Jason Antman’s Blog

Just a short note today – it’s an insanely busy week. I’ve been finishing up the web GUI for my print accounting system (previously mentioned) and had to dive into CUPS/IPP to pull out information on whether or not a print job is printed in duplex. I’ve also been going crazy with raw PJL queries to get some information that doesn’t appear to be found in Printer-MIB. In other news, I have an exam Monday moring in a class (Religions of the Eastern World – my non-western requirement) that I’m getting a D in. Then I have an essay for US History II due Thursday – I haven’t even read the books yet.

And Tuesday night, I have my first tech demo as a Sun Campus Ambassador, a short OpenSolaris overview for RUSLUG that should touch on the coll facets of DTrace, Zones, ZFS, etc. as well as the new installer. So it’s going to be a pretty busy weekend. And I’m hard set on doing a kick-ass demo, despite some of the disturbing things I’ve been hearing about Sun lately. If I can get OpenSolaris to boot on my laptop by then, I’ll use that. If not, I guess I’ll be dragging the PowerEdge 2550 over there.

That being said, I was looking through Google Reader this morining (my only source for news) and came by a LinuxInsider article on the upcoming KDE release. Being a user of KDE since 2000, this interested me. However, what struck me was a comment about the new KOffice.

I was speaking with a supervisor at the Rutgers University student computer labs the other day, and was pretty astonished to realize that OpenOffice isn’t loaded on the lab computers. Why? Because 99% of their “patrons” wouldn’t know what it is, and can’t handle choices. Can’t handle choices. Or, at least, don’t want them. It’s attitudes like this that lead to a world where you have ONE cable company, ONE phone company, ONE high-bandwidth ISP, and can only use ONE cellular provider’s equipment on a network. I wonder how those same “patrons” would feel if they went to a car dealer and were offered the option to buy a Honda Accord, a Honda Accord, or maybe a Honda Accord.

As far as I’m concerned, the biggest issue is publicity. The users don’t want choices because they don’t know about them. And I thought that a University was supposed to educate people? How naive of me.

I was hanging out at the ambulance corps that I volunteer with (I have nothing to do with the front-end web site) the other weekend, and one of the women asked whether I had Microsoft Office, since she needed Word for a project. She said she didn’t want to pay $250. I asked her why she couldn’t use OpenOffice. She asked what it was. It’s absolutely wonderful to hear the astonishment in someone’s voice when you tell them that they can download something at no cost that does everything that Word does.

So, my question is how many of these “patrons”, mostly students, would use OpenOffice if they knew about it? More importantly, how many of them would use it if someone told them they don’t *have* to pay $150 to put Word and Excel on their computers? I know the functionality isn’t perfect, but I routinely open, edit, and then save back Word and Excel files in OO without a problem.

So, back to the point of this rant. Choices are good. Fragmentation is not. We have OpenOffice, StarOffice, KOffice, and probably a bunch more. I understand they’re all separate projects with separate goals. But, IMHO, one of the biggest problems with open-source (and no-cost) alternatives to proprietary software is getting the word out there. And fragmentation makes that so much harder. If you ask a Windows or Mac user what office package is most prominent, they’ll probably say MS Office. If you ask three Linux users, you’ll likely get three different answers.

This isn’t about the moral battle of Free/Open Source vs. closed or proprietary. This is about user experience. If there’s a no-cost (and even better, Free) package out there that does almost everything a $150-300 package does, users should have the right to try it and see if it works for them. And I can think of few places where that’s more important than cash-starved college kids.

Ideas and Rants open source, openoffice

Since we moved into our apartment at the end of last summer, my roommates and I have had a Brother 5170DN monochrome laser in the hallway as a communal printer. Last weekend, two new printers arrived – I got a Xerox DocuPrint N4525 – a big surplus student lab printer that handles paper up to 11×17″ and print rates of up to 45 PPM. My roommates picked up a (free!) HP Color LaserJet 4500. So, I decided that I want accounting of who prints what on each printer.

