Category: Geekery

Today’s fascinating discovery

I’ve mentioned already that I put a system on a local rack, and in order to cut costs I divided it up into three sections using Xen. Well, I had this annoying little problem that the “domU” (user domains – ie. the shares) weren’t able to use iptables. So I’ve gone back to the drawing board by slapping a couple of drives I have kicking around into my Windows box and trying various experiments.

First, I went back to the “step-by-step” how-tos that I’ve been using so far. They’ve updated it for Xen 3.0.3 (I actually installed Xen 3.0.2 using a how-to written for 3.0.1). So I ran through it – no joy. The domU boots, but mounts the ext3 file system as ext2 and won’t do iptables.

Tried again with their instructions on how to compile a kernel, except the instructions say to compile in iptables support, but don’t tell you how to compile in appropriate device driver support so I ended up with no network in my dom0 (the controller domain).

Then I found another “how-to”, this based on the fact that Xen is in the Debian “sid” (aka “unstable”) branch. Updated the test machine to “sid”, then went through the how-to. Initially, couldn’t get xend to start up, but then it turns out that I’d installed xen-hypervisor-3.0-unstable instead of xen-hypervisor-3.0.3. Got that installed, got the domU up and running, but DAMMIT, still the same problem. When I tried to do an “iptables -L”, it would tell me that “QM_MODULES: Function not supported”. Same if I did a “depmod -a” or “lsmod”.

While I was working this angle, I discovered that the Debian Backports project had backported Xen to “sarge”. Hmmm, I thought, if this works out I’ll have to try the Backport to see if I can do this on the rack with minimal hassle and without having to run “unstable” on a “production” server.

That’s when I discovered something interesting – modutils is old, and if you’re going to be using 2.6+ kernels only, people recommend you install module-init-tools instead. Since I’ve been installing Debian “sarge” (aka “stable”) in the domUs, and “sarge” is designed to support 2.4 and 2.6 kernels, it installs modutils instead. I installed module-init-tools, and suddenly everything worked.

Hey, I thought, maybe I don’t have to go through all this pain. I went to my real xen system, installed module-init-tools on the domU, and everything works! No need to go for the Backport. Maybe I will later, but for now I’ve got what I want, and I can install ssh-blacklist on my domU.

Email I just sent

Note: presidents.office is the President’s Office, yup.email.news is the Yale University Press, customer.care is their Customer Care contact email, and opa is the Office of Public Affairs


To: presidents.office@yale.edu
Cc: yup.email.news@yale.edu, customer.care@triliteral.org, opa@yale.edu
Subject: I'm sorry I'm going to have to do this...


The Yale University Press has taken to sending out "spam" (unsolicited commercial email) to email addresses trawled from web sites - I know because they hit addresses that never would have been used for conducting a business relationship. That behaviour is unconscionable. I have no alternative but to block all email from yale.edu to the domains under my control unless and until you cease this practice.


I'm sorry if that makes it harder for you to contact potential and current students, alumni and benefactors, but you should have thought about that before you decided to put the burden for your advertising budget on me and thousands of systems administrator like me instead of yourselves.

Discovering it all over again

Ok, I’m going to sound like a total Apple fan-boy with this, but I have to say it. Yesterday, my iPod fell out of it’s case. I picked it up and suddenly without the extra bulk of the case, I was once again struck by how utterly perfect it is. It’s small, it’s light, it’s beautiful, and the user interface is great. It feels good in your hand.

Ok, the screen is a bit scratched up, and so is the shiny back surface. But it’s still a wonder of modern industrial design.

And I look at the Zune, and I see an ugly brown brick, and I think “what the hell were they thinking?”

And before you write me off as a total Apple geek, I had the same feeling with my Treo when I used it for a day without the heavy magnesium innopocket.com case. Not as perfect as an iPod, but definitely smaller and sleeker than I normally think of it because I normally have it in that case.

Best laid plans, and all that.

When I came out of work on Thursday, even though the sun was down my car thermometer said it was an unseasonably warm 60 degrees F. The next morning, I took a quick glance at the weather widget on my Powerbook’s Dashboard, and it said that it was going up to 65. And thus a half-baked plan was born. I quickly put my kayak on my roof rack, which has been left on my car just in case such a day happened.

The intention was to sneak out for a few hours around lunch time and enjoy one last paddle for the year. Unfortunately reality interferred. It turns out that I’d read the weather widget before it had updated, and Friday was actually only going to get up into the mid 50s. Still maybe do-able. But unfortunately I got hellishly busy at work on Friday, and didn’t manage to slip out. Today was warmer, but raining, but still a remote possibility, but I was even busier at work. So I didn’t get out today either. And tomorrow it’s going to be a high of 43F, which would be cold even in a wet suit which I don’t have. Doesn’t look like it’s going up again until Thursday. I guess I’m going to give up and take the kayak off the roof.

Man, if I don’t get off this overtime treadmill soon I’m going to kill myself. Or somebody else.

One of these days I’ll learn to take a compliment

Today, in spite of how busy we are we got the word from our new boss Nancy that we all had to go to the monthly division meeting. (Ok, here’s where I prove how little attention I pay to the heirarchy: I don’t know if Nancy is Dave’s boss, or Mike’s boss, and I don’t know what slice of the company that meeting is really for, but let’s just call it ‘division’ for now.) I never go to these things, but first we got a message from Nancy saying she expected everybody there, and then another message from Dave saying he’d gotten the word that no matter how busy we were, we should make every effort to get there.

It was the typical boring monthly meeting – announcing all the anniversaries and stuff. But then they started handing out these enormous plaques to people who’d recently gotten patents. I’ve seen these plaques on people’s desks before, but I’ve never seen them handed out. And I’ve only ever seen them on pretty senior people’s desks. I wasn’t expecting one – my patent was awarded months and months ago, and besides I’m a lowly contractor. But I got one, and it had little tags for both of my patents. My boss, Dave, got one as well, with the same two tags.

Afterwards, Nancy told me that the whole reason she’d made the meeting mandatory was to make sure that Dave and I went, because neither of us were prone to going to these meetings.

Getting the plaque was surprising enough, but even more surprising was for the rest of the day people were coming up and congratulating me. Now, I’m not thrilled about the concept of software patents at all, so I didn’t really know what to say. At first, I was saying stuff like “Oh, it wasn’t such a big deal” or “I’m not too proud of it”. But then I thought that probably isn’t very gracious of me, and might be insulting to other people who’ve gotten patents or who want them and haven’t gotten them yet. So then I started just saying “Thanks” and leaving it at that. But still later, some fellow software developers came up to to congratulate/razz me, and I decided the best response was that it was a team effort and I feel sad that we couldn’t credit everybody on the patent. I also told one of the developers that one of the things she did, an automatic “matcher” algorithm, was definitely worth a patent and she should apply for one herself.