Posts about sysadmin (old posts, page 3)

2007-11-28 15:51

If you are a qmail user: read this

  • If you don't know what qmail-spp is, please check it out. It makes qmail much much better.
  • If you know qmail-spp, then maybe my plugin collection will be handy for you.
  • My most useful plugin is probably ipthrottle, which you can use to make overeager IPs connect less often.
  • The version currently in SVN will autoblock those IPs for a configurable amount of time if you are using ipsvd which is like tcpserver, only much better.
  • I really need someone to help me test the SVN version, which should be way, way better than the releases on the page.
  • The SVN repo is at googlecode

2007-11-28 14:01

Rethinking Linux Configuration: Part I

I have said Linux sucks. Here's my new project: Make it suck less, one bit at a time.

And I start with one of the big chunks: configuration.

Part I in a longish series (I expect 5 parts at least).

2007-11-23 20:03

Don't let them tell you the CLI is bad

I mean, can you do this on a GUI?

grep 23/Nov/2007 /var/log/httpd/lateral-access_log |\
grep html | cut -d" " -f1 | sort |uniq |\
while read IP; do host $IP; done

2007-11-23 17:32

Wanted: C programmer

Checking on my semi-dead projects, I found that one was almost finished but I had forgotten about it: rater

In order to make it really useful, however, I need a C programmer that can turn this python program:

#!/usr/bin/env python
# -*- coding: utf-8 -*-

import sys
from socket import *
serverHost = 'localhost'
serverPort = 1999

s = socket(AF_INET, SOCK_STREAM)
s.connect((serverHost, serverPort))
print "Sending: ",' '.join(sys.argv[1:])
s.send(' '.join(sys.argv[1:])+"\n")
data = s.recv(1024)
sys.stderr.write(data)
sys.stderr.flush()
sys.exit(int(data.split(' ')[0]))

Into a nice function that never fails and never leaks memory (of course, it should return instead of exit, this is just example code ;-).

If that's done, I can release rater as a useful tool, which should find a home in many qmail installations (and maybe other uses).

2007-11-16 14:54

What I want for christmas (The cool new trend on preloaded Linux)

Dear fictional character that oppreses the workers of
the North Pole:

This christmas, I want an Asus eee PC, an Everex gPC,
and some bare white box with a nice Phoenix PC 3.0 BIOS.

Why am I asking the red menace from the north for these items?

Well, they do have one thing in common: Linux. Another is that they are consumer boxes, not servers.

For many years, one of the huge advantages windows had was that it came preloaded with most PCs. This enabled people to turn a blind eye to windows installation and configuration since it was done by Someone Else (TM).

Since getting Linux has become much easier in the last 10 years [1] this has been very frustrating. Imagine you had something you gave away for free, but people kept using something more expensive because they had to pay for it anyway!

That itches. If Linux was not chosen because it was inferior for the task at hand, that's one thing, but not even being able to be tested because the other product was bundled and paid for? Annoying.

Of course on servers this worked differently. The OS was not the expensive part, and was preloaded less often. Corporations have prearranged licensing terms, and adding things to the mix is simpler.

But for consumers, preloading has been a huge problem [2]

So, if the jolly trespasser brings me what I ordered, I will find the following:

  • Asus eee: A cheap subnotebook with Linux and KDE preloaded.
  • Everex gPC: A cheap Desktop with Linux and Enlightenment(!?) preloaded.
  • Phoenix PC 3.0 BIOS: an embedded hypervisor and Linux OS.

The eee is probably the most appealing. It's ideal for many uses:

  • Salesmen who are now using some ungodly Blackberry app (or worse)
  • System and network admins. Really. I would love to have a cheap notebook I won't hesitate bringing to a roof, a bar, the beach, whatever. It would live in my bag. My current notebook? Besides weighting 8 pounds, it's expensive and large. All I need are webpages email and SSH sessions!
  • Kids and students (it's cheap! You can buy a replacement if he drops coffe on it!)
  • Basic users and old people. Really, an office-like thing and a web browser? And I can use it wherever there's wifi? Neat.

And it is going to get a lot cheaper, and it's going to get a lot better. I expect there will be a 32GB, 10" model by the end of next year for $350, and the current model available for $250 (after all, half the components are cheap as dirt already, only flash is expensive, and that's a fluke)

And so on and so forth. If Asus creates a decent dock [3] and a nice rdiff-backup-based backup solution (it should be at least as nice as Apple's Time Machine), this box turns into my main computer whenever I am at home, and is a useful tool on the road. I really can live with those specs.