I setup a Dell PowerEdge 650 running openSuSE 10.3, Xen and 2 NICs, one on our main network and one with a static IP in a separate subnet hooked up to a small 5-port switch. I setup a Xen VM (also openSuSE 10.3) to act as a CUPS server. I then installed tea4cups which allows outgoing CUPS jobs to be read via a pseudo-backend while they’re processing. tea4cups calls some PHP scripts that update a MySQL database with job information, including page counts and ink coverage amounts calculated by pkpgcounter.

This is all done with a kludge of custom scripts, which I’ll put in my CVS repo (and comment on here) sometime this week.

I did run into two problems. First, I had issues with getting tea4cups to run at all. After googling a bit, I read about people having problems with tea4cups and SELinux. Sure enough, I disabled AppArmor and all went back to normal. Also, I later had some problems trying to perform ink accounting on a color printer. After some investigation, I also found out that GhostScript 8.15 is buggy and will cause problems with pkpgcounter. I upgraded to the 8.60 RPMs and all was well.

The whole project is still in the works, but when finished I should have a system that will keep track of all printing in the apartment by username and IP, and track the page count, paper size, color or B&W, resolution, and ink coverage percentage (both for grayscale and CMYK or RGB individually). I know it’s overkill – all I want to really know is enough data to fairly split the costs of paper, toner, etc. – but I thought it would be a fun project.

I originally thought about using PyKota for the accounting, but found it to be way too heavy-weight. My current kludge, done up in one night (before writing an essay), is based on CUPS and tea4cups, which calls PHP backend prehooks and posthooks, which in turn make use of a few pre-written python and perl scripts that deal with querying information from the printer (IPP) and local files.

All in all, for something that didn’t exist 24 hours ago, I think it’s working pretty well so far.

Projects

I sent the following as (appropriately enough) a Facebook message to Mark Zuckerberg:

Dude, I know you’re a big-shot, but I thought I’d give this a try, just giving you (and the Facebook team) some feedback.

I’m growing so frustrated with facebook that I’m thinking of writing my own alternative. If only I could get people to use it….

The Facebook that I first signed up for (the first day I got my college e-mail address in July ‘05) was prefect. I could find pretty much anyone in any of my classes. I could talk to pretty much anyone at my school, or most other schools. Most importantly, it was a place to get things done and connect. It was free of the pressure of overbearing commercial influence. It was a place where college kids – and only college kids – could connect.

My suggestion, my plea, is to give us back the old Facebook, or at least the option to use the old Facebook. The Facebook API was nice, but some things don’t work for it. You took away Courses. Now I can’t find people in my classes, because there are six different applications, each of which needs to be added separately, and some of which work horribly or not at all. I don’t want all of that junk. I don’t want to see a million boxes with kid-looking drawings and zombies and pirates on someone’s profile. If I wanted to use MySpace, I’d use MySpace!

Newsfeeds. I don’t want to know who is trying to turn my friends into a Zombie or a Warewolf, or something else moronic. Put an option on the preferences page to get rid of everything through the Facebook API. I only want to know about stuff that was in the ‘Classic Facebook’.

What the f*** is up with the advertisements in my homepage/news display? You’ve already got banners at the left, right, or bottom. Leave the center panel for the content that I WANT. You can shoves ads everywhere else on the page, but don’t mix an ad for Differin Gel in with news about my friends.

Make networks more opaque. I only want to know about people who are in colleges or workplace-related networks. Maybe, and that’s just a maybe, high-school people. but in my opinion, opening Facebook to anyone with an email address was the worst move you ever made.

So, my suggestions?
1) The “courses” feature has fragmented way too much. Unify it on a school-by-school or Facebook-wide basis. I don’t want to search 10 API apps to find someone in my class.
2) Let me choose whether or not to display Facebook API notices in my minifeed page. I don’t want to know about every time my friends use an API app.
3) Take Facebook API stuff off of profile pages. A standardized view is easy, intuitive, and quick. Searching through a mile-long profile just to find the Personal Info area is not good.
4) Bring back a college- or workplace-centric facebook.
5) Don’t try to be MySpace. I stopped using them because of clutter and annoying extensions. Now Facebook is doing the same thing.
6) Keep advertisements on the sides or bottom and, most importantly, out of content areas.

