When running OpenSolaris SX:CE >= snv_100 on different flavours of VMWare (Fusion, ESX, etc.) one needs to change edit the grub menu to include "disable-pcieb=true" at the end of the kernel line. To do this you will need to hit "e" to edit on the grub menu item, and then "e" on the line for the kernel. At the end of the line if there is no "-B" with options after that, add the "-B disable-pcieb=true". Once you have installed OpenSolaris, you can go ahead and edit your /boot/grub/menu.lst and add this there as well.

Posted by Jacques Marneweck at 9:41 PM | Permalink | Comments (0) | TrackBacks (0)

I currently have 43 draft entries in my blog software (movable type) that I've not yet published as I have not gotten round to posting some of the posts.

Posted by Jacques Marneweck at 11:07 PM | Permalink | Comments (0) | TrackBacks (0)

Google have launched their "Public DNS" service - a similar service to the OpenDNS public dns resolvers. It is going to be interesting to see how much competition occurs. It is usually faster to use the OpenDNS public dns resolvers than one's upstream ISP's one. Not sure when Google will start adding additional features like OpenDNS like blocking access to malware sites, ability to see how many DNS queries you are making, etc.

If you want a non-filtered service at this point in time use the Google Public DNS servers (they are using Level3 for their upstream connectivity):

8.8.8.8 and 8.8.4.4

And if you like filtered DNS results you would want to use the OpenDNS ones:

208.67.222.222 and 208.67.220.220

UPDATE:

Quick stat from doing DNS queries against Google, IS and OpenDNS's cache servers:

Google: 546ms and 243ms
IS: 303ms and 36ms
OpenDNS: 432ms and 297ms

Looks like all three cache the results on their anycast clusters.

Posted by Jacques Marneweck at 7:36 PM | Permalink | Comments (0) | TrackBacks (0)

Interesting question for MySQL DBA's: do you prefer using the mysql cli interface and know the SQL statements to execute in order to do your admin work like creating databases or do you prefer using the mysqladmin interface? Personally I prefer using the mysql cli interface and executing things like 'CREATE DATABASE foo' rather than 'mysqladmin create blah' - I suppose I like the SQL queries over remembering the other way of doing things.

Posted by Jacques Marneweck at 7:18 PM | Permalink | Comments (0) | TrackBacks (0)

Finally managed to get round to upgrading movable type - need to hack my wpcp function to add files that haven't been added with svn add for some odd reason. I must admit that I like the cleaner appearance of the admin interface.

Added bonus is not having to spend a few hours upgrading the templates - it seems that they've fixed that broken feature this time around.

Posted by Jacques Marneweck at 12:12 AM | Permalink | Comments (0) | TrackBacks (0)

Seeing that I run into this jot gotcha every couple of months while writing shell scripts, I thought I would add a reminder for myself here (and so that google can pick this up for me next time).

On FreeBSD, by default you don't get access to the seq command to generate sequences, so you naturally will use jot for your shell scripting needs for generating number sequences.

So for example, we want to start with 0 and increment to 4 (one cannot use variables in the bash sequence generator, so {0..$max} won't work here. So for example we have 5 logfiles that we want to grok on a server and another has 6 so instead of hardcoding the varible on each server like {0..4} where we have 4, {0..6} where we have 6, we use jot and some nasty piping commands to get that number.

root# jot 4     
1
2
3
4

Okay so misread the manual very quickly and try:

root# jot 0 4
4
5
6
7
8
9
10
*snip*
93211
93212
93213
93214

Pass the number of iterations (5), start (0) and where it ends (4):

root# jot 5 0 4
0
1
2
3
4

Posted by Jacques Marneweck at 9:24 PM | Permalink | Comments (0) | TrackBacks (0)

I really hate educating people how to do the following, but a bit of an explanation around this. Mozilla Firefox 3.5 now does not play nice with wildcard SSL certificates where you do things like service.servername.example.com when you only have a wildcard SSL certificate for *.example.com - the guys at Mozilla have marked the bug as "Won't Fix" which basically means that one now needs to teach people how to bypass this warning.

The latest version of Mozilla Firefox 3.5 has issues with wildcard SSL certificates and is giving warnings that "This Connection is Untrusted" when visiting https://service.servername.example.com/ - this is unfortunately an issue with the Mozilla Firefox 3.5 web browser. You will need to click on the "Add Exception..." link, ignore the warning about "You are about to override how Firefox identifies this site. Legitimate banks, stores, and other public sites will not ask you to do this.". Click on "Get Certificate" and then click on "Confirm Security Exception". A bug is being filled with Mozilla about this regression in their software.