The gPC is a bit harder to grasp.

First, it's even cheaper. $200 is cheap. The CPU is slowish, but there are a whole range of tasks that are not CPU bound. I really want one of those as a home server. This is the first time I can see one of these ITX boxes as actually cheap not just small (in fact this one is not small at all).

  • I have a TV capture card, I could make a PVR out of it using LinuxMCE? It does have enough CPU for that (since I am doing it with a slower box already)
  • A file server? More than good enough for that.
  • A houseguest computer?
  • A MPD server?
  • All of the above?

And do all this while being quiet and power-efficient? Neat!

And the Phoenix PC 3.0 BIOS simply would be cool because I can virtualize without jumping through any hoops. This one is still fuzzy for me, but I only found out about it today. I need time for things to grow.

Why do I think these boxes mark a trend? Because they are definitely low-end products. These are meant to be made by thousands and hundreds of thousands, and make small money on each.

The makers are being smart about providing as little functionality as they can and making them simple, niche, consumer products instead of monstruosly powerful Linux monsters (sorry for how ugly that sounds).

Another factor is the huge growth of web apps that work well on non-IE browsers. This is making the OS irrelevant just like Netscape hoped in 1996. If the OS is invisible, Linux won.

So, Santa, for this christmas I ask for all these toys,
and if it has to be only one, please make it the Asus eee.

                                            Roberto Alsina

PS: and if you don't do your part, the raindeer's a goner!
[1] Look, no need to create 30 floppies! You can add a driver without recompiling the kernel! You don't need to know what a Modeline is!
[2] The other one is probably games, but that's a different problem. There are whole markets where gaming is not an issue.
[3] A wireless dock with place for a IDE disk or two, an optical drive, a powered USB hub, a card reader. Hardware costs? Maybe U$S 50 + disks?

2007-11-15 16:23

Bash does thing I never suspected.

Try this and be amazed:

$ cat < /dev/tcp/gsmtp163.google.com/25
220 mx.google.com ESMTP 12si345086nzn

Be honest: did you know bash could do that? I didn't until finding it in the man page

Now try this and be amazed it doesn't work (yes, it's in the docs):

$ cat /dev/tcp/gsmtp163.google.com/25
cat: /dev/tcp/gsmtp163.google.com/25: No such file or directory

And remember, on unix everything is a file, but maybe that file is only there in some very specific circunstances.

UPDATE: There is a chance this will not work in your distro, specifically Debian.

2007-11-05 12:23

Dropping BIND, at least a little

One of my customers has about 15000 email accounts.

I use extensively RBLs to keep the unwanted connections to a minimum, and many other spam detection techniques, many of which involve DNS lookups. Plus all the lookups caused by the email of 15000 users.

It turns out that according to our ISP, we were one of the top ten DNS users in their network, and we were killing their servers.

That got fixed, but it seems lately we were killing our own DNS servers, too.

BIND would stop answering to lookups every once in a while and had to be restarted. Since that was annoying, and the software was up to date, and there seemed to be nothing wrong with the configuration, I did what I could think of, and started looking for an alternative.

PowerDNS's recursor works well, is lighter, it's easier, and works like a charm (but you really should use their multi-forward patch).

So, thumbs up for PowerDNS, and I am still keeping BIND for our authoritative zones, at least for a while, since that part seems to still be working correctly.

2007-09-13 15:00

Geek challenge: Backup this thing!

Here's the scenario:

  • A Linux+Samba server with 40GB of data.
  • A SMB-only small storage server.

Your mission? Backup the thing. You should do full backups, and keep the last three.

In another age, I would have cobbled a 10-line script using tar (and split, see below) and be done with it. But now I want to use backup software.

So, I tried, and I ran into the following limitations:

  1. 2GB filesize limit on the storage server. Have no idea why, assume can't fix it.
  2. Weird unicode characters in filenames. There must be some encoding issue, but when a Windows client saves a file with accented characters, the clients see it all right. On the server, though, they are weird-looking. This is enough to make mc unable to delete some folders, for example.

So far I have tried:

  1. rdiff-backup: breaks with the unicode chars.
  2. flexbackup: breaks with filesize limit
  3. rsync: breaks with the unicode chars
  4. synbax: using rsync backend, see above. Using tar backend, breaks with filesize limit.

Here's what I want:

A simple backup software, where I can tell it "take this, back it there, keep last three backups, do it in files smaller than 2GB, give me a report".

Bonus points if restoring it is doable from windows.

Any suggestions?

Contents © 2000-2019 Roberto Alsina