The bottom line – Facebook used to care about users and communication. Now you just care about profits and advertisers. If you don’t want to lose traffic when something better comes along, give Facebook back to the people!

Ideas and Rants

I know I don’t update anywhere near often enough – then again, I update a lot more here than I do on my Sun blog. But I’ll do better, I promise – and I’ll setup a new template, too. Maybe tonight.

So I was just thinking about my software development – about how many projects that I never finished, or never even started. And it got me thinking. When Rutgers laid off all of us part-time programmers and I was given a few choices for a new job, I chose tech support for student labs and classroom connectivity. Why? Obviously I’m not going to learn much. But I like putting out fires. I like solving problems. More importantly, and more of an issue when I try to write software, I like meeting a list of minimum requirements and just doing that. I love solving problems and I love making things work. On the other hand, at least when it comes to open-source (and no-cost/no-pay) projects, I have serious problems with motivation. Or, should I say, I get a project to do what I need, and I abandon it.

I guess I should print some sort of warning on my project pages. Or, I should be happy that F/OSS is getting as popular as it is. Even among people who don’t know what it’s about. I’ve been getting endless emails about my PHP EMS Tools. I’ve marked it as beta. The readme and the extensive docs make it clear that it’s not a finished work that’s suitable for everyone. I make it clear that I don’t do tech support for Windows, as I know nothing about it. Yet, it seems that finding a project on SourceForge or Google is wonderfully easy, yet it’s easier to just e-mail the developer than take the time to read the docs. I mus say, though, that when I download something on SourceForge, especially something that isn’t marked with a complete/stable status, I fully expect to spend a few hours playing with the source before getting it up and running.

Anyway, I don’t look at my lack of follow-through as a horrible thing. I have a problem. There’s nothing else out there that even begins to solve it. So, I write something that solves my problem. The next time someone has the problem, they can use my code. If I didn’t carry it far enough, they can pick up where I left off. When they get it where they want it, they can send their changes back to me.

Lately, I’ve been reading a great book – “Hackers: Heros of the Computer Revolution” by Steven Levy. There’s some really great reading about the good ‘ol days at the MIT AI lab, and the Homebrew Computer Club and the beginnings of PC’s (the Altair). And there’s a lot of commentary about The Hacker Ethic – a definite forerunner to the Free Software/Open Source movement. Most specifically, the idea of software belonging to the people, of source code being open and freely distributed for the good of everyone. And it really gets me thinking. People sometimes ask me why I don’t sell the software I write. Why should I? I’m not writing it for a client, I’m not getting paid to write it. I’m writing it for me. It seems *wrong* not to let others benefit from my work. And even if I was writing it for a client, why not give it away to others? Many people might not, but I’d give paying clients a break if they agreed to GPL the code.

Anyway, for a while I’ve been trying to find software that will run on Linux to draw network maps. The networks at my house and apartment have gotten complex enough that it’s hard to hold everything in my mind. I made an attempt to draw a map in Dia and Kivio, but they just didn’t cut it – all of that manual updating. So I wrote a little PHP script that uses Imagick (the PHP wrapper to ImageMagick) to generate network maps. It takes a simple XML files, one per host, to define devices and connections. It outputs a nice PNG map, defaulting to 800×800 pixels, but can be scaled up large enough to print on a 36″ wide plotter. Code can be accessed through CVS here. It’s not an official release so the docs aren’t complete, but there are ample comments in the code and sample config files. Most importantly, it’s all wraped up in one PHP function, so generating a map (once you’ve generated XML config files) is as simple as including a PHP file and calling one function.

Projects

Well, I’ve been pretty busy lately, between school work and work for Sun and Rutgers. Rutgers seems to be planning a new student lab, so I’ll probably have a hand in that. And I’m now doing troubleshooting and on-site support for RUwired and the Smart Classrooms. It’s a big step down from programming web apps, but quite refreshing to have a job that gets me out of the dungeon now and then.

I’m also planning my first tech demo as the Sun Campus Ambassador, which will tentatively be held on December 4th at the RUSLUG meeting. Stay tuned for more.

