Focus-follows-mouse coupled with the disabled Raise-on-focus window property is a mode of operation for a window manager, highly targeted at the professional use, unheard of in the Microsoft Windows world. Yet, it takes some fine configuration tweaks to get it to the prime-time. Read More
Yet another boring chapter, Chapter 5 the filesystem in the “UNIX and Linux System Administration Handbook”, bar the excellent overview of the ACL topic, still has a bit of fun going on.
Linux defines a set of supplemental flags that can be set on files to request special handling.
The immutable and append-only flags (
a) were largely conceived as ways to make the system more resistant to tampering by hackers or hostile code. Unfortunately, they can confuse software and protect only against hackers that don’t know enough to use
chattr -ia. Real-world experience has shown that these flags are more often used by hackers than against them.
The problem of the immutable attribute presented for the configuration management systems is also mentioned. I tend to agree with that with one caveat. Sometimes there are complex administration domains intersections in place, so that it is easier to make a pin-pointed adjustment with the immutable attribute at a leaf system than to introduce changes at a higher lever.
An example of such a situation is using a “managed” virtual machine from a big cloud provider. It is often convenient to have a VM centrally “managed”, but just a little extra local flexibility is well-warranted sometimes.
Today, a good friend of mine Nikolai Dyumin, a seasoned PhD in mathematics, asked me of a recommended book on the Unix system administration topic.
Immediately I recalled of the “Unix System Administration Handbook” by Evi Nemeth “and kids” paper back sample of the 2nd edition I have had and praised a lot since my early student years. It is a Russian translation (one of the best technical book translations I have ever read), pretty used already, nevertheless offering a good deal of timeless Unix philosophy inside.
While the book is still relevant in the terms of general administrator’s job approaches and concepts, a large part of it has become hopelessly obsolete over the past couple of decades of me owning it. Indeed, who still remembers the RS-232 cables or who does add user accounts directly on the host without any intermediary configuration management system or a centralized directory these days?
In an attempt to refine my book recommendation I went ahead and browsed a bit, and lo and behold! the 5th(!) edition of the book, modernly re-titled “UNIX and Linux System Administration Handbook”, just popped up on my screen.
Looking inside the new edition made me realize just how much time has passed!
The book starts by telling us Evi Nemeth, the most renowned SysAdmin ever who is also a sailor, is no longer with us.
One of the Evi’s mottoes listed in preface states “Be conservative in what you send and liberal in what you receive” truly summarizes the essence of the SysAdmin’s character. Think of it. Probably half of the rest of the Evi’s tenets are largely variations on this one. Take for example “Be liberal in who you hire, but fire early” – that’s the same thing, basically!
And then there was the 1st chapter. A few quotes warrant bringing up.
your response to these [stupid] issues [like “I spilled coffee on my keyboard! Should I pour water on it to wash it out?”] affects your perceived value as an administrator far more than does any actual technical skill you might possess. You can either howl at the injustice of it all, or you can delight in the fact that a single well-handled trouble ticket scores more brownie points than five hours of midnight debugging.
– indeed, a system administrator is a psychologist first. Most administrator’s customers just need someone to understand their problem, regardless of the problem’s nature.
Use it [the nano editor] discreetly; professional administrators may be visibly distressed if they witness a peer running nano.
– looks so familiar!
Gartner found that AWS is ten times the size of all competitors combined
Have you ever thought AWS is that large? I haven’t. Doesn’t it qualify AWS as a monopoly?
As a system administrator, it’s in your best interest to befriend data center technicians and bribe them with coffee, caffeinated soft drinks, and alcoholic beverages.
– interesting, why the authors take the hardware specialists for confirmed drunkards? Is the hand work considered easier than the scripting or security testing while drunk? Or is this type of work more depressing?
Anyway, having recommended such a profound book of about 1300 pages to someone who is a scientist, I thought why wouldn’t I read the new edition myself? If nothing else, this’ll:
- make my Unix philosophy freshly organized,
- update me on the current technology trends in a good systematic manner,
- help me grow professionally by learning from great professionals,
- entertain me once again with the cool writing style.
It just occurred to me that:
- today is the 1st of the month,
- the month has 31 days, and
- this 5th edition of the book happens to have precisely 31 chapters, conveniently and sequentially numbered through the four book parts.
So what am I still waiting for?! I’m starting on the quest of “A chapter a day” today with this fine book!
Right after I got my quite elaborate Nagios setup running in my local network, I thought to myself “What if my network loses connectivity to the world and my GSM-SMS gateway fails? How am I going to be notified of such a grand disaster?”
Well, as usual, a shell one-liner comes to rescue.
DreamHost changed SSL cert for mail once again.
- Put CA certificates in
/usr/local/share/ca-certificates/, and NOT the system directory /usr/share/ca-certificates/
- run update-ca-certificates to update the compiled list of CA certificates.
- Add the path to /etc/postfix/main.cf :
smtp_tls_CApath = /etc/ssl/certs
… but I was too lazy to pursue that way to the end, so I ended up just updating the fingerprint for use by the postfix SMTP client.
Steps to add (update) fingerprint checking to Postfix SMTP client:
The tar’s “–exclude=PATTERN” option has always had me perplexed. As this is mostly intended for automation scenarios, I have never paid much attention to this option resorting to its more “pro-batch” variant “–exclude-from FILE”.
But today, as I went about making some backups I thought it’s enough, I need to learn how to use this option effectively. Having realized that the documentation on the matter is quite lacking, I decided to make a simple experiment.
Here are the commands I typed (in a bash terminal) to learn more about the “–exclude=PATTERN” option:
Use the following one-line script to control witch EXIF data to leave in the photos published online:
exiftool -P -overwrite_original -all= -tagsFromFile @ -ExposureTime -MeteringMode -Flash -FocalLength -FocalLengthIn35mmFormat -FocusDistance -VibrationReduction -FocusMode -CreateDate -DateTimeOriginal -ISO -FNumber -UserComment -copyright='(c)2011, Alexander Shcheblikin' -artist='Alexander Shcheblikin' -model="Sasha's DX dSLR" _DSC*jpg
This should all be entered on one line (note: the dashes which hang over the ends of the lines must actually be adjacent to the command line switches following them).
This is a power tool affecting multiple files at once and it will process all the files matching _DSC*jpg pattern in the current directory.
To retain original files remove the
exiftool is available natively in Linux/UNIX as a Perl library and a front-end script and as a standalone executable for Windows and a package for Mac OS X.
WordPress is so good for SEO in part thanks to the large number of data fields available for each post: post title, excerpt, name (slug) and, finally, content. This allows for deep customization when presenting your post to the WWW.
While it’s fine to fill all those fields for a regular article it may be an overkill for a picture for that same article (which is just a sub-post in terms of WordPress built-in media library). (And even for a normal article – how many of us really do enter post excerpts? Yes, that’s what I’m talking about.)
This service from APC is supposed to take care of calculating energy usage.
The irony of this all is that this process holds one of the top positions in CPU hogs list. Take a look: it takes more CPU cycles than many of the most demanding processes in the system – virtual machines. (In other words, killing dataserv.exe would allow to run an extra full-fledged virtual computer!)