Hopefully Mozilla can release a patch Firefox 3.5.1 which reverts this regression in their software.

Anyway here is the list of bugs I'm going to be keeping an eye on for this issue:

• Bug 495339 - wildcards in SSL certificates no longer match multiple levels of subdomain
• Bug 159483 - cert name matching: RFC 2818 vs. backwards compatibility (wildcards)
• Bug 491406 - *.wiki.sourceforge.net not valid site for *.sourceforge.net SSL certificate

Posted by Jacques Marneweck at 4:30 PM | Permalink | Comments (0) | TrackBacks (0)

Currently playing around with the private beta of the Smart Platform from Joyent - took less than 2 minutes to deploy their hello world app (apart from me getting a bit annoyed with git). Need to still work on getting git to not warn me about:

$ git push
warning: You did not specify any refspecs to push, and the current remote
warning: has not configured any push refspecs. The default action in this
warning: case is to push all matching refspecs, that is, all branches
warning: that exist both locally and remotely will be updated.  This may
warning: not necessarily be what you want to happen.
warning: 
warning: You can specify what action you want to take in this case, and
warning: avoid seeing this message again, by configuring 'push.default' to:
warning:   'nothing'  : Do not push anything
warning:   'matching' : Push all matching branches (default)
warning:   'tracking' : Push the current branch to whatever it is tracking
warning:   'current'  : Push the current branch
Everything up-to-date

A basically static site took a while longer as I misread a page in the documentation and then had files sitting in the incorrect location. One still needs a bootstrap.js file even if you intend on just serving up static files.

Seems like one needs to tell git to only attempt to push the currrent branch using the following command gets rid of the warning when using git push in future:

$ git config push.default current

Posted by Jacques Marneweck at 8:48 PM | Permalink | Comments (0) | TrackBacks (0)

Sort of a note to self for the next time I bump into a very annoying issue with network cards that use the VIA Technologies Rhine I/II/III controller chips on network cards like the quite popular dlink (shows up under vrX in ifconfig -a) is that when you start binding multiple IP addresses on a vr card a few seconds later the card stops working.

Turns out there is a bug of sorts with the FreeBSD vr driver which needs some fixing so moral of the story for the moment is not using vr based network cards till this is fixed.

Posted by Jacques Marneweck at 11:38 PM | Permalink | Comments (0) | TrackBacks (0)

One of my pet peeves is currently when Twitter Search is down - there goes being able to zone into conversations on any given topic from bsdisms, following cloud computing, etc.

Tired of seeing:

Status: 500 Internal Server Error Content-Type: text/html 500 Internal Server Error

How difficult is it to fix something that was not broken when it was Summize?

This is what a reply from twitter looks like:

HTTP/1.1 200 OK
Date: Wed, 04 Mar 2009 20:52:44 GMT
Server: hi
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Expires: Wed, 04 Mar 2009 20:57:44 GMT
Vary: Accept-Encoding
X-Varnish: 1089043412
Age: 0
X-Cache-Svr: searchweb008.twitter.com
X-Cache: MISS
Via: 1.1 varnish, 1.1 bc1-rba
Content-Length: 122
Connection: Keep-Alive
Set-Cookie: _search_twitter_sess=*snipped*; path=/

Status: 500 Internal Server Error

Content-Type: text/html

500 Internal Server Error

UPDATE:

Okay it's up if I go via reverse proxy in the USA - so it's just down for South Africans.

UPDATE:

IS have added some rules to their netcaches and search.twitter.com is working again.

Posted by Jacques Marneweck at 10:20 PM | Permalink | Comments (0) | TrackBacks (0)

If you've not heard about it yet, there is now a website advocating not using Smarty. The time for using smarty has gone - but makes one wonder if Flickr, Facebook, etc. are still using it.

Posted by Jacques Marneweck at 7:38 PM | Permalink | Comments (0) | TrackBacks (0)

Just a quick blog post to say Happy New Year! 2008 seems to have flow by quite quickly and at the start of 2009 I've made a resolution to not make any resolutions as I never tend to be able to keep any of my new years resolutions. Hopefully this year I can get round to blogging more often which is something which I've not been following through on.