In other news, unfortunately, I haven’t gotten my surplus from Rutgers yet. I’m sitting here in my cube, staring at a pile of equipment with nowhere to go. I just hope that this works out next week so I’ll have some time to play around on Thanksgiving weekend.

Anyway, I was reading an article that I saw on Digg about WalMart’s $200 Linux-based computer. What a great idea. Admittedly, I shop at WalMart now and then (well, I’m in college) and one line got me a bit:
“The gPC is built using tiny components, but put inside a full-size case because research indicates that Wal-Mart shoppers are so unsophisticated they equate physical size with capability.”
Though I’ll admit that it’s probably true. The author seemed to think that Linux may have found its’ niche, and was even bold enough to say that, “While the price of hardware has fallen dramatically, the price of Windows hasn’t. This could be Microsoft’s Achilles’ Heel. “

Well, ahmen. I’ve been mentioning that for quite a while now, as many others have. We’ve reached the point where Microsoft Windows and Microsoft Office is considerably more expensive than the computer that they run on. OEMs like Dell are selling Linux-based PCs (granted they aren’t really advertising them, and I didn’t see any mention of them when I glanced through their Home/Home Office lineup), and even WalMart is selling Linux-based systems. What I wonder, though, is how long it will take mainstream consumers to look at two shiny little CDs, befuddled that they cost more than a whole computer, and wonder what other options there are.

To go off on a tangent for a moment, yesterday I took delivery of a beautiful Wastern Digital My Book external hard drive. It’s the first one I’ve bought in almost three years, since my LaCiE (F.A. Porsche design) disk croaked on me and took 100 GB of photo scans with it. This one, a My Book Premium ES, is a 500 GB disk in a 3-pound-ish box, which cost $150 with shipping. I remember the first time I saw a writable DVD, when I was doing an internship in video postproduction. They kept the blanks locked up. I don’t think I ever would have imagined paying $150 to have half a terabyte in the palm of my hand. Anyway, the great thing about this model is that it has a 3.0 Gbps eSATA connector, so it can easily be used as *fast* exteral storage. So, once I got it, I set about backing up my laptop. Hopefully by this time tomorrow, I’ll have a laptop that dual-boots openSuSE 10.1 (pure 64-bit) and OpenSolaris SXDE 9/07.

Back on topic, I’m totally enthused that Linux is finally making headway in the desktop market. However, a few minutes ago, sitting here at my desk, I was struck with panic. The same type of panic that would hit a driving instructor if he sent his student out in a car and then realized the poor kid didn’t know there was a brake. Linux is a multi-user operating system. At its’ heart, it’s designed to be a server-bound Unix. And all of a sudden it struck me that people are downloading Ubuntu or some other easy-to-use distro, and nobody told them where the brake is!

I doubt that most new Linux users know what I (or any experienced user) take(s) for granted. I’d hope that Ubuntu doesn’t enable SSH by default, but I don’t know. But, realistically, how people who “try” Ubuntu because it’s “free” (as in free beer) understand administration and security of Linux systems? If they run SSH, do they know to run something like denyhosts? Do they even know what system logs are or where they are found, let alone check them? Do they understand file checksumming, and something like Tripwire? More importantly, do they understand the power of their system, and how much it could do without their knowledge?

Many security experts have conjectured that the lack of Linux viruses is simply because Linux has such a low market share. However, with no user education, imagine how simple a “virus” could be. And how devastating. Let’s glance by the fact that Windows has poisoned Linux users. Most Windows users are used to clicking “ok” to everything that pops up. So, when Linux asks them for a root password to install software, or perform some other action, the default reaction will probably be to do it. After all, if the OS wants it, it should be done. Let’s not even think of those Linux distros that totally disregard root and give the user root privileges – the designers aimed to get rid of the security advantages of a Unix-like OS, and did so perfectly.

Surely, Linux security will improve in ways that are easier for novices to understand. File permissions should be checked by a scrpit, as well as checksums, system logs, etc. and it can all be tied up in a simple interface. But, let’s think about this for a minute. Digg ran an article at the end of last year claiming 8 Million Ubuntu users. Let’s say that only a million of them are complete novices. How many of them, do you think, would think twice if they got an email or went to a web page (that looked “official”) that asked them to download and run a script in order to update something. Or just a popular web site that asked them to download some package or file and run it, in order to be able to view some content? It’s only one line in cron to start a DDoS attack. Maybe two lines.

