Jason Antman’s Blog

It seems like it’s taken forever. I don’t know how many times I’ve struggled with web apps that I wrote for the ambulance corps to try and get printed output correct. I’ve done everything from generating PDFs, doing screen captures of a browser and printing as a PDF, to things as crazy as trying to print schedules directly from the server, where they’re setup as postscript.

I just happened to be going through my news in Google Reader and found some interesting W3C draft standards for CSS Print Profiles and CSS3 Paged Media Module. Finally, after waiting for literally years, there will (from the way it looks) be a way for me to specify, in CSS, the page size – and more importantly, orientation – and have something print correctly.

Perhaps the end of me having to manually print ambulance corps rosters, and then set the print settings back to landscape and 73% scaling for the schedule, are finally going to be over!

C’mon, Mozilla, I’m counting on a quick implementation once they’re finalized.

Miscellaneous Geek Stuff css, printing, standards, w3c

For one of my wonderful classes, Internet Security, I’m doing a presentation on “patch management”. While I’m obligated to cover Windows – and, of course, will talk about MacOS – I’ll obviously be spending a good deal of time on the Unix/Linux side of things. This has gotten me thinking about one of my biggest problems with Linux (and specifically OpenSuSE, my usual default distro. Patch management is utterly awful.

Here’s the problem: I have about a dozen machines under my control. I need to keep them all up-to-date. Currently, I manually do patches and upgrades via YaST or zypper. I thought about scripting this through zypper, but that doesn’t make any sense – the packages on the machines are far from homogenous, so there’s no clear way to make one script that updates them all. I considered using Puppet or CFengine or something of that sort, but that’s too heavy-weight for me – for only a dozen machines, many of which are personal or development only, that’s a lot to keep track of by hand, and a lot of work defining which patches should be applied, and which machines shouldn’t be changed.

My other peeve is distribution upgrades. About three of my machines are still running OpenSuSE 10.0 or 10.1, both of which are unsupported, and no longer even have downloads available. Why? Becuase I’ve done major OpenSuSE upgrades before, broken a LOT of stuff, and I simply can’t risk that on machines that can’t stand extended downtime. This process *needs* to be made easier. Bottom line – it should be made no more difficult or unreliable than a kernel upgrade. IMHO, the biggest selling point for Solaris is its’ ability to do a total upgrade to a second partition, and switch-over at runtime. Why doesn’t Linux (or SuSE) have this yet?

What’s my ideal solution? A curses application that uses text-file backends (curses so I can run it over SSH even if I have a slow link or high latency, like from a SSH session on my cell phone, if need be). The app would allow me to list all of the machines I want managed. It would connect to the machines over standard SSH, and would leave an extensive audit trail of what’s done, both on the management console and on the machines (as well as running as a dedicated user). The application would maintain an inventory of all of the packages on every machine. It would check daily for new patches/updates to any of those packages, and e-mail me a daily summary of what’s new, including all dependency changes, and which machines need the update. It would also allow me to define, on a per-machine (or per-group-of-machines) basis, rules for packages that must stay at their current version – i.e. I have a bunch of PHP4 apps, so machine X needs to stay at PHP4. The e-mail summary would include any packages that aren’t going to be updated for a specific machine because of dependency/version rules, as well as warnings about any new packages that have a dependency that has a rule set. I could then run the main curses app on my admin machine and, starting from NO selections, select which updates I want to apply and whether I want to ignore or create new rules to keep something at its current version, on a per-machine or per-group basis. This curses app would generate a file (XML?) of what to do (which would also be generated or edited by hand, easily). The XML file would then be fed into a script that downloads all of the needed packages to a central (local) mirror (or, optionally, for remote machines, has them download locally on the machine), checksums them, and then installs them (running commands over SSH) on all applicable machines. It would then keep a log of all changes, both on each machine changed (in a master changelog file) and on the central administrative machine. Most importantly, the curses interface would have a simple, quick way to back out any specific update or group of updates for all machines, a group of machines, or one machine. All data needed to back out a change would be kept on each machine (say, cleaned up at the next update of that package and all of its’ dependencies) with machine-readable instructions kept in a central file, allowing local rollbacks – i.e. a machine goes down, I realize that it was because of an update to package X, and on the local machine I can check the changelog, see an entry like “Package X updated 1.0.0 to 1.0.1 on yyyy-mm-dd, Change ID 1234″ and then, to rollback, simply issue a command like “patchmgt rollback 1234″ on the effected machine.

Just some ideas, and a little rant.

Ideas and Rants linux, patch management, solaris, updates, upgrades

So… what’s the deal? Will anyone come out and definitively say what the fate of VoIP is?

From what I’ve read, there are two distinct issues:

1. The ease of developing VoIP applications on Android, given the lack of a SIP stack.
2. T-Mobile’s shunning of VoIP over their 3G network.

