Apple Rant..

Posted by david on January 26, 2012 0 comments

Traditionally Users don’t seem to care about the walled garden, in fact they
seem to like it. Many of the complaints against Android and Linux are
surrounding the inconstant appearance of apps (personally I find this is mostly
due to bad ports of iOS apps..) and fragmentation of hardware. The lack of
these in the iOS world is directly a result of Apple being in complete control.
They decide what content you are allowed to see and which apps you are allowed
to use. Isn’t this just the kind of control large media companies want, and
hoped to accomplish via laws like SOPA and PIPA?

Thousands of calls, millions of emails and signatures. It’s very clear we
don’t want them messing with the Internet.

How long will it take for users to see Apple as one of these groups seeking to
control them? Apple is more than a hardware or software vendor, they sell a
lifestyle. What happens if suddenly we all discover we don’t want to give up
the freedom required for that lifestyle? Will we all stand up and smash our
iPads with a sledge hammer? Irony of the 1984 commercial is simply overwhelming.

Google Plus and Ohio Linux Fest 2011

Posted by david on September 1, 2011 0 comments

I haven’t posted any updates in a while, mainly because I’ve been side tracked by google plus. It’s just like facebook, but it’s not!

I’m also eagerly awaiting OLF 2011 coming up September 9-11th in Columbus, OH. If you are anywhere near there you should try and make it out. I’ve been going since 2007 and it’s gotten bigger each year.

You can still register for free, but this year there will be a charge for walk-ins so do it now!

First Fruits

Posted by david on June 14, 2011 0 comments

Its been a wet spring but its finally warming up and we’ve got somethings in bloom. The cucumbers are coming steady but the onions are kinda puny. I suspect its do to the heavy rains compacting the soil.
Cucumbers and Onions

We’ve had a few strawberries, but this is their first full year so I don’t expect much.

Tomatoes part Duex

Posted by david on May 9, 2011 0 comments

So the tomatoes from seed I put out earlier didn’t make it :(. I think it was
a combination of it being too early (wait until Derby weekend!) and some
critter getting them. I need to setup a camera or something to watch them and
figure out exactly what it is.

At any rate, my wonder wife saved the day by coming home with some huge store
bought plants today. As she said “we _will_ have tomatoes by the fourth of
July this yet”. I do love that woman…

tomatoes

Tomatoes in the ground and frost tonight..

Posted by david on May 4, 2011 0 comments

I put out the brandywine tomatoes, cucumbers, and Mellons this weekend while the
girls played in the mud. Then on Wednesday I hear it’s suppose to frost
tonight. I knew I should have listened and waited until Derby weekend…

Guess I’ll be covering things up with sheets tonight, but at least the cherry
tomatoes and more cucumbers I’m starting from seeds will be ok.

Squash and Zucchini in the ground

Posted by david on April 21, 2011 0 comments

I am a bit early, but the straight neck squash were already getting flower
buds, so I went ahead and put them out. I’ll need to keep watch for frost for
the next couple of weeks and cover them if need be.

Seedlings

Posted by david on April 11, 2011 0 comments

The seedlings have been growing fast and I wanted to post in order to mark their progress. The squash and cucumbers have taken off. In the future I should probably start them a bit later than the peppers and tomatoes. Here’s a bad cell phone picture:

seedlings April 11

seedlings April 11

Starting from Seeds

Posted by david on March 28, 2011 0 comments

I’m getting started a bit late, but I finally got around to starting some seeds
for the garden this year. I haven’t bought anything new as I had lots left
over from last year.

I planted straight and bent neck squash, zucchini, Brandywine and Early Girl
tomatoes, water melon, cantaloupe, peppers and jalapeño peppers and some
cucumbers. I only had a couple of cucumber seeds left from last year, so I may
need to buy more this year.

I still need to get some onion and garlic bulbs. The corn that I sowed last
year seemed to do better than the transplants, so I’ll just sow it all after
the last frost this year.

PostgreSQL Warm Fail Over using Write Ahead Logs

Posted by david on February 25, 2011 0 comments

Introduction

A typical fail over method for any application is to have two identical
machines with all data stored on a shared SAN. This falls short on ensuring the
integrity of the database. Do we know that the database was properly shutdown
on the primary node before failing over? If not, data loss can occurs and the
only recovery method will be restoring from backup. This method also
introduces a single point of failure for the database in the shared storage.

Luckily, postgres provides a transaction logging method known as write
ahead logs (WAL). We can exploit these feature to create a live backup
of the production system on the fail over node. We’ll do this by
having the primary node copy it’s wal logs to the secondary node. The
secondary node will be in continuous recovery mode, reading the wal logs
and applying them to it’s database.

Pre-requisites

Before we begin, a few requirements:
1. Both machines must be the same postgresql version
This document assumes postgresql 8.x. Different solutions are available for postgresql 7.x and 9.x.
2. Both machines must be the same architecture (64 or 32 bit).
3. The primary node must be able to access the secondary node via ssh.
4. Install postgresql-contrib on secondary machine

Configure the primary node

1. Generate ssh key and place public key in authorized_hosts on secondary
# ssh-keygen -t dsa
# ssh-copy-id -i ~/.ssh/id_dsa.pub postgres@secondary
2. Enable WAL logging by editing postgresql.conf and setting the following values.

archive_mode = on
archive_command = 'rsync --delete-after -a %p postgres@secondary:/var/lib/pgsql/walfiles/%f'

Configure the secondary node

1. Create a directory for the WAL files
# mkdir /var/lib/pgsql/walfiles
2. Create /var/lib/pgsql/recovery.conf with the following contents:

restore_command = '/usr/bin/pg_standby -l -d -s 2 -t /tmp/pgsql.trigger.5432 \ /var/lib/pgsql/walfiles %f %p %r 2>>standby.log'

Initialize the cluster

1. On the primary run the following:
Please note that ‘dhreplication’ is an arbitrary tag, and can be set to anything useful to your configuration.
# psql -U postgres -c “SELECT pg_start_backup(‘dhreplication’);”
# rsync -avz /var/lib/pgsql/data/* secondary:/var/lib/pgsql/data/
# psql -U postgres -c “SELECT pg_stop_backup();”
2. On secondary run the following:
Edit /var/lib/pgsql/data/postgresql.conf and set ‘archive_mode = off’
# ln -s /var/lib/pgsql/recovery.conf /var/lib/pgsql/data/recovery.conf
A symlink is used above, as /var/lib/pgsql/recovery.conf will be removed when recovery is disabled.
# service postgresql start
3. Monitor for problems by watching /var/pgsql/pgsql.log and /var/lib/pgsql/data/standby.log on secondary

Testing fail over

1. On primary edit /var/lib/pgsql/data/postgresql.conf and set “archive_command = /bin/true”
then reload postgresql to make the changes active.
# service postgresql reload
2. On secondary
# tail /var/pgsql/pgsql.log /var/lib/pgsql/data/standby.log
# touch /tmp/pgsql.trigger.5432
3. You may now connect clients to the secondary server.

To resume running on primary

1. On secondary
# psql -U postgres -c “SELECT pg_start_backup(‘dhreplication’);”
# rsync -avz /var/lib/pgsql/data/* primary:/var/lib/pgsql/data/
# psql -U postgres -c “SELECT pg_stop_backup();”
2. Preform steps above to initialize the secondary server again.

External sources

http://www.xtuple.org/replication-how-to

http://www.postgresql.org/docs/8.4/static/high-availability.html

http://www.postgresql.org/docs/8.4/static/warm-standby.html

Exim

Posted by david on November 24, 2010 0 comments

Introduction

I installed the debian packages, so I didn’t need to compile anything. The basic configuration was done via the debian installer.

I found these links helpful in further configuring exim:

Setting up virtual domains
To add a new virtual domain, create file in /etc/exim4/virtual and add domain to /etc/exim4/update-exim4.conf.conf

Catch all alias

Virus scanning

I also wanted to drop connections after too many unknown users, so I added this to /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt

# Deny if more than 5 unknown users
  deny
    condition = ${if >{$rcpt_fail_count}{5}{yes}{no}}
    message = Too many unknown users

Stats

Stats are generating by running

eximstats -byemail -pattern "Rejected by SA" "/SAEximRejCond expand returned: '1'/"

from the log rotation cron job.

DNS Blacklists

I enabled the flagging of messages by adding the following to /etc/exim4/conf.d/main/02_exim4-config_options:

CHECK_RCPT_IP_DNSBLS = sbl-xbl.spamhaus.org:dnsbl.sorbs.net:combined.njabl.org:bl.spamcop.net:psbl.surriel.com

Command line arguments

To list all messages in the queue:
sudo /usr/sbin/exim4 -bp

To view a specific message header:
sudo /usr/sbin/exim4 -Mvh

To remove a message from the queue:
sudo /usr/sbin/exim4 -Mrm

To remove all frozen messages from the queue:
sudo /usr/sbin/exiqgrep -iz | xargs sudo /usr/sbin/exim4 -Mrm

To force a delivery attempt:
sudo /usr/sbin/exim4 -qf

ClamAV

I ended up having to install clamav from the volatile packages from /http://www.debian.org/volatile/ in order to keep it updated.

Antivirus test files: http://www.eicar.org/anti_virus_test_file.htm

Greylistd

This was silly easy to setup using these instructions

It boiled down to the following commands:

apt-get install greylistd

greylistd-setup-exim4 add

I did edit /etc/greylistd/config to change the length of time before a retry will be accepted to 30min (default is 60).

Spoofing work email

I wanted to be able to send email as $workaddress, and have it be accepted. To do this I had to add my user account to the MAIN_TRUSTED_USERS in 02_exim4-config_options