/scratch mounted at the time through amd -- and when his machine came back online w/no scratch directory, amd/NFS refused to umount it and refused to mount his home directory, because the bogus /home/foo/scratch was blocking it. That's what this morning's reboot was meant to get around. Okay, again, not all amd's fault -- NFS and me, not in that order -- but still.
I mentioned two servers, though, so what about the second? Aha, that's the symlink caching thing. We get around this by running a newer version of amd than is supplied w/FreeBSD; it doesn't have quite so many problems. But I'd missed the second server, and it didn't have the pointer to the newer version of amd. Again, my fault -- I should've caught this a long time ago -- but dangit, it shouldn't be necessary to do this just to restart amd. (I'm setting up cfengine to catch this sort of thing. cfengine rox.)
Minor update re: earlier problems with Vinum and a Maxtor IDE card: I picked up a new RocketRaid 454 that was reputed to work much better, plus had four controllers rather than two. Cheap, too -- $135. Long story short is that it still caused problems, I think; the machine seized up again in the middle of backups, apropos of nothing and with no message or panic. (Took a while for this to happen, though, so it was an improvement. I think I should've taken to heart the warning I got a while back that Vinum was not the most stable of code.
I decided this week to get Amanda working properly at home. I've got an old DDS3 tapedrive in Francisco, my FreeBSD firewall box, but all I've been doing so far is tarring to it once a week.
Setting up Amanda wasn't much of a problem, but I kept getting short write errors -- the damn thing was giving up and saying the tape was full after only about 3GB. I decided to run amtapetype, which takes about two hours per run with my hardware, in order to figure out exactly how much space I had. The first time, it said 2GB. WTF? The second time, the drive crapped out with errors about how a power reset had been detected. I decided to shut down Francisco and reseat the cables just in case. No problem, right?
Wrong! When I brought up Francisco again, it refused to boot -- lots of scary errors about how the hard drive couldn't be read, or found, and maybe the LIES about having a hard drive present should just stop now, huh? Francisco is old: it's an old P90 scrounged from an old job, stuck in this black case with non-working LEDs and a Punisher logo someone poked out in toothpick-sized holes on the front. No cooling fan, four ISA slots and three PCI, and I had to jiggle the BIOS so that it would boot from a 100MB partition at the beginning of an 80GB hard drive. Seems like as good a time as any to simply replace the damned thing...
...but first, a firewall. I tried booting it from an old laptop hard drive I had around, but that didn't work. I tried getting it to boot from a Slackware Live cd, but the whole concept of booting from a CD just made Francisco huddle in the corner in the fetal position.
Nothing else for it: it was time to do The Bad Thing. I grabbed one of the ethernet cards from Francisco, shut down Thornhill (P3, 500MHz, web and DNS server, Slackware and 2.6.7 kernel) and threw it in. A quick module recompile for tulip^Wvia-rhine and that was up; some judicious editing of the firewall set it up for NAT. Ph35r m3!
(Side note: Man, it's been far too long since I set up NAT on Linux; I still don't really understand what I've done. I've worked with FreeBSD for firewalls almost exclusively over the last four years, and I have some serious catching up to do.)
So now the question is: what do I do to replace Francisco? I know, finding a Pentium similar to Francisco is not that hard at all. But dammit, I'm tired of big, noisy boxes that are just waiting to die. I want something small, quiet, and reasonably new; I don't want to be fiddling with it, or worrying about it running out of memory (I tend to run far too much on a firewall, and 92MB of RAM just aggravates the problem).
It's complicated a bit by the recent heat-death of Hardesty, a 300MHz Celeron that had, 'til recently, been my desktop machine. I'd been hoping to replace or upgrade that, too; I've gotten quite used to a fast processor and lots of memory at work, and 15 seconds to render Slashdot's front page seems less like acceptable and more like a sign that civilization is in decline.
So...one option is a VIA Epia Cl6000. Dual ethernet, fanless goodness. That, and a case -- unless I decide to build my own Bubba can computer -- and some memory, and maybe a hard drive or maybe PXE booting. Whee! That'd make a pretty decent firewall and fileserver, no question.
But another option would be to let Thornhill keep doing the firewall thing, even though it's a webserver and should, like, rilly be outside the firewall, or at least in a DMZ. I could do something really funky like run Apache inside User-Mode Linux. Or maybe my own stuff, although I'm sure X would be a bear to get working.
A third option would be to keep using Francisco, but w/o a hard drive: let it PXE boot and do all the firewall stuff that way, totally stateless (well, hard drive-less). That could be interesting: almost no moving parts at that point. That would let me get a Mini-ITX something-or-other to use as a desktop machine. They're not the most powerful processors around, but when you can compile a kernel in 6 minutes, who the hell cares? Or maybe a Shuttle, so I could keep using my video card. Hm...
Well, enough of that for now; my cat needs chasing. And anyhow, King of the Hill season premiere tonight! @Woo!