Android – obviously, if we want to see VoIP apps on the G1, Android needs to support SIP. And the best way to do this is with real, native OS support. Even if VoIP possibilities are limited to WiFi, still, it would be nice to have SIP support and let my cell double as a WiFi VoIP phone… even if handoffs between APs are still nearly impossible. The next question that begs to be asked is how well such a third-party app can integrate with the phone. Will the user experience of receiving a VoIP call be substantially similar to that of receiving a normal phone call?

T-Mobile 3G – I’ve read, so far, that T-Mobile “does not support” VoIP over their 3G network. What’s this whole “does not support” thing? I’m still a bit confused about how their 3G network works… do they actively block 3G, or just not enable it? If the latter, doe this mean that other “non-standard” things, such as SSHing to a non-standard port, won’t work? Does this mean that there will be other heavy restrictions on what types of data are sent over the network?

What about tunneling SIP/IAX/whatever else over SSH? Will the G1 be capable of handling that at a relatively good speed?

I’ve read that the G1 “can’t” be tethered. WTF? Firstly, what is this “can’t” thing? Couldn’t a developer just write an app that’s essentially a proxy server, that proxies from some sort of USB-based wired connection to 3G?

Unfortunately, as has been written many times already, less than a week from the G1’s release, it seems that the openness touted by Google and T-Mobile is much less than that. With all their claims of openness, I’d expect a phone that will do anything – especially not be locked to one carrier, given Google’s history of opposing that (their bid for 700Mhz) – and a data plan that would allow anything over the air that my home ISP will allow over the wire.

Google: Have you forsaken all of your stated ideals at the prospect of making some cash off of a phone?

Ideas and Rants cell, g1, google, phone, t-mobile, voip

It’s been a long month and a half or so. A bunch of new projects at work (and interviewing for a full-time position) and lots of school stuff, all on top of having my truck stolen, dealing with insurance and the police, and then recovering it, and dealing with insurance again. It’s a long long story, which I posted as a Note on facebook.

PHP EMS Tools is due for a major revision, and hopefully this will include, among other things, the following new features:

1. Support for i18n.
2. Install-time choice of using MySQL or LDAP as a roster and authentication storage system.
3. Some vastly more efficient changes to the database schema, specifically dealing with scheduling.

I’m still working on some other big projects, namely the migration of this blog to WordPress, the migration of JasonAntman.com to some real CMS (Joomla, Drupal, etc.), and migration of my home internet connection from residential FiOS to “business-grade” Optimum Online (cable) – which will probably see a slight decrease in reliability from the amazing levels of FiOS, but will give me five static IPs and no ports blocked.

On the other hand, there’s been a wrench thrown into all of my plans for big projects (not even mentioning the projects that have been cast aside – TuxTruck, tuxOstat which is now down, and a bunch of others. That wrench is the T-Mobile G1, the GooglePhone finally come to fruition. I was psyched about Android when I first heard about it, and the idea of finally having a phone that I can develop for without learning a new language sounds amazing. I’ll admit that at $180 with a 2-year contract, plus $80/month for service (split about 50/50 between the voice plan and the unlimited data plan) it doesn’t make the best financial sense for someone whose car was stolen and now has 2 vehicles – only one of which I can afford – but I’m really excited. I’ve heard some not-so-good things about the quality of the GPS, and some of the apps currently available, but within a few months, I’d assume that the effects of open development will cause it to greatly surpass the functionality of my current Treo 700p, running my beloved Palm OS (which I’ve been dedicated to for the better part of seven years).

While the all-around flexibility of Android and its’ apps is definitely one of the biggest selling points, my own interest is mainly in the ability to quickly develop Java apps that bring my already-existing web-based forms and data to the desktop of my phone. It’s the simplicity that is my biggest interest – even for simple purposes, like converting the web-based fuel log I keep for my car(s) to a dedicated Java-based form on my phone.

Stay tuned…

Projects android, g1, google

• the life of a sysadmin.
• 9 Must-Have OpenOffice Extensions | MakeUseOf.com
• 5 characteristics of security policy I can trust | IT Security | TechRepublic.com

Interesting Links and Resources

• Microsoft: We’re all ‘mixed source’ companies | Beyond Binary – A blog by Ina Fried – CNET News
• The dying embers of Microsoft’s IP claims against open source | The Open Road – The Business and Politics of Open Source by Matt Asay – CNET News
• Village Telco
• http://www.rowetel.com/ucasterisk/index.html
• 4fx, fxomod, and fxsmod Designs
• Beer, Coffee, and a little DSP » Blog Archive » A $10 ATA
• Build It. Share It. Profit. Can Open Source Hardware Work?
• Slashdot | Microsoft Calls Today Global Anti-Piracy Day
• Exclusive: Oil Immersion Cooling Goes Mainstream with Hardcore PC’s Reactor | Maximum PC
• The Risks Digest Volume 25: Issue 40
• The Risks Digest Volume 25: Issue 40

Interesting Links and Resources