Posted by Jacques Marneweck at 11:44 PM | Permalink | Comments (0) | TrackBacks (0)

One of the joys of installing ports on FreeBSD is the odd occasion that the dependencies list is missing a dependency. is not installed you get nice perl errors in the case of the following

# cfgmaker public@127.0.0.1
Can't locate SNMP_util.pm in @INC (@INC contains: /usr/local/bin/../lib/mrtg2 /usr/local/bin /usr/local/lib/perl5/5.8.8/BSDPAN /usr/local/lib/perl5/site_perl/5.8.8/mach /usr/local/lib/perl5/site_perl/5.8.8 /usr/local/lib/perl5/site_perl /usr/local/lib/perl5/5.8.8/mach /usr/local/lib/perl5/5.8.8 .) at /usr/local/bin/cfgmaker line 105.

Turned out SNMP_util is missing and required a quick install of SNMP_Session to make cfgmaker work.

cd /usr/ports/*/p5-SNMP_Session
make install clean

One can see that the dependency list for mrtg excludes SNMP_Session:

# pkg_info -rR mrtg-2.16.2,1
Information for mrtg-2.16.2,1:

Depends on:

Dependency: perl-5.8.8_1

Dependency: p5-Socket6-0.22

Dependency: p5-Pod-Parser-1.35_2

Dependency: p5-IO-Socket-INET6-2.56

Dependency: p5-Digest-SHA1-2.11

Dependency: p5-Digest-HMAC-1.01

Dependency: p5-Crypt-CBC-2.30

Dependency: p5-Crypt-DES-2.05

Dependency: p5-Net-SNMP-5.2.0

Dependency: png-1.2.32

Dependency: jpeg-6b_7

Dependency: pkg-config-0.23_1

Dependency: freetype2-2.3.7

Dependency: libiconv-1.11_1

Dependency: gd-2.0.35,1

Anyways I need to send-pr a patch for the port to get this fixed in the ports tree.

Posted by Jacques Marneweck at 10:14 PM | Permalink | Comments (0) | TrackBacks (0)

I've made some patches to update Ruby On Rails version 2.1.0 to 2.1.1 where you make use of the unpacked gems and a subversion repository (running 'rake rails:freeze:gems' has a bad habit of leaving your working copy in a mess as it blows away your 'vendor/rails' directory and recreates it).

Download the patch files by using the following script and apply them into each directory under vendor/rails by running rails-updater.sh.

If you have issues with patching files (like when using svn eol-style:native for files) you may need to grab the failed files by doing 'gem unpack component' and copying those files over and removing the reject files. I've tested the patches on a couple of open source apps and it applied cleanly except to one working copy.

patching file CHANGELOG

patching file Rakefile

patching file lib/action_mailer/base.rb

patching file lib/action_mailer/vendor/text-format-0.6.3/text/format.rb

Hunk #1 FAILED at 1.

1 out of 1 hunk FAILED -- saving rejects to file lib/action_mailer/vendor/text-format-0.6.3/text/format.rb.rej

patching file lib/action_mailer/vendor/tmail-1.2.3/tmail/parser.rb

Hunk #1 FAILED at 12.

1 out of 1 hunk FAILED -- saving rejects to file lib/action_mailer/vendor/tmail-1.2.3/tmail/parser.rb.rej

patching file lib/action_mailer/version.rb

patching file test/abstract_unit.rb

Another way to fetch the files is to fetch them from the github website using url's like:

http://github.com/rails/rails/tree/v2.1.1//?raw=true

i.e. for the failed lib/action_mailer/vendor/text-format-0.6.3/text/format.rb mentioned above we would fetch it from the following URL - http://github.com/rails/rails/tree/v2.1.1/actionmailer/lib/action_mailer/vendor/text-format-0.6.3/text/format.rb?raw=true.

Posted by Jacques Marneweck at 1:04 AM | Permalink | Comments (0) | TrackBacks (0)

One gotcha when using exim to do authenticated SMTP one wonders why you keep seeing the following:

Return-path: <"email@add.re.ss"@server.host.name>
*snipped*
Sender: "email@add.re.ss"@server.host.name
*snipped*

One needs to modify your acl for acl_check_rcpt for authenticated SMTP connections to contain the sender_retain bit like below:

  accept  authenticated = *
          control       = submission/sender_retain

Restart your exim (in my case on FreeBSD I used /usr/local/etc/rc.d/exim restart) and send a email:

Return-path: <email@add.re.ss>
*snipped*
Sender: email@add.re.ss
*snipped*

Posted by Jacques Marneweck at 2:35 PM | Permalink | Comments (0) | TrackBacks (0)

One of my work colleagues, the ubergeek Ben Rockwood has started a podcast called SA Pro a podcast for Systems Administrators. In the first episode (episode zero) Ben chats together with with Joe Moore of Siemens and Mark Imbriaco of 37signals.

