VTrak 15100: Promise _almost_ follows the GPL

Welp, Promise has come through on the first part of the GPL: they've put up the source code on their FTP server (look around, not that hard to find...) for Busybox and a Linux kernel. Looks like the kernel tarball is a copy of 2.4.18, and Busybox is 1.00-pre3. I'll be grabbing original copies of each and see if I can find any differences.

In the meantime, I've put up both on my website (though see below re: further GPL obligations, and note that I do not vouch for or guarantee the integrity of these tarballs -- for all I know, I've got a bunch of cunningly renamed source files for SoBig). --Woohoo, there's even .config files in both! Next step is to convince them that Sections 3a and 3b (hand out the source with the binaries, or offer to hand out the source for the binaries) is just as important as giving me a copy. But kudos to Albert Dy, Technical Support Manager at Promise, for working with me on this.

Tags: gpl

Double_plus_weird_

title: Double plus weird date: 2005-04-08 05:25:49

1. Someone found my blog by Googling for "what in fucks name do i need to open .ELF files".
2. When I do that search myself, the Google AdSense banner that comes up says "You Can Break Free From internet pornography quickly and easily if you really want to."

Tags:

Matlab_and_debian_

title: Matlab and Debian date: 2005-04-07 17:16:35

A few tips for installing Matlab on Debian:

1. Debian does not mount devpts by default (at least, not on my installs). You'll need this. Run: mount -t devpts devpts /dev/pts and then put it into /etc/fstab.
2. oscheck.sh, part of Matlab's many startup scripts, attempts to run /lib/libc.so.6 in order to get the version. I had no idea this could be done. One email I found on Google suggested changing the line in the script that ran libc to one that just took the version from strings...but then Matlab support (who were great, btw) suggest chmod +x. That never occured to me...I mean, it's a library, right? But it worked.
3. Debian (my installs, anyway) mounts /cdrom with the noexec option. This causes an error when you try to run /cdrom/installer: /bin/sh: bad interpreter The solution, of course, is to mount the CD like so: mount -o exec /cdrom

Re: that last step: Don't forget to do this for the other CDs! Shocking confession: I did forget, and I'm pretty sure the graphical installer did not catch this. I was left with a nominally successful install that simply did not work when I tried to run it graphically: it would hang at the splash screen and eat up 99% of the CPU time. I fucked around with strace, tracked down file descriptors and I don't know whatall until I finally tried reinstalling on a local machine. The install was as root, but root couldn't connect to the X display so I ran it as a text-based installer...whereupon I noticed that it complained that it couldn't run the installer on the second CD. Well, fuck. Another problem I had was with the path: for some reason it wasn't set up correctly, and when I started I got errors about colordef: undefined function. When I tried to follow the suggestion and run restoredefaultpath;pathdef I got an undefined function error for that, too. Matlab support provided the solution for that: remove the old toolbox/local/pathdef.m, run genpath.sh (a script downloaded from their website), and run Matlab again. It seemed to take a few restarts of Matlab before the new path took, but now that it has everything seems to be working again. Again, thanks to Matlab support for helping me out...prompt, patient and helpful.

Tags:

The_size_of_watermelons

title: The Size of Watermelons date: 2005-04-01 20:45:59

The two Adaptec 39160 SCSI cards came in at last, so I had a chance to play around with the Promise VTrak 15100 last night...though only for a couple hours, and without much luck. I could create a test array on the VTrak (I've got four drives in there now for playing with), but I was unable to get the FreeBSD box to see it. I played around with camcontrol devlist and camcontrol rescan for a while, but no joy.

For fun I tried booting Knoppix 3.6 and had the same result: the box found the SCSI card, but not the array the Promise firmware said was there. Possibly important datapoint: the Adaptec BIOS found the Promise at Channel B, ID 1, but said it was not a hard drive. Hm. I'm putting this down to ignorance and inexperience right now; this is the first time I've played with external drive arrays, SCSI hard drives, and FreeBSD/Linux. I may need to resort to reading the instructions from Promise (though they're pretty thin...).

