Placeholder, post is being edited right now.
Placeholder, post is being edited right now.
So, I've been overhauling the infrastructure at the ol' hosting coop, and decided: hey, we're acquiring afs tokens using mod_waklog and a $user/daemon kerberos principle, why not use that same principle for authenticating against postgresql? Bonus features: using a user map, the user's primary principle would authenticate as the same database user, and it eliminates another indirection in the auth process (we're using identd now, probably a terrible idea).
And then reality: mod_waklog grabs tokens, but the tickets used to acquire those tokens are not available to any CGI processes. This is correct behavior afaict: being an apache equivalent to aklog, it has no business dealing with kerberos keys. So, mod_auth_kerb is probably the piece responsible for this, right? Maybe. mod_waklog has two modes for acquiring tokens: one wherein you specify the principle and a keytab for a specific location, and another where it will use any tickets previously acquired by another module. So you can grab tokens using mod_auth_kerb for real users entering passwords or forwarding tickets.
In a moment of insanity I though modify suexec might be a good idea. It was, luckily, just a moment of insanity.
So now I'm left wondering if there's even a solution. Since we're offering generic Internet hosting, requiring that members figure out authentication with kerberos in their cgi programs just to access postgresql (and one day mysql, if it can even use gssapi) isn't going to fly. If there is a solution: where oh where does it belong.
My current thinking is that I should add something like Krb5AcquireTickets $principle $keytab (or Krb5LocationPrinciple, or
I'm probably doomed. The life of a volunteer sysadmin!
Can I post this and then delete it? Maybe. Does it exist 10 minutes from now? When is now? Why is Hitler, Who is Spain?
I found an interesting heat-map of the United States of America, showing 56 years of tornado tracks by fujita scale. After being on the front-end of one of the tornadoes going through Dexter, MI, I found it particularly interesting that injury-to-death-toll numbers have dropped off significantly and made me think about some of the early warning signals we get now. For instance the Dexter tornado had warnings coming at least 1 hour before the storm hit the area. It was a general warning, but we had tornado sirens screaming at least two different intervals during the period. Some interesting infographics can be found at http://uxblog.idvsolutions.com/. The data comes from NOAA, but you can never tell if the infographic is correct even though the source is correct, but the graphic is interesting.
Continuing with my quest to write at an abyss...
I ended up getting the mytouch 4G Slide (HTC Doubletouch) from newegg ($130 + 24 months further enslavement to T-Mobile + if-you-cancel-within-six-months-you-owe-us-$400 standard reseller crap). And then the despair began, as the Internet informed me I had to do crap like run an untested binary to exploit the userspace and bootloader instead of a simple unlocking procedure... but then a friend who had done something similar let me know that, *phew*, you only had to do that if you wanted the "easy" way of reflashing from Android (before getting your new image installed, naturally).
I just had to use the HTC bootloader unlocker and flash Clockwork Recovery, fastboot flash the kernel, and then use the recovery image to flash the new
With that out of the way, I now have CM9 (Android 4.0.3). So far it's running well... my first day battery life was great, yesterday not so much (suspecting something with wakelocks, the phone refused to suspend to ram after I ran maps...). I'm also trying to use as much Free Software as possible: I installed the Google apps for now because
Still, Android on a device with lots of processor power and RAM is actually pleasant to use, instead of an exercise in seeing how many profanities you can utter at a device.
And now for MORE FUN: at some point I did an apt-get upgrade to get a slightly newer X server and
I got an HTC Dream about
After a bit of searching, I settled upon this mytouch 4G slide thing. The keyboard is lame and only four rows... emacsing over ssh will certainly become more exciting. But, it was the best device under $250 (+ 24 months further enslavement to T-Mobile) hardware wise and is supported by Cyanogenmod so maybe I won't hate it too much. UPDATES TO FOLLOW (not that anyone reads Slashdot journals anymore).
Hello once upon a time people used Slashdot journals and I think that was pretty neat. I was thinking to myself: "I need to upgrade HCoop's Debian install so that I can install some modern weblogging software and do more than post asinine facebook status updates" and then I realized... Slash!
The system says I have no journal entries, but I could have sworn I wrote a few way back when they were new and I was a lame teenager. Oh well, they're probably best left to the abyss if they even existed at all.
Let's start on a sad note then: there's a shortage of Centennial hops until the fall harvest. Kind of sucks, I hope this isn't indicative of a secretly poor aroma hop harvest last fall (discovering stuff like total hop yields doesn't seem too easy).
But, hey, let's make the best of a potential sharp increase in hop prices: No time like the present to knock out a double batch of my homebrewed IPA (and I just upgraded to a converted keg kettle + 60 qt mash tun with a fancy homemade manifold = hello 10 gallon batches). Mmm... a pound of hops (tasty, until the register displays my total bill
In the off chance anyone is actually reading this... I'm not too keen on experimenting with the hop bill of this since it tastes pretty good, and is probably the hardest and most expensive thing I brew (failure is agonizing). So
An interesting video was passed to a friend of a friend who subsequently passed it on to me about the original intent and virtues of copyright in America. Not surprisingly the video outlines the original intent of copyright to encourage the creators to bring new content and protect them for a period of time. As the video points out one of the largest instigators of the new rules on time privilege for creators was the Disney Company.
The video is done in a light hearted style that makes understanding copyright easy for the less informed. Please share it with others!