In the podcast we'll use one of two formats, classic 1-on-1 interview style and a round-table discussion format. This episode is the latter.

Together with Joe Moore of Siemens and Mark Imbriaco of 37signals we discuss the following questions:

1. What is the mark of a good SA?
2. What are the essential qualifications?
3. Does formal education and/or certs matter?

Whats really new and unique is that Joe, Mark, and I don't know each other. They both responded to a request for participants on the OpenSolaris SA's list and matched the qualifications I was aiming for, thats the extent of it. This is interesting because even though the three of us are in very different circumstances, have different histories, and are geographically separated, we're not very dissimilar. It amazes me how much unity there is among a group with so few governing institutions.

Posted by Jacques Marneweck at 5:41 PM | Permalink | Comments (0) | TrackBacks (0)

Jason Fried and David Heinemeier Hansson broadcast to 883 people from out of the kitchen at the 37 Signals offices. Audio is coming shortly. Please note that the audio is a bit choppy (due to broadcasting issues and bandwidth issues with Verizon in South Africa). I've normalised the audio as well as tried to remove as much noise as possible.

Feel free to download a copy of the audio file of the 37 Signals Live : Episode 2. The audio is being served from BingoDisk.

Posted by Jacques Marneweck at 9:12 PM | Permalink | Comments (0) | TrackBacks (0)

It's finally EOL time for PHP4 and they sneaked out a release of PHP 4.4.9 out a day later. Not too many changes to 4.4.9.

Posted by Jacques Marneweck at 10:03 PM | Permalink | Comments (0) | TrackBacks (0)

An interesting way of engaging with their community by doing a live Q&A session with their users online (with users submitting questions via an IRC interface):

UPDATE:

I've removed the video flash player - it seems that the 37 Signals guys did not record the Q&A session. I've found the live replay over here.

Posted by Jacques Marneweck at 11:20 PM | Permalink | Comments (0) | TrackBacks (0)

Quick note that the PEAR installer is missing (go-pear.org has expired and has been snapped up by some cybersquatters) and http://pear.php.net/go-pear renders a 404. So the current solution is to grab the go-pear install from CVS:


curl
"http://cvs.php.net/viewvc.cgi/pearweb/public_html/go-pear?revision=1.11
8&view=co" | php


Cool the pearweb crowd have fixed go-pear via http://pear.php.net/go-pear :)

Posted by Jacques Marneweck at 11:06 PM | Permalink | Comments (0) | TrackBacks (0)

Rafiq Phillips dropped by to drop off a copy of Quirk's book eMarketing written by Rob Stokes and the minds of Quirk.

Anyway it was too good an opportunity to not get a photo taken of Rafiq and Christopher Mills both wearing their WordPress hoodies:

Posted by Jacques Marneweck at 6:52 PM | Permalink | Comments (0) | TrackBacks (0)

Zed Shaw talks about Ruby Vulnerabilities.

Posted by Jacques Marneweck at 5:30 PM | Permalink | Comments (0) | TrackBacks (0)

I've been pondering for a while about the issue with blacklists. Some email providers are using stupid blacklists which block whole IP blocks just because there is one bad egg on the range. Then you get the guys who still use deprecated blacklists which are no longer being run which return false positives for every email they receive and wonder why they are not delivering any email! It's like using a sledge hammer to hit a small nail into the dry wall and you end up making a big hole into the next room.

Maybe it's actually time to reconsider how everyone is doing email blocking to reduce SPAM? Hotmail's approach is quite shocking. They just discard emails after accepting them. Yahoo! just places it in the junk mail folder.

Maybe one needs to start campaigns like 'Friends don't let friends use Yahoo! Mail'.

Posted by Jacques Marneweck at 11:43 PM | Permalink | Comments (0) | TrackBacks (0)

So sometimes one needs a standalone version of PEAR. Check out the the instructions on how to do an Installation of a local PEAR copy on a shared host.

This is quite useful when you are forced into using a clueless shared host who only have the bare PEAR installation on their servers, and have not ever considered installing DB, Mail, Net_SMTP, etc. which lots of people use instead of reinventing the wheel with each project. The added bonus of having and using your own standalone installation of PEAR is that you're able to install and upgrade your own PEAR installation as your need arises.

Posted by Jacques Marneweck at 10:55 AM | Permalink | Comments (0) | TrackBacks (0)

So Eric Edelstein is running a bit of a competition to see who can get better page ranking for the term springleap.

SpringLeap are doing things differently for their t-shirt procurement process. Designers submit designs and apparently on the 1st of April we will be able to vote for the best designs which will be made into t-shirts.

Some strange SEO techniques of building loads of backlinks and is being done with strange content writing pages. Not sure if that is the way to springleap into summer?

Posted by Jacques Marneweck at 9:45 AM | Permalink | Comments (0) | TrackBacks (0)

On Wednesday night spoke about an 'Introduction to Memcache' at the FB Developers Garage which was held at UCT. Chatted about various things ranging from Memcached, Starling, the Evented version of Starling, background queue processing, etc.

I will be writing a more detailed post during the course of the next few days or so.

Further reading in the interim and the patch for the memcache-client:

• Memcached
• Starling
• Evented version of Starling
• Patch for memcache-client

Posted by Jacques Marneweck at 7:31 PM | Permalink | Comments (0) | TrackBacks (0)

I've been reading the book Everyday Scripting with Ruby which was written by Brian Marick from Pragmatic Programmers, originally called Scripting for Testers, for the past couple of weeks and going working through the examples in the book to get a better grasp of ruby. I think this is the first time I've read a book written for programmers from other languages who want to get a better understanding of ruby, while getting to do some cool exercises to learn some more of the ruby magic. None of that nasty PHP way of doing things which rely on having silly settings turned on in your php.ini and that you hope you will figure out why something is not working to realise that you don't have register_globals on for example.

The approach Brian Marick takes is quite different from the various perl, python and PHP books I've read in the past, so that was quite refreshing that he has included various techniques that one can use everyday in your ruby programming. Having previously written some ruby utilities to do simple things the svnannounce, which basically sends commit messages to jabber recipients, I particularly enjoyed the learning how to write the code churn calculator as well as using the watchdog code with having multiple methods of sending messages out which I will look into extending svnannounce to handle sending svn commits to twitter, msn, etc.

The book is divided up into multiple sections starting with The Basics, Growing a Script, Working in a World Full of People, and The Accomplised Scripter.

The ruby facts chapters through out the book, I found quite informative as Brian explains various rubyisms like arrays, classes, booleans, hashes, modules, etc. which I've found cleared up quite a number misunderstandings I had with the ruby language having dived in and just started coding simplish things.

The scraping webpages section was fun. I've in the past written some nasty PHP code to scrape pages for part of a ISP Management console I wrote during where I'd scrape various pages on UUnet, now Verizon, dialup management console to see number of dial-up users online, users session history, etc. And need I mention that you use a lot less code with ruby than with PHP. Learning how to use regular expressions and the ruby xpath library was quite cool. The Xpath stuff sort of reminds me of python's beautiful soup for liquidising webpages.

I'm actually estactic that CSV file parsing in Ruby is so much easier than PHP. Numerous things I do utilise some form of file containing data that needs to be processed or exported. I've started porting a PHP reporting tool over to ruby and using ruby on rails for the web interface portions. Being able to natively write CSV files which export data in the correct order in ruby when working with arrays is fantastic.

It's actually great working through a excellent book for learning a language, having useful examples to learn the language and not just your usual build a basic shopping cart type examples but real world style examples to learn certain nifty features like argument lists for passing multiple arguments to a method without.

Things like learning how to structure your directories when creating a library for ruby and finding out if you'll have name clashes. Things like including modules within other modules has given me some ideas. There is seriously more magic available in ruby which is quite powerful compared to PHP.

A great way to learn how to automate tasks using ruby. Even touches a little bit on rake files, gems, bulk updating gems, and a lot more.

Posted by Jacques Marneweck at 9:26 PM | Permalink | Comments (0) | TrackBacks (0)

Someone is loosing the plot to believe that they can revoke a license given under the GPL for source code. IANAL, but one cannot revoke the license of source code, under the GPL or any other license just because you feel like it.

I have revoked the licensing under the GNU General Public License (herein after referred to as "the GPL") for the atscap version 1.1 codebase, all prior versions of the atscap codebase and all the various release candidates of the atscap codebase.

I have also revