Jason Antman’s Blog

Part 2 of today’s thoughts…

Blacklists, Blocking, Reverse-Validation – Yes, they have some uses. I use Daemon Synchronization in DenyHosts and plug-ins like Pyzor in SpamAssassin. However, I’ve also been the victim of blacklists, and the new Internet order, many times. There’s a conspiracy between ISPs – simply put, big ISPs want everyone else to use big ISPs. I understand the logic behind reverse-validation. However, I have a residential internet connection. I also run Linux. When I got Verizon, I configured Postfix to deliver mail directly. Big mistake. Most big email providers (AOL, MSN, probably Gmail too) will bounce back e-mail that comes from a domain that doesn’t reverse-validate. And since Verizon owns my IP, despite the substantial sums of money they’ve been getting from me, my IP doesn’t reverse-validate to my domain name. To top it off, Verizon blocks the usual SMTP ports on residential connections, so I can’t have people send me e-mail either. Everything needs to be relayed through Verizon. To add to the frustration, Verizon blocks port 80 on my connection, so I’m forced to serve my whole site on an unused (and un-blocked) high-numbered port. And use DynDNS.org to redirect to my dynamic IP. This wouldn’t be so much of an issue if I didn’t know that some large companies have firewalls configured to block HTTP requests *OUT* to any non-default port. As a result, my own father can’t view my web site or blog from work. What ever happened to the little guy?

Network Performance – I know I have old computers and an old switch. But there’s something wrong when network file transfers crawl by at ~3 Mbps. I setup nttcp on two of my machines to measure throughput, and was greeted with numbers in the realm of 93-96 Mbps – what I’d expect on a 100 Mpbs network. However, a file transfer between these two machines barely scratched 8 Mpbs. Maybe GigE is the answer, but I’ll be looking into the theory behind this in the next few days – admittedly, I don’t know much about network performance, but I’m willing to learn…

New Project – I’ve started planning on a new project, openEPCR. My PHP EMS Tools package for EMS and fire agencies seems to be generating a lot of downloads (yet little community interest), and I’m now seriously thinking about the lack of a free, open-source Electronic Patient Care Report package for the pre-hospital care industry. A lot of these organizations are volunteer and operating on limited budgets. Stay tuned… all I’ll say is that what I’ve planned is something that you’d expect from me – open-source, platform-independent, and geared towards limited hardware resources. I’ll probably be looking towards Java as a development platform, though the interest generated in Google Gears may also pay off. Of course, there’s no way I can do such an ambitious project myself, so I’m looking for developers to help out.

Comic – pretty much the only non-serious content in my Google Reader account is XKCD.com. It’s a great comic with wonderful technical and geek humor. Today’s comic was so good that I just had to include it…

Projects bandwidth, blacklist, comic, epcr, firefox, java, openepcr, patient care report, pcr, php ems tools, reverse-validation, XKCD

Website – In personal news, I’ve finished migrating all of the information content of JasonAntman.com to a wiki, based on MediaWiki. I’m still getting some kinks ironed out, and working on customization, but it seems to be coming along very well. It’s wonderfully easy to update information and to link between articles. Most of the content is more like notes than articles, but I’m trying to put most of my SysAdmin and programming notes up there, both for my own future reference and that of anyone who happens by the site. As always, though, some content will just live its’ life as a blog entry, so I encourage searching of my blog as well. This is my fourth instance of MeidaWiki, and while I haven’t set them up to play together, they all run wonderfully – and share a lot of common configuration (though I have separate instances of the code). Hopefully I’ll do a bunch of reorganization of the wiki sometime, and keep adding new content. Some of the newer pages include pages on DenyHosts and HPASM (from my blog post).

Blog – I know the template is awful. It’s on my list of things to do, and should be at the top of the queue in approximately 2056.

Bacula – Up to now, my backups have been a total kludge. The mere explanation of this elicits a feeling of nausea. A shell script on my backup storage server executes via cron. Each of the four important servers on my network (mail, web, monitoring, and development) have shell scripts that handle local backups – tar’ing up a list of directories, MySQL dumps, etc. – then tar gzip the whole thing and plop it in a local directory. The backup server executes these scripts and then copies the temporary files to its own disk via SCP. All of this is handled through an expect script, that runs each server consecutively. By morning, I end up with a 6+ hour job that’s finished, and dumped gigs of files on the backup server. Before finishing each machine, it deletes any backups on the backup server that are older than 10 days. After copying everything, it deletes the client’s local copy. The bottom line is that if a machine goes down, I can re-install the OS and all packages, and then have the backups of just /etc and user data. Not beautiful. Even worse, my backup storage server doesn’t have a tape drive. When I get around to it, I run a script on my development/storage box that copies the latest backups from each machine, located on the backup server, to a tempdir and then writes them to tape. To top it all off, I have only one network, so all of these gigs of data are crawling across my ancient 10/100 switch, along with all other connectivity to the outside world.

Unfortunately, it doesn’t look like I’ll have the money to upgrade to Gig-E any time soon, even just for the 5 machines involved. More to the point, there’s no way that I’ll have the money to buy a manageable Gig-E switch that can come anywhere close to my BayStack 450-24T. So, it’s time to invest… well… time… in a good backup infrastructure. After doing a lot of research, I came to two findings:

1. The two main options seem to be AMANDA and Bacula.
2. I don’t like how AMANDA works.

So, I’m going to give Bacula a shot. I did consult the SAGE mailing list for advice, and got some recommendations for BackupPC, but Bacula seems to be more my type of thing. Well, I did an install, and spent about 8 hours hacking around with the config files. No luck. Bacula is designed to be highly modular and scalable, but to be honest, I find the config files to be *very* complicated. Furthermore, I wasn’t able to find any good example configurations with documentation. After brainstorming for a while (laying in bed watching Law & Order and reading the Bacula docs on dead trees) I decided to give in – despite my continued efforts to stop using it, I checked Webmin and, surely enough, they have a Bacula module. After starting with fresh config files, I was able to get Bacula up and running on my development/storage server (a fresh install of openSuSE 10.1) as the director. I got a file daemon installed on the web server. Everything looked wonderful.

The current status: My backup storage server does only that – storage of backups. Nothing else. It’s still running SuSE 9.3. The Bacula RPMs for 9.3 are from the 1.x tree, and all of my other machines are running openSuSE 10.x, with Bacula 2.x. I gave it a shot but, sure enough, a Bacula 2.x director won’t jive with a 1.x storage daemon. And I’m in dependency hell – Bacula 2.x requires upgrades of everything from the C libs all the way up. So, I’m going to give a shot at an upgrade of the storage machine via YaST, and see where I get.

Projects bacula, blog, jasonantman, mediawiki, wiki

Well, I’m currently applying to the Information Technology and Informatics (ITI) major at Rutgers. I’m in my third year of college (transferred in from RIT after a trimester there freshman year. This will also be my fourth prospective major – hopefully this one will stick. If you’re interested in the list, it was a trimester (10 weeks) at RIT for Fine Art Photography (probably the most fun I ever had in “school”), followed by the Rutgers list – a semester of general ed requirements while thinking about Biological Sciences/Pre-Med, then a realization and a CS major, a year of that and here I am at ITI. CS was interesting, but it quickly became apparent that the curriculum was far too low-level to hold my interest – my CS 102 (Intro to OOP / Java) and 103 (Data Structures) classes were interesting, but I kept wanting to ask my profs why they wanted to fail me for saying that not every program needs OOP (What? A 20-line shell script is bad because it’s a procedural language?), and couldn’t cope with spending weeks on coding a class to do X when I know that it;s already been done, been GPL’d, and I could study the code in a night and move on to a program that does something. The list of higher-level courses didn’t look much better. ITI, on the other hand, has courses in Linux, e-Commerce, and Information Security, not to mention management-related courses covering legal aspects, HR, and IS management.

More to the point, we were given an assignment for a research project – a paper that’s supposed to convince the management of an organization whether or not to adopt a “new” technology. Having a last name between A-G (I love how professors randomly pick criteria) my assignment is supposed to be directed towards an online university. We were given a list of topics to choose from, including social networking sites such as Second Life, My Space, etc., PIMs, search results visualization (i.e. Grokker), and a few others. While I guess these are new technologies, the topic that I chose (obviously not on the list) was “The use of self-healing technologies in service-oriented organizations”. (Yes, I was hoping that she grades by buzzword count, or at least number of hyphenated words). I still have almost a week to write the paper, but I’m hoping to come up with some interesting stuff, including a whole list of good research references, and lots of talk about LCFG and cfengine. Stay tuned, maybe I’ll end up finding something interesting. The plus to this whole project is that I realized that as a Rutgers student, I have access to the entire ACM and IEEE online archives, among other cool resources.

The Sun Campus Ambassador year is starting to kick into gear. There’s a lot of hype about the new Sun developments such as the unification of the Storage and Systems groups, the Microsoft deal (grimace), the upcoming NetBeans 6.0 IDE release, the J2EE and J2ME programming languages, etc. There’s also a lot of boring administrative details, like remembering to use the names of Sun technologies as adjectives not nouns (something to do with trademarks that makes no sense to me). This weekend will be full of organization and Sun training… and hopefully, plans to take Sun up on the employee discount for Solaris operating system certification (SCSA/SCNA). Also of interest, I was asked to complete a survey on the use of Sun technology on campus. I know that a lot of the programming courses are Java-based, and I’m sure that NetBeans has a strong following. However, I’m very interested in finding out how well Solaris has penetrated the University environment (beyond the fact that every student uses it for Email, Web, Portal, etc. without knowing it).

Now, something I wrote yesterday at work:

After having a Microsoft discussion with someone, I wanted to clear up a
few things related to my views on Microsoft. Mainly, that I don’t have
an issue with Microsoft per se. I have issues with Microsoft’s policies,
and Microsoft happens to be the most publicly visible company with such
policies. Some of these Include:

1. The lack of software openness. Both the ethical implications of
   software that isn’t Free Software, and
   functional issues with software that I can’t modify to do what I want,
   distribute to others, or (if I were a large corporation) have an
   independent company audit the source of for security risks. I want
   control of my software. Microsoft doesn’t allow that. Moreover, I think
   that non-technical end users should have the option of having control
   over their software as well.
2. Software that is designed to a specific intended user, and can’t be
   modified otherwise. Specifically, I’m a technical person. I want
   software that’s designed to be run on a network and an operating system
   that’s designed to be administered from a graphical terminal in the next
   room, or over a text-based SSH session from hundreds of miles away. If I
   want to use the command line, I want to have that option. Basically, I
   want options. I don’t want someone deciding that I’m too stupid to use
   those options. Other users don’t even need to know that a command-line
   is there, but I want to. And, more importantly, I don’t believe that
   these options (such as *good* remote administration) should require
   expensive server versions.
3. I want an operating system that recognizes Free Software and doesn’t attempt to
   cripple it.
4. I’m a programmer. I like standards. Things work because of standards.
   We can send e-mail and view web sites because of standards. I think that
   standards are good. And I like *one* set of standards which are accepted
   as best. All web browsers let you view web pages via HTTP. I think that
   document formats should have one standard. I think that standard should
   include, for anyone to use however they wish, all of the information
   needed to implement it. I don’t want software that goes beyond a
   standard in undocumented ways. Almost all non-Microsoft browsers render
   HTML in pretty much the same way. Web designers that I know have two
   test systems – IE and not IE. They test their web page under Windows in
   IE to find out how it looks on IE. They test it on anything else to see
   how it looks in everything else.
5. I don’t want a vendor telling me that I have to use their software. I
   don’t want someone to tell me that their browser is *part* of my
   operating system. I want to be able to add and remove whatever software
   I want. And I want to be able to make it work. If need be, I want to be
   able to replace software with my own, or with something that I think is
   better. I want to be able to choose what gets installed on my computer,
   in a fine-grained level of accuracy, if I want.
6. I want proven security. And more importantly, I want to have control
   over the security. I want to be able to add third-party patches from
   organizations like the NSA to harden my security. And I want them to
   pervade every level of the system, not just userspace. I want to be able
   to add security fixes from anyone I want, and have anyone I want audit
   the code.
7. I want an operating system that’s time-tested. I like seeing
   copyright notices that go back to the 1980s. The fact that an operating
   system has had multiple major redesigns in the past 10 years does not
   speak well for your code. Furthermore, I don’t want to buy a product
   that comes in five versions, or however many there are of Windows now.
   I’d be happy with Desktop and Server versions. Maybe even a third
   Development version. Anything more than that sends me the message that
   you’re just trying to tax features and keep them out of the hands of users.
8. I don’t want to be locked in to a vendor. Yes, this is a direct
   reference towards Free/Open Source Software. If your company goes
   bottom-up, or just decides that you don’t care about what I want, I
   should be able to hire an independent programmer to maintain what you
   gave me, or make the changes that I want. More importantly, if you
   decide to stop supporting a product that I like, I want to be able to
   have someone else support it, possibly better than you did.
9. I don’t want to buy from a company that actively engages in campaigns
   of FUD (fear, uncertainty, doubt). I want to buy from a company that
   respects their customers/users and their choices. I don’t want a vendor
   that engages in scare tactics or buying up competitors and killing them
   off. I want a company that is nice to people. I don’t want a company
   that threatens the the customers of their competitors with lawsuits.
10. I want to buy from a company that understands compatibility and
    strives for it. I don’t want a company that tries to bury all mention of
    competing products. I want a vendor that can honestly admit that in
    certain cases their product X isn’t as good as a competitor’s product Y,
    but in many other cases it’s better. I want a vendor that understands
    that I want to run operating systems W, X, Y, and Z and have them all
    work together, even if this vendor only sells X.
11. A vendor that I buy from will NOT, EVER, tell me tell me that I need
    a state-of-the-art system to run a desktop computer or a server. There
    is no reason at all why my mail server needs to run a GUI. More
    importantly, in 2007, there is absolutely no reason why my PHP
    development web server should have 1 Gb of RAM just to run the operating
    system. I’m only coding some HTML form-based apps for a personal web
    site – there’s no reason why I need more than 512 Mb to run a simple web
    server. Finally, and this is just a personal thing, but I like a vendor
    that understands students. I’m in college. I want an operating system
    that will install, if not out-of-the-box then with some simple
    customization, on the type of computer that I’d find at the curb.

Miscellaneous Geek Stuff rutgers school iti it microsoft comparison sun solaris java

Well I just finished a healthy 2-hour session with Google Reader and have a few things to comment on, but at the moment, I just wanted to make a quick post.

I’ve been using Linux for five years. I’m in the process of planning to move a lot of my servers and development systems to the openSolaris operating system. Overall, I’m a pretty technical person. While I admit to occasionally using Webmin, I’m perfectly comfortable editing the Apache config files by hand. That being said, with all of the recent emphasis on Linux as a desktop machine (for end users!) there are some things that I expect to “just work”. When I upgraded for openSuSE 10.2, and now 10.3RC1, I expected some good desktop technology – granted, openSuSE isn’t the choice for a “just works” end-user desktop.

One word. Printing. Despite how I’ve tried, I still can’t get my Linux boxen to print well. Printing a webpage from Firefox requires endless tweaking of borders, margins, and other nasty stuff. If I happen to be in a new location and print something, I grab a pen, as I know that the headers and footer/last few lines of text on my web page will be cut off, unless I’ve tweaked the margins for the specific printer.

Why is this the case? Of all the things that people want Linux to do, this seems like a simple one. The printable area of an 8 1/2×11″ piece of paper is relatively standard. The actual printable margins for a given printer are well known. So why is it the my HP LaserJet or my roommate’s Brother 5500DN is such a mystery to Linux?

Ideas and Rants linux suse printing

Well, I’ve created my official Sun Microsystems blog as Campus Ambassador for Rutgers University. Not that I honestly think anyone reads the non-technical blog entries here, but if you do, you may want to check out the Sun blog as well.

Most of the Sun blog entries will probably have to do with Sun technologies in education or at Rutgers, but when there is something of interest to a more general audience, I’ll be sure to post here as well.

In other news, I’m really really busy lately, between Sun training, my job (now doing hardware/lab support and some wireless work) for Rutgers, and school. I have a really long list of things to do personally, including buying some new systems to move my home/development network over to the Solaris 10 operating system, getting a new template for this blog, and wikifying all of my web sites (mostly those at jasonantman.com). To top it all off, my truck was broken into this afternoon (broad daylight on a busy street) while I was at class. The front passenger window was smashed in and my Mio c310x GPS was stolen, so between the window and the GPS, I’m a bit behind where I’d like to be in terms of budget.

Uncategorized Sun Solaris Rutgers