I’m all for Linux moving to the desktop. Paying more for an OS than you paid for the computer is just insanity. Paying for any software when there’s a prefectly good free alternative isn’t too smart. And, for the majority of casual computer users, a Linux-based system would work perfectly – not to mention the stability and lack of frustration from BSODs, etc. But before this happens, there needs to be a community effort to educate new users about security, about the differences between Linux and Windows (or Mac), and about what is “bad” (malicious, just out of place, etc.). Most of all, there needs to be a concerted effort to develop all-in-one security tools that monitor logs, filesystems, system files, installed packages, permissions, etc. and present them in a simple, user-friendly manner (i.e. this is wrong, the system thinks it should be this, click for more information or click to fix it – and, of course, an easy way to rollback changes. ). Perhaps most important for new users, and ease-of-use, is a way to track these changes based on what package initiates them.

If you haven’t tried Linux, give it a shot. It doesn’t cost anything, it’s secure, stable, and fast, it runs on half the machine that Vista needs, and best of all, it promotes Free Software (”open source”) which, after all, is in the interest of everyone who uses a computer. Ubuntu will even mail you a CD for free! If you’re not ready to give up Windows, download OpenOffice. And, if you’re already a Linux guru, have a look at OpenSolaris – if you’re a developer or a SysAdmin, you’ll thank me for suggesting it (and Sun will mail you a free CD or DVD, too!). They even have LiveCD Solaris versions.

Miscellaneous Geek Stuff

It’s been way too long since I’ve posted an update. But I haven’t been doing nothing. In fact, I’ve been quite busy – and not just with school and Sun and the Rutgers job. So, I’ll go through a few of the happenings of the past few weeks.

Machine & Online Update Problems. First, I lost two machines. About a month ago, my main storage machine (STOR1) running a 6-disk SCSI array of 18.2-Gb disks in RAID 0+1 lost two disks in an hour. Strange. Next time I was home, I pulled the two bad disks (bringing it down to 4 disks total), put OpenSuSE 10.1 back on it (10.2 won’t play well with my old Compaq RAID controllers – the machine is a G1 Proliant ML370) and installed Bacula. I’m happy to say that after a weeks’ worth of work, I have Bacula working and backing up 3 machines locally. Unfortunately, I have two machines – my mail and SSH server and my storage server with a 250Gb IDE drive – that were running SuSE 9.3 (still!). They wouldn’t take Bacula from RPM or source, as the director (STOR1) was running Bacula 2.x and the only RPMs available were 1.x. I attempted an Online Update through YaST/YoU. Well, wouldn’t you know, it ran, it updated, and the whole system broke. I mean gone. I couldn’t run *any* command in the shell, at all, because – you guessed it – YoU updated glibc. To a much newer version, and pretty much everything was linked to the old version. I couldn’t even “exit” to end my session.

Well, luckily, I had data on the 250-Gb disk and everything else on a 10Gb, so next time I was home, I put OpenSuSE 10.2 on the box, and I now have a 250Gb Bacula storage target on the network. Maybe I’ll even upgrade to Gig-E sometime soon to speed up those slow weekly full backups.

Help, My files are gone! The big storage box with the 250-Gb disk has been called “janus” for years, since I called my do-everything-box “saturn” and the rest were Saturn’s moons. Since then, things have become complicated enough that I adopted a functional naming convention, and the box became “STOR2″ when I re-installed the OS. Well, about a week later, I SSH’d into saturn – a 10-year-old Gateway desktop, 40Gb
HDD, 192Mb RAM, and a PII-350MHz processor – that now runs my mail server and is my externally-visible box to SSH into. I ran “ls” in my home directory, and got nothing. Nothing at all. It just hung there. I exited and tried again. I tried as root. By then I had about a dozen “D” state ls processes. I was stumped. I tried everything. My first thought was a stale NFS mount, but I checked, and everything looked right. I could ls portions, like “ls a*” and get good output. I could strace ls and see all the right output. But I couldn’t ls. Just the one directory – not any subdirectories – but any user. I spent hours looking around,
to no avail. It wasn’t until two nights ago – about a week into the problem – that I finally gave up and rebooted to get rid of those now-zombie processes. And, wouldn’t you know, ls worked perfectly. Why?
Yeah, you probably guessed that, too. When I looked over fstab and mount, everything looked normal – except that after two years, the hostname “janus” looked perfectly correct to me!

Rack. After some discussion with my roommates, last Friday night I found a 42U Compaq rack enclosure – complete with wheels, door, and a side panel, on Craigslist from a seller a few towns over. We all drove over in the truck and, $65 later, we now have a 42U rack in the living room of our apartment. It’s a thing of beauty. We got it setup around 10:30 PM, and Joe and I were up until 6 AM the next morning bringing down the network, moving hardware to the rack, re-cabling, and bringing everything back up. We did hit a few snags – mainly because I demanded an IP switch from 192.168.0.xxx to 192.168.2.xxx so that I could easily setup a VPN from the IPcop firewall at the apartment to its’ matching counterpart in my basement at home. Well, things are still being added to the rack, but it’s coming along very nicely.

The Rack – (clockwise from top left) some ballast in the bottom (an ancient Proliant 6000 with 12 or so SCSI disks and 3 power supplies, 3x 220MHz pentium, not running), 3 AM – Joe troubleshooting the IPcop box, with the rack almost fully loaded, Soekris net4501 as a temporary firewall/router (running m0n0wall), me in my new home…err… rack.

VPN. The main impetus behind the IP switch was my desire to have an IPsec VPN between home and the apartment. Beyond ease of use, a good intranet, and the hope of being able to SSH into my various boxen
without going through saturn, my one externally-visible SSH server, I was also psyched about the idea of small backups with Bacula over the VPN, and the hope of getting two Nagios boxes – one at each end – that
would work in concert. Well, of course, the subnet mask here is /22 and everything at home is still /24, so it’s going to take a bit of work this weekend, but hopefully everything will come together well. Stay tuned.

PBX. While I was working on VPN stuff, Joe took it upon himself to forcibly commandeer one of my spare boxes and setup Trixbox (formerly Asterisk @ Home) on the LAN. At the moment, we’re waiting for an FXO card to show up in the mail – and for the money to get a few SIP phones for testing – but it looks like it’ll all be up and running, and we may even move over to VoIP in the apartment. To make things better, we have Festival working, and I’m well on my way to a Nagios interface that will be able to dial an extension (or dial out) and speak an alert.

Conserver. A lot of stuff on the rack has serial console access – switches, IPcop, routers, development stuff, and – hopefully soon – some Sun hardware. So, a terminal server sounded great. After some research, I came up with two possibilities – a page from 1998 giving an example of a kludge of a console server using GNU Screen, and conserver, a purpose-built application that can operate in a client-server model over the LAN, and also includes good handling of locking on a per-user basis and console locking. I planned two incarnations of the console server – the first and current development machine is an ancient PII laptop with 192MB RAM, CD drive, 10Gb HDD, networking, and serial and USB ports. I decided to give serial to USB adapters a shot.

My first installation was Debian-based, as OpenSuSE 10.2 won’t load on such an old machine. However, after grappling with learning a new distro, I opted to reinstall with CentOS 5.0, a much more natural transition from SuSE. After installing CentOS, it only took me a few hours to get everything humming away, and get conserver compiled, installed, and running. Configuration is fairly simple though, on my next box, I’m going to have it install to the locations I’m used to – /bin instead of /usr/local/bin, etc. All in all, it seems to work well. I didn’t try networked mode, but it works beautifully by SSHing into the box. It handles multiple users on the same console very well, shows the status of the consoles, and allows stealing of locks. I’m working on writing a Nagios check script for it in Python, but be warned – a console’s “up” or “down” status is simply whether the port is open. You can, obviously, pull the cable from the device and still see “up”.

The one issue with this kludgey test setup is that my USB serial adapters seem to change device names on reboot. I currently have two, and at the last reboot, /dev/ttyUSB0 and /dev/ttyUSB1 switched names which created some confusion. When I get around to it, I plan on getting a small, quiet, older (and cheap) 1U server with a PCI slot to serve as the console server. I have a few spare Equinox breakout cables for multiport serial cards, and I might be able to find and use a card that they fit.

Netra. For a while, I’ve been wanting to try Solaris, and I can’t think of a better way to do it than buying some Sparc hardware, for the fun of it. Well, I found a Sun Netra T1 on Ebay, 500MHz Sparc-II, 512Mb RAM, 40Gb HDD (SCSI) for $47 on Ebay, and couldn’t resist it. I ordered it Sunday night. Sure enough, Tuesday afternoon, I get the following E-Mail:
“Hello,
This is Bcd-parts. we contact you because we make a mistake in this item: 230185304870. we put it online but we sell it before, so we do not have any of this item. I’m apologize about this mistake, we will refund the money as soon you respond back the email.
Thank you!”

Amazingly, I was able to resolve the issue that day, and the refund is being processed. However, I don’t have my server!

Nagios. I’m a big fan of Nagios. I use it at home to monitor all of my hosts, as well as some remote systems that I’m responsible for. I make heavy use of the check_by_ssh plugin, so that it doesn’t require any infrastructure past pubkey authentication for the Nagios user. Now that I have a few systems running in the apartment also, once I get the VPN setup, I’ll be installing Nagios down here as well, and probably trying to tackle the task of setting up the two servers to jive by passing passive check results of the LAN hosts to each other.

Print Quota. We have a shared laser printer in the apartment, used by all five people living there. It’s a low-end Brother model. After a discussion one evening, I got very interested in finding out how many pages each user is printing. The built-in print server doesn’t provide this functionality, nor does it support JCL. So, I googled for a solution… and, amazingly, didn’t find one. The most that I could find is that there are two big Unix-based print quota packages, but both of them require a print server between the network and the printer – an option that I may consider, but don’t really want to implement. I don’t need the ability to deny printing, or figure out how much toner is used, or anything fancy like that – I just want to find out how many pages each user on a defined list prints.

After some brainstorming, I came up with an awful kludge that might work. I wrote a Python script that screen-scrapes the print server’s web interface for the current lifetime page count and status. The concept is essentially that I put a server on the network, and configure the switch so that it is a monitor port for the printer. I then have access to 1) the printer’s page count and 2) all traffic to/from the printer. I’ve thought of two ways to get the page count of a job:

1. Dump all of the TCP traffic to the printer. When a job starts, find the IP (and MAC?) that started it. Wait for it to finish. Wait a few seconds, check the printer status, if it’s back to “ready”, get the page count.
2. Dump the traffic to the printer. Analyze all traffic to extract the print job information, and get the page count there. Then check against the printer’s web interface (so we don’t count pages when it ran out of paper or jammed).

Obviously, #2 is much more complex. However, #1 already is wrought with edge cases – two users printing simultaneously, a paper jam that causes the printer to wait (and the script times out and returns a page count of 0), etc. We’ll see where I get in designing a solution.

Once each job is complete, and we have a page count, we can put that into a database with the date and time, page count, printer name (the advantage to this is that it would theoretically support multiple printers as long as it could see their traffic), client IP and MAC, and client username (looked up from a table mapping IP/MAC to username).

Surplus. One of the wonderful things about working for Rutgers is that they own millions of dollars of computer equipment. Usually, it seems like when they’re done with it, it falls into a black hole of buybacks, trade-ins, and disposal. However, it just so happened that my department has a lot of stuff they’re getting rid of, and I was able to work out an employee purchase before it disappears. So, coming to a rack in my living room (or my basement at home) is a Dell PowerEdge 2550, PowerEdge 650, two rackmount monitor/keyboard/mouse units, a BackUPS Pro 1400 (no monitoring, but better than nothing), a BayStack 350T-HD switch, a Xerox DocuPritn N4525, and a few other goodies. I’m already working on putting OpenSuSE 10.3 as Xen dom0 on the 650 and Solaris SXCE 11 (built 75) on the 2550. We’ll see what happens with it all soon…

Ideas and Rants