Earlier this month, I was at CES, looking at cool gadgets and shooting some video for Slashdot, and last week I did the same in Detroit at the North American International Auto Show. Since shooting video is something I'm (let's be kind) inexperienced at, esp. with camera-attached doodads (mixer, shotgun mic, lav mic, tripod), this got a bit awkward at times.
I tried a few different bag configurations on the CES show floor. What I finally settled on was this: In my conventional-looking (but Li-Ion battery-equipped!) PowerBag backpack, I carried very little -- basically, my laptop, some food, and whatever paper goods I picked up in the course of the show, like brochures, etc. For almost everything else, I had my Checkpoint Flyer, sans removable laptop case.*
- Mic packs (one receiver, one transmitter), mics (lavalier, handheld, shotgun) and mixer (and a few associated cords) went into the larger outer pocket
- flexible tripod (a Gorillapod knockoff from Vivitar) stuck, with one leg out, in the flexible side pocket
- camera, well padded, in the central portion; I kept its hotshoe mic-mount attached.
- headphone case fit in the smaller of the outer pockets (one of my favorite uses for that pocket!)
- spare batteries, SD card in the flat inner pockets
- notepaper and such in the large (magazine) pocket; gum and pens in the smaller (boarding pass) one.
(This list is not exhaustive; I was carrying wallet and other small things not here accounted for.)
I realized toward the end that the extra attachment points (sorry, custom work -- thanks, Tom! You really should put them on every Flyer
In Detroit, I did not carry around the backpack, and I switched from the Checkpoint Flyer to my Super Ego. The Super Ego is bigger, but I'm not sure it was actually any better as a video bag, because it lacks the nice top-zipping outer pockets on the Checkpoint Flyer, and it's not quite as easy to swing easily through a crowd. It still worked well for my purpose, though; I could put the camera away quickly in the central storage space when I wanted to have both hands free, and I stashed most cables and mics in the two outer pockets. (No room for the shotgun mic this way, though, so that went in with the camera itself.)
Upshot: Though neither is a specialized video bag (and I felt it at moments), both the Flyer and the Super Ego did a great job as impromptu production assistants
* Why not carry the laptop there? Because I was carrying a laptop too big for the inner case I have. That's why. Why carry the laptop at all? Because I needed it as a middleman to transfer files from my camera to the guy who put them into a watchable form, from the show's press room.
I thought I would mention one of the key activities we have been working on in recent months is our infrastructure. For a long time now, and like many companies, we have been living on older hardware and software. After some solid work by our engineers, esp. PerlJedi we finally got our DB upgraded.
One of the nice things we have now is a set of solid state disks to speed up transaction time. Additionally we will be looking at ways to improve some of the queries and as always check for other technical improvements as we progress.
We're not done yet. There are other things we intend to change in the near future including our web app server. We are also slating a number of features in 2012 that we are very excited about.
We'd love to hear feedback from you our readers. Is the site a little more responsive? Can you feel the raw power of our new servers?
I have been reviewing (again) the responses from our last user poll about what you like/dislike about
We have also had some pro/con responses to the social media interaction and continue to tweak those items to make them more usable without getting in the way of really reading
I haven't posted a journal here in almost three years, because I couldn't find the button to start a new entry.
So... hi, Slashdot. I used to be really active here, but now I mostly lurk and read. I've missed you.
Load All Comments
The number one thing that kept coming up in comments was an annoyance at not being able to see all the comments right away when you loaded a page. We'd previously made a design decision to show 50 comments to make for a fast page load, while allowing you the user to load more comments. (It should be noted if you login you can change your default view to 250 comments). The major nuissance many of you noted was that if you wanted to load all comments before reading a discussion you'd have to scroll down to the bottom of the discussion & mash on the button multiple times to load the entire conversation & then scroll up to the top to begin reading the discussion. One change we added a week ago or so was a 'Load All Comments' button at the top of the discussion to get around this annoyance.
Number of Initial Comments Shown
Another thing many of you noted was not liking only seeing 50 comments for your initial view. We bumped that number to 80 for an incremental change, and could be further increasing it as we monitor changes to page speed, and other comment dynamics.
Fix for Mod Point Allocation
About a week ago we corrected a bug with mod point allocation which brought a lot of new people into the moderation pool. The number of people moderating, and number of moderations done has gone up significantly as a result of this.
Comment Preview Speed
As part of our comment posting (and submission) processes we have some security checks that take a lot of time. Unfortunately for users many of you spent more time than you needed to waiting for the comment preview to come back while this check was occurring. We recently made a change to do this processing in the background when you trigger a reply form, as a result you should spend less time waiting to preview or submit a comment. Instead of making you wait to preview a comment we're doing processing in the background while you're typing up your comment. We made similar changes to the submit process. There may be further speed improvements later but this is a start, and should be fairly noticeable to frequent commenters.
Comment Threshold Inconsistencies
Another problem that was fixed recently was that comments above your threshold, that were children of lower rated comments didn't always appear. As a result the numbers on the slider for 'Full', 'Abbreviated', and 'Hidden' didn't necessarily reflect what was in the discussion. As of today that should be corrected, surfacing all the comments that should be surfaced by your selected threshold.
More to Come
We're by no means done with improvements to the comment system. Comments are in many ways one of the things that sets Slashdot apart so we want to continue working to make discussions easier to navigate, make interesting comments easier to find, and surfacing the insights within our community that set our community apart from many other places on the web.
I'm always looking for a new idea that will be more productive than its cost. -- David Rockefeller