I got a look at the network wiring plans for labs for our new place (have I mentioned that work is moving in June?). Sweet: three labs, 70-odd drops, managed switch in each and 2 x Cat6 from each to the server room. The offices won't be nearly so wired, which is a shame, but at least there's this.

I also had a chance to look into Asterisk. Right now we're desperately short on voxmail (less than half the staff has it) and have just run out of places to hook up more handsets. The phone equipment we have belongs to the other company on the floor (they used to have the whole floor, but kind of imploded); this means that we're reluctant to put many into upgrading something we don't own, but the move is an excellent chance to start fresh.

Unfortunately, I don't think Asterisk going to work out for us. Asterisk looks great -- from what I understand, and that's maybe half of what I read -- but we've bought a crapload of Meridian/Norstar handsets, and it looks like they speak their own special, non-Asterisk compatible protocol. ('Course, all this is just from half an hour's reading...) The simplest thing to do is plunk down for a Meridian/Norstar compatible...thing to do voicemail and such. PBX, I guess. There are ways around this. Some people put Asterisk between their Norstar PBX and the Central Office, and do some magic to make that work. Trouble is, we don't have a PBX right now -- just the handsets.

Another option is to sell the handsets (at least one company has offered to buy whatever we want to sell) and buy VOIP phones, or just buy a bunch of adapters that turn our current phones into regular analog phones. This would require hiring some kind of consultant or contractor, though; I don't know nearly enough about this to try doing this on my own. It would be one thing to try it at home (hm...no, after the PVR), but I just don't have the chops to try it at work. Anyone know an Asterisk/VOIP guy in Vancouver? -- Actually, I think I know one guy who might do this sort of thing; I should give him a call.

Managed to clear a bunch of stuff off my todo list today -- ordered $500 worth of patch cables, PO for more software licenses (ugh), RMA for some wrong stuff I ordered, yadda blah -- but that's the easy stuff; I've still got network upgrades, the VTrak, we're running out of Unix machines (o the irony, as we gradually shift to a Windows shop), two big software upgrades to install, and maybe ten new people being hired over the next month or two. I've reminded my boss that I still need help. If anyone out there is strong on Windows but still can do Unix, and you're in/near Vancouver, BC, let me know; I need a fellow sysadmin who can take a problem from either side of the fence.

Tags:

Howto:_move_a_bunch_of_files_with_spaces_while_translating_to_lowercase_

title: HOWTO: Move a bunch of files with spaces while translating to lowercase date: 2005-03-30 20:55:48

Here as a reminder to myself, and in case it'll save anyone else some time. Ugly, but it did work:

find /cdrom/ -name *.mp3 | \
        sed -e'h;  # Copy file name to holding space
               s/ /\\ /g;  # Escape the spaces
               x;  # Exchange the holding space with the working space
               y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/;  # stupid sed lower-case trick
               s/ /_/g; # space to underscore
               s/_\([-\.]\)_/\1/; # change _-_ or _._ to - or .
               s/_\./\./; # almost the same
               s#^/cdrom/##;
               s/\(.*\)-\(.*\)\.mp3/\2-\1.mp3/; # song-artist.mp3 -> artist-song.mp3, the way God intended
               H; # append to holding space...
               g;  # then grab the holding space back into the working space
               s/\n/ /; # H appends with a newline, so take it out
               s/^/cp /;' > /tmp/foo ; sh /tmp/foo  # Sheer ugliness

This copied a bunch of files on a CDROM named things like A BIG LONG FILE NAME - BAND NAME .mp3toband_name-a_big_long_file_name.mp3. Ordinarily I'd do this sort of thing in perl, but I got started in sed and was too obstinate to stop. In other news, I've got some weekend work coming up. There's a bunch of upgrades I haven't had a chance to get to lately -- going away for a week doesn't help, admittedly -- and it's time to get cracking. This Saturday it'll be replacing three dumb, crash-prone 24-port Linksys switches with three 50-port (48 10/100, 2 10/100/1000) Procurve switches. This'll give us VLANs, more MRTG graphs, and 50-odd badly-needed ports...not that we have the drops for it. Next up is some rack rationalization. I've got three racks, two of which belong to us and one of which is good (it's from APC, who have rocked so far). Unfortunately, the good one is going to have to be 'way far away from the Procurves...simply don't have the room or the electrical 'nads to hook it up. (In case it's not clear, I'm dealing with some serious growing pains with our network.) Some servers'll be moved around, and I rather suspect that'll be next Saturday -- the Saturday after MS releases their next security update. Dodged a bullet in March, but what are the odds it'll happen 2x in a row? That's what I thought. Hopefully sooner than that is some work on the Promise VTrak 15100; the order for the SCSI cards got dropped on the floor, so they're not coming in 'til tomorrow or Friday. I'll be able to get a better idea of how much I like it at that point, but I'm not impressed with Promise The Company(tm) so far. Here's why:

1. The web page for the 15100 originally said it was manageable by SSH. BZZT -- telnet and HTTPS only. They've corrected it since I brought it to their attention.
2. Still waiting to get the SNMP OIDs. It's no good running snmpwalk if you don't know what you're looking at.
3. They run Linux on the thing and use the busybox utility, but they're not distributing source. I've talked to a manager and need to call him back, so this is very prelinary, but: so far I've been told that the changes they've made to the kernel (they keep ignoring busybox) are proprietary and so I can't have the source. To be fair, the mgr. I've been talking to has promised to follow up on this, so we'll see how it goes.

None of this leaves me with a good feeling so far.

Tags:

NWR04B: Documentation, Take 2

I've started to post information on the Network Everywhere NWR04B recovered from the wiki here. Pretty rough at the moment, but I'm working on it. If you've contributed something to the wiki and would like your name in credits in the revived pages, please let me know.

Tags: nwr04b

NWR04B: Still trying to get Linux booting

I'm finally working again on the NWR04B. Right now my focus is trying to get a kernel booting, but I'll be satisfied with any kind of response from the damn thing. Right now, this is as far as I get: Verifying product code......PASS
Boot Product Code!!! And there it sits until I power cycle the thing. Crap. I've got a pretty steep learning curve here. First off, I haven't worked with the ARM architecture before. Second, I haven't ported Linux (or anything) to another architecture before. (I'm not really porting stuff here -- the hard work was already done by the HRI and Codeman. But the experience would definitely help.) Third, I know very little about assembly; I've got a copy of a really good ARM assembly guide, but I'm just not used to thinking at such a low level. Fourth, I still have not disassembled the bootloader that comes with the existing, vendor-supplied firmware, so I really don't know what state everything's in when the kernel comes up. Fifth, I don't have a JTAG adapter on this thing. As a result, things are going slowly. I started by assuming this sequence of events:

1. The bootloader sets up the serial port, and decompresses application.bin.
2. Application.bin is copied to RAM.
3. The memory map is flipped. (This is in the datasheet. Before, flash memory starts at 0x00000000 and RAM starts at 0x20000000; afterward, it's the other way around.)
4. The CPU jumps to 0x0, and execution continues from there; this is the Linux kernel initialization and decompression routine.

By disassembling the compressed Linux kernel, I can see that it should work -- ie, there's no need to (say) jump to some random address within the kernel to start working. (It's good to confirm these things...) But the lack of any response at boot time, even with verbose kernel debugging messages turned on, is disheartening. I had a look at the uClinux file arch/armnommu/boot/compressed/head.S, and realized that it might be missing some definitions for putc; this is architecture-dependent, and everything's wrapped in if 0. I tried putting in this:

#elif 1 /* my attempt at cx84200 serial debugging -- assuming that the address for mov is uart0*/
                .macro  loadsp, rb
                mov     \rb, #0x90000000
                .endm
                .macro  writeb, rb
                strb    \rb, [r3, #0]
                .endm

According to the datasheet, the byte at 0x90000000 is where "UARTDR, data read or written from the interface" goes. I'm assuming that means you put a byte there, then magic happens, then that byte is written to the UART. Still no response. I tried taking out the #if/#endif statements around debugging statements, to make it all as verbose as possible -- still nothing. However, with the judicious use of dd I've been able to cobble together a silly little "Hello, world!" in ARM assembly, and I'm able to get that to boot (well, print). This confirmed I had the basic sequence of events correct. What's more, I was able to insert this little bit into various places at the beginning of the kernel, and confirm how far along things were going. The answer is: not very. I've been following along in head.S, and I can see where the debugging information should be printed -- but it just doesn't. What's strange is that by mistake, I inserted helloworld at a non-four-byte boundary -- at byte 70, not 72 -- and then I got a response from a routine in head.S that prints out the first 256 bytes of the uncompressed kernel...and then nothing after that. So close!

Tags: nwr04b

Finally..._

title: Finally... date: 2005-03-25 16:08:40

...getting closer to getting my wiki pages back, through a nasty combination of awk, sed and perl. I'll put up the script once I'm happy with it, in case it's useful to anyone in the future. After that, the next thing is to try again with the kernel for the NWR04B; it's been sitting on the back burner for a while now. Though it's hard to tell if it's working or not...I might have to try to get a JTAG adapter working first. Another thing to do is upgrade my wife's computer, maybe. Right now she's running RH9, and of course there's no more RH releases. I could try moving to Fedora Core, but bleah...I never really learned to like RH anyway. I'm downloading Ubuntu right now: install and live ISOs of the Hoary preview, for Debian goodness with a Gnome desktop. We'll see how it goes.

Tags:

Heads_up..._

title: Heads up... date: 2005-03-11 20:56:34

I'll be away for a week, so no updates on the router. I'll be turning off comments on the blog to keep asshole spammers at bay...sorry about that. For the record, here's where things stand: I've tried booting my own linux kernel but have failed; spammers got the wiki, which is where all the info was about serial ports and such; I've recovered the wiki markup from backups, and the next step is to make it HTML again.

Tags:

HOWTO: Recover from old MySQL data files

Reminder for myself.

So you've got some backed-up MySQL table files (if that's the right term), rather than a proper dump. Untar them somewhere, and note the path to the data files -- say, /home/foo/mysql_recovery/data. Copy /etc/my.cnf to your home directory. Edit it and change the port to something different -- say, 3307. Run:

/usr/local/mysql/bin/mysqld --defaults-file=/home/foo/my.cnf --datadir=/home/foo/mysql_recover/data

Then run:

mysqldump -P 3307 --opt -u foo -p database > recovery.sql

Of course, all this could be prevented if you were running mysqldump nightly instead of just copying the data directories...

Tags: mysql

Pissed off

I am fucking pissed off. Over the last few weeks, I've been noticing attempts to spam the wiki on my website. The spammers would create a new page similar to one already existing, and fill it full of links to Russian linkfarms (right term? who cares?). It was annoying, and I figured it would only get worse, but I didn't get too worried. I deleted the pages, blocked the IP address (it was all coming from one open proxy), and watched the changes page for further action. Last night I checked the changes page again. It was late (well, sort of; it had been a long day) and I was making one last check before going to bed. Just to make sure that everything was okay, you know? Every single fucking goddamned page had been vandalized. Every single page that I had put up had been replaced with spam, and there were a dozen new pages with even more spam. Over the course of maybe four hours, all my work had been removed. My only consolation is that Google had not visited the wiki since the changes had been made. There were maybe a hundred pages to revert. And PHPWiki, the software I was using, sucks ass through straws when it comes to reverting changes. Check this out, ladies and germs:

• There is no easy, documented way to revert to a specific revision of a page using the web interface. The version I was using (1.3.4) forces you to go edit an old version, then save that version. The new version I tried upgrading to (1.3.10) allegedly has "action=revert", but I was unable to get this to work: it appeared to do nothing different from "action=edit". To be fair, this may be because the spammer seemed to edit most pages multiple times, perhaps to get around action=revert. But why couldn't I find any documentation on this? All I could find was this page and the words "See action=revert".

• There is no easy way to revert to a specific revision of a page using the database directly. Check it out: The database appears to store metadata in a column dedicated to compressed, cached markup. That's right: instead of breaking out metadata like revision, author IP and so on into a separate table, it's stored in the middle of a big gzipped, serialized PHP object. This means I can't do something like "delete from version where versiondata like '%10.0.0.1%'"; going to the page I've done this on hits an assert in the code that appears to check that the revision listed in the cache column is available in the pagedata table. Whee! Let's get all our programming ideas from MS Office!

As a result, I'm pulling a backup of the database from Friday in order to get the old pages back. I'm going to dump the pages to HTML, figure out how to script whatever changes I want to make, then leave PHPWiki forever the fuck behind me. Shame, really, 'cos I do like the ease of use of Wikis. But I do not have time for this fucking nonsense. Shame on me for not remembering these words:

Someone challenged me, Well, how am I supposed to continue hosting these low-barrier discussions? I'm sorry, but I don't know. To quote Bruce Schneier, "I feel rather like the physicist who just explained relativity to a group of would-be interstellar travelers, only to be asked, 'How do you expect us to get to the stars, then?' I'm sorry, but I don't know that, either."

Those of you looking for info on the NWR04B, please continue to leave comments on my blog. I'll get the documentation from the wiki back as soon as I can.

Tags: spam rant

Someday

title: Someday date: 2005-03-05 11:59:11

I want one of these.

Tags:

Idea_

title: Idea date: 2005-03-05 11:57:07

I'm listening to CCC: Revolved right now. It's not bad; She Said Traffic and Close To No One are quite good. But you just know they're a lawsuit away from being yanked from the net. Why not just publish the source code for these mash-ups? Assume the person making it finishes mixing Iron Maiden's Run To The Hills with Modest Mouse's It's All Right On Ice, Alright. Instead of writing an Ogg, their editor publishes a Makefile: take the first eleven seconds of this song and loop it while playing the last eighty seconds of that song through an echo plugin, then play the bit from Dirty Harry where he says "well, do ya, punk?" You download the Makefile and compile your own Ogg using your own sound files. I'm sure the record companies would find a way to complain (ie, sue), but this would partly be the point: are you allowed to do things with your own media or not?

Tags:

NWR04B: Checksum solved!

I finally figured out the last bit (well, at least the last bit that varied significantly) in the checksum for the NWR04B firmware. I've updated the wiki and the checksum program. The program not only lets me duplicate the firmware I've already got (ie, it puts the bits back together so that they match the original), but lets me crash the router in new and interesting ways.

Just for fun, I tried making an image from the original hack's root filesystem. I was able to get the router to apply the upgrade, but (surprise!) nothing happened when it rebooted -- it verified the checksum then did nothing, and I had to upload an old firmware image by Ymodem over the serial cable. But hey! Progress!

Tags: nwr04b

Easily amused

Welp, the Promise array is here at last. I don't have any disks yet -- they're coming in next week -- but I've had a chance to play around with the firmware. First off, it's running Linux, just like JWSmythe said. The firmware that came with the box said "Now uncompressing Linux..." at boot time; it may be indicative of something that the newer firmware says "Now uncompressing kernel..." Promise doesn't mention anywhere on their website that the 15100 uses Linux, which surprises me a little. They also don't offer the source code anywhere. I've sent 'em an email asking about that; their autoresponder said I should hear about that today.

Second, I've yet to figure out how to enable SSH on the thing, and I'm increasingly lacking confidence that it even offers this, even after the firmware upgrade. Naturally, this is in strict contrast to what's listed on the website. I've sent them an email about this.

Third, I've yet to figure out how to monitor the thing by SNMP. I can run snmpwalk, sure, and I get info back, but but I don't see anything like network traffic or disk stats or anything. (Compare and contrast with the PDU from APC, which included the SNMP schema [if that's the right word] on the CD.) Then again, this may be because I haven't got any disks in there. We'll see.

Fourth, it looks like there was corruption of the firmware. Got it in yesterday, booted fine, upgraded firmware by TFTP, all good, turned it off before going home (and not for the first time that day, either). This morning I booted it, and things were just wrong: the network address was obviously bogus and couldn't be changed, various menu entries were showing garbage instead of "Promise VTrak 15100" or whatever, and so on. I called tech support, who told me the secret:

1. Reboot.
2. When booting, hold down ctrl-F to get to the BPD prompt (which is some sort of bootloader prompt).
3. Type "diag".
4. Select "Clear or Test FRAM".
5. Let it do its thing.
6. Quit the diag tool.
7. Type "reset" to reboot.

Note: if you fry your array by following this advice, you're on your own. But it worked for me. Of course, this doesn't explain why it happened in the first place. I'm going to be watching it carefully.

Funny moment: While waiting for me to figure out how to reboot the array [which took a few minutes because of the menu corruption I called to complain about], the techie I was talking to was having a conversation with someone else. "Are you reading? [pause] Okay, are you working on projects? [pause] It's okay if you're using the web to work on projects. [pause] But if you're just surfing the web looking for a job, that's not working on projects."

Second funny moment: The warranty registration page on the Promise website asks for suggestions and comments to "help us imporve in the future." Third funny moment: When registering the extended support, the page that asked for the value of the product purchased barfed with "Internal Error" when I put a dollar sign in the amount. (Okay, so I'm just easily amused.)

Finally, it's just plain odd to be asked for your bona fides by your power bar:

1. Access: Enabled
2. Protocol Mode: SSH Version 2 only
3. Telnet Port: 23
4. SSH Port: 22
5. Advanced SSH Configuration
6. Accept Changes : Pending?- Help, esc- Cancel Changes, enter- Refresh, ctrl -L- Event Log > 6 LICENSE AGREEMENT By enabling this security feature, you are agreeing to the following statements: A. This Product includes cryptographic software subject to export controls under the U.S. Export Administration Regulations. You agree to cooperate with American Power Conversion Corporation as reasonably necessary to ensure compliance with the laws and regulations of the United States and all other relevant countries, relating to exports and re-exports ("Export Laws"). You shall not import, export, re- export or transfer, directly or indirectly, including via remote access, any part of the Products into or to any country (or its nationals or permanent residents) or to any end user or end use for which prior written governmental authorization is required under applicable Export Laws, without first obtaining such authorization. By ACCEPTING THESE TERMS, you are representing and warranting that neither your use nor your receipt of any part of the Products requires prior written authorization under any Export Laws. You are responsible for complying with any local laws in your jurisdiction which may impact your right to access or use this product. B. By ACCEPTING THESE TERMS, you are representing and warranting that (1) you are not located in or a national of any U.S.-sanctioned or terrorist-supporting countries, (2) identified on the U.S. Treasury Department's List of Specially Designated Nationals, the U.S. Commerce Department's Entity List, or the U.S. Commerce Department's Denied Parties List; or (3) engaged in any proliferation-based or terrorist- supporting activities. Do you accept the terms of this license agreement? Enter 'YES' to continue or ENTER to cancel :

Tags: linux hardware gpl

Shelf_life

title: Shelf Life date: 2005-02-25 06:53:59

From a catalog page I found while searching for rack shelves:

Shelf life. That period of time your product remains viable. Sometimes the right shelf can expand shelf life. Especially if it's center-weighted so it won't tip over and destroy your heavier equipment such as monitors and servers.

Ah, Belkin. How I long to lick your creamy centre.

Tags:

It burns, Krusty, it burns!

1. Why the fuck does a goddamned accounting program addon require the user's fucking group to have full fucking control of HKLM? Huh?
2. Synergration. Syner-fucking-gration.

Tags: rant

NWR04B: Checksum closer for new firmware

Ha! In the Runtop firmware, there's the strings "Repotec" and "ip2014". Sure enough, a Google on the latter turns up lots of references to the IP2014 router from Repotec. This version of their firmware has the same structure as the Network Everywhere and Runtop firmware: bootloader + application.bin.gz. However, the firmware is much more similar to the RT bootloader (the one I haven't figured out the checksum for yet). The length is the same, but different md5sum. A quick diff of the hexdump outputs turns up this:

