freemode.net

Never too late for Slashdot    [ Rants ]

You know it's waaaay too late into your unscheduled maintenance window (approximately 3 hours, 8 minutes) when you move three cubicles down from the speakerphone that's dialed into the conference bridge in order to giggle at a Slashdot poll.   Zarking piece of smeg network architecture.

Anyway, back to pinging between Cisco boxen to see where the static routes / interfaces are b0rk3d for no obvious reason.

Solaris + Samba + WinXP    [ Software ]

Got a chance to set up Samba on my SunBlade 100 at work running Solaris 8, since I'm doing perl scripting and need a more convenient way to move files back and forth than pulling up a command prompt and using PuTTY to SCP files over my miniswitch.   All I need is an SMB/CIFS share, I don't need to join it to a domain or act as a PDC and service logon requests from Microsoft clients spanning two decades, or pull up winbindd for appliance-style authentication (thank gawd).

It's fairly straightforward.   But even though I've been doing this dance in one form or another for the past five years, I completely forgot about setting up the smbpasswd file until I started googling for an all-too-familiar "The account is not authorized to log in from this station" error.

Remove multi-language Solaris packages    [ Software ]

A few quick steps to remove Solaris packages that I'll never use:

# for language in "Japanese Chinese Taiwanese Korean Thai French Russian Italian Spanish Swedish"; do
> pkginfo | grep $language >> /tmp/pkglist
> done
# awk '{ print $2 }' /tmp/pkglist > /tmp/pkgnames
# for entry in `cat /tmp/pkgnames`; do
> /usr/local/bin/yes | pkgrm $entry
> done


And the contents of /usr/local/bin/yes:

#!/bin/sh
# Script to emulate 'yes'
while [ 1 ]; do
echo "y"
done
# eof


The overhyped threat    [ Geekiness ]

The best bit I've seen on the much-overhyped threat from "hackers" last weekend (supposed mass-defacement of websites for 500MB of free hosted space) is Politech's post on the topic.   3le3t gR337z t0 n1pC! :)

Apache + mod_ssl cert    [ Software ]

Finally got around to configuring Apache + mod_ssl at home, and found a real quick way to generate a (passwordless, to avoid stalling the server for console input on a reboot - found that out the hard way after a power failure) self-signed cert:

1. Generate a key.

# openssl genrsa 1024 > servername.key

for a passwordless key, or:

# openssl genrsa -des3 1024 > servername.key

for a password-protected key that you'll need to type in on the console on bootup or whenever Apache restarts. You can insert:

SSLPassPhraseDialog exec:/path/to/your/password/program

in your httpd.conf for Apache, but it may be simpler to have an unpassworded key than to call a program to feed a password to Apache.

2. Create a CSR file for the request.

# openssl req -new -key servername.key -out servername.csr

[ punch in your ISO 2-letter country code, region/state, org, ou, server's FQDN for the "Common Name" portion, email add'y, plus other optional fields ]

3. Grant the request and generate a CRT file.

# openssl req -x509 -days 730 -key servername.key -in servername.csr -out servername.crt

[ use whatever arbitrary number you want for the -days, but 2 years works well ]

Point the appropriate parts of your httpd.conf to use the servername.key and servername.crt, and hey presto, you've got a self-signed certificate for SSL operations.   Check out one of the many excellent Apache + mod_ssl tutorials that exist for more details on configuration.

OGRE    [ Software ]

Started playing around with OGRE, an LGPL'd cross-platform graphics rendering engine.   Check out the demos available for download, they're pretty spiffy.   It'll work with OpenGL on Linux + Mac OS X and DirectX / OpenGL on Windows platforms.

I'm still getting all the Debian -testing packages installed for it, which involves doing a lot of:

# apt-cache search 'DevIL' | more
[ ... scroll through results ... ]
# apt-get install libdevil-dev

and so forth.   Packages that I've had to install so far (based on a compiler-plus-kernel-dev-tools setup) are:

libdevil-dev
libfreetype6-dev
libsdl1.2-dev
pkg-config
autoconf
automake
libtool
libjpeg62-dev
libmng-dev
mesag-dev
libpng3-dev
libtiff3g-dev

Upgrade time    [ Site Info ]

Time to go through and upgrade bits, so the site's now running MovableType 2.64 and Gallery 1.3.4   Gallery forced an upgrade of each of the individual photo galleries, and now the comment text is showing up in the per-gallery views of the images, which means that there's much more space eaten up by the 20-character-wide comments that go on for 8 or 13 lines.   Yuck, I'll have to figure out how to tweak that.   Overall, the process is fairly painless; both pieces of software do a good job of walking you through the upgrade procedure.

Solar sails illegal?    [ News ]

Solar sails may violate Carnot's rule, and may not actually work - at least according to this paper:   http://www.arxiv.org/html/physics/0306050

Linus interview    [ Software ]

Linus Torvalds does an interview with the San Jose Mercury News where he talks about Transmeta, SCO and OSDL here: http://www.bayarea.com/mld/mercurynews/6238207.htm

My favorite Linus quote from the article: "I enjoyed that IBM started porting Linux to the S390, found that hugely amusing. I thought, OK, somebody has done a few too many drugs."

These people scare me.    [ Politics ]

http://www.probush.com/traitor.htm.   Not the people on the list, but whoever runs that site.   Ye gods.   "We hate Bush haters!"   Ain't the 'net great?