diff ../original_runtop/bl.hd bl.hd
1,4c1,4
< 00000000  06 00 00 ea 02 00 00 00  03 00 00 00 03 13 00 02  |................|
< 00000010  02 00 00 00 5f 6c 0a 00  cd 33 6e 05 67 02 00 00  |...._l...3n.g...|
< 00000020  13 00 00 ea 02 00 00 00  03 00 00 00 03 13 00 02  |................|
< 00000030  02 00 00 00 3f 6c 0a 00  4b 30 6e 05 c2 01 00 00  |....?l..K0n.....|
---
>  00000000  06 00 00 ea 02 00 00 00  0a 00 00 00 02 12 00 1b  |................|
>  00000010  02 00 00 00 6c 6b 09 00  26 27 e7 04 55 02 00 00  |....lk..&'..U...|
>  00000020  13 00 00 ea 02 00 00 00  0a 00 00 00 02 12 00 1b  |................|
>  00000030  02 00 00 00 4c 6b 09 00  05 24 e7 04 11 02 00 00  |....Lk...$......|

...which means this is where the checksum must be!

Tags: nwr04b

Toys,_freedom,_technocracy

title: Toys, Freedom, Technocracy date: 2005-02-19 11:13:27

I haven't posted in a while about work, so I thought I'd put in some updates here. Plus, I've come down with a cold, so I'm too sick to think hard about checksums for router firmware right now. :-)

I've been on the receiving end for some fun toys of late. First off, I've taken delivery of three HP Procurve 2650 managed switches; these are going to replace our dumb (and problematic, though a lot less so since I've been making it a policy to get rid of cheap-ass switches bought from London Drugs) Dlink switches. Not a moment too soon, either; we have 96 ports right now, and I think there are about four free. I think I'm going to have to get some shelves to install them in our current rack; it's one of those telecom ones, so they'd be hanging out behind, and I suspect they'd tip it right over. It'll be nice to be able to do VLANs, track traffic, and so on. My MRTG page is already getting big; this'll push it up to 11.

Next, I've received two Adaptec SCSI cards and some rack rails. Doesn't sound like much fun until you combine it with the Promise RAID array and the new four-post rack that's coming next week (allegedly). This'll take care of our disk space problems for a year or two; right now, I've got the home directories of our Windows users spread over four disks in two servers, and I'm running out of room on all of them. There's some stuff that could be cleaned up, but for the most part it's needed; we've got some wicked big log files for regression tests that, for example, have taken up the lion's share of a 200GB disk. The Promise array holds, what, 15 disks? At the very least I should be able to get a couple terabyte, which should be good for a while. (I did some calculations a while back; for as long as I've been at this company (2 years in April), our storage requirements have doubled about every 6-8 months, and there's no sign that it's slowing down.)

After that, we've got an evaluation copy of VMware 5. Just like the last time I checked out VMware, I'm using it to try out some Windows changes. Right now I'm trying out Daisy, a GPL'd automatic patch applier thingy for W2K. (XP support past SP2 will come with version 3; we're nearly all W2K, so it's not a big deal right now.) For the most part, I'm happy. There's a couple little things that are funky (W.Update sez no patches needed, Daisy sez 4 are needed) but it's a fuck of a lot better than going in every month and running W.Update manually (yeah, I know). So far I've been spending my time downloading all the fucking patches (<rant> Why the fuck doesn't MS have some sort of pattern for patch URLS? WTF is with these random strings of letters between "download.microsoft.com" and "W2K-patch-ENU.exe"? And why the fuck did they wait so long to standardize switches for non-interactive, non-forced rebooting application? </rant>); the next step is seeing how well Daisy works w/o interaction. (Probably just fine, from what I've seen.) Man, it'll be nice to drop patches on the FTP server, then tell everyone their computer will reboot at midnight...

As for VMware itself, it's a huge help. It's absolutely amazing to be able to revert to a snapshot; I don't even want to think about how long it'd take to duplicate that with a real machine, even if I had a fully automated install (which is my next goal after automated patch management). Aside from the little oops (and hey, it's beta), I've got no complaints at all about VMware as a program. I'm not really stress-testing it, though, so I don't know how well it'd do for some of the bigger programs we need to run at work. Of course, I don't really have any way of finding out, either; the EULA sez "You may not disclose the results of any benchmark test of the Software to any third party without VMware's prior written approval." Ah, proprietary software...

...which segues nicely into another toy I got this week: my membership package from the Free Software Foundation. I got my LNX-BBC-based bootable membership card (#2961!), plus another CD with the source code...of course. Browsed through it just to look at the code, since it seemed like I really should (and also because I wanted to see if I could understand the source code for cksum...at 10 o'clock at night while waiting for cold medicine to kick in. Uh-huh).

I also got my copy of Larence Lessig's Free Culture, a welcome letter that spent its first paragraph talking about the tax implications of that free book and looked like it was typeset with Tex (interesting -- it reminded me so much of everything I saw that came out of the University of Waterloo's math department...tests, newsletters, for-sale posters, everything), and the last two newsletters, including one with a picture of a very unimpressed-looking Bradley Kuhn (who has a poker journal. Who knew?) posing for the camera with SCO's subpoena.

I admit to being a bit unsettled reading one of RMS' essay/editorials for the newsletter, in which he said we were all working toward a future where all software would be Free. The religious overtones were hard to avoid, not to mention the similarities to exhortations from the left about when the workers would overthrow the shackles of capitalism. I'm NOT saying "RMS is a commie" or anything like that; it's the...I don't know, the feel of a small group of people desperately trying to make changes they believe in that's familiar. I used to get the same feeling when I came across the Technocracy newsletters at the library. (Bring back the Technocracy fliers, whoever you are...they're sorely missed.)

But then I remember EULAs like VMware's, or like the one for a program we use at work that said something like "Despite whatever rights you have under law, you give them all up by using this software" and "You're not allowed to tell anyone the terms of this EULA" (fuzzy on that last one, so don't quote me -- but I'm pretty sure it was something like that). And I realize just how much Freedom I take for granted, how much of it is due to the FSF and many others, and how that freedom is important enough to be capitalized.

Anyhow...qemu booted the membership card very nicely. It seemed astonishingly quick to start, until I realized that it wasn't simulating the usual BIOS check -- I hadn't thought before about how long that can add to boot times. Memory check, disk detection (IDE), disk detection (SCSI), bootloader...it adds up. One of these days I'd love to get some real server hardware to play with; I've heard very good stuff about Sun machines, and it'd be interesting to play with some non-x86 hardware (besides the router, I mean). I really should go see Cal and get a SparcStation...of course, they are a lot cheaper on eBay.

I also got a desktop machine of my own at work. Ever since I started, I've been using a machine that's been used as many different servers: spam filtering, backup NIS, backup, FreeBSD source code repository... I'd put in a request for a machine of my own, but (since I'm the one who had to buy it) nothing much got done.

A couple of weeks ago, I got a request for a developer sandbox, so I ordered it in, got it set up, then was told that it was no longer needed. Well, sweet! It's a Shuttle, P4, 1GB of memory and a 200GB hard drive. This means a) I can run stuff like VMWare on Debian and b) I no longer have to start full backups on the weekend to make sure my desktop is actually usable on Monday: I can just start full backups on Monday morning, and continue hitting refresh on Slashdot. Oh yeah!

Finally, my wife got a toy too: a new LCD monitor. She had been using this 15" CRT I picked up at a swap meet for $50, but it had started to make ominous brrrZZAAP! electrical noises. Picked up a Benq (you know it's a Benq because when you turn it on, it says "Benq!" for a second or two before you get your desktop) 17" FP 731 on sale after reading the reviews (cheap but decent seemed to be the consensus). No complaints so far, and man I can't belive how big it looks.

Damn tempted to get one for myself...but I think I might order one of these instead while I still can. The situation in Canada doesn't seem quite so dire as down there, but then again where the hell am I going to pick up a Canadian made HDTV encoder card?

...Good god, 1500 words. Post this puppy.

Tags:

New_theme,_upgrade

title: New theme, upgrade date: 2005-02-18 07:30:03

I've upgraded Wordpress to the newly-released 1.5, and the Obsidian theme. 1.5 seems nice; there's a lot of new features, including some neat-sounding spam-fu, so I'm curious to see how it'll work. The upgrade was stupid easy. As for the theme, Obsidian is nice, but there are still some things I'm messing around with. I hate playing with CSS, though -- such a time-sink! -- so if I can't make it work easily I'll just go back to the default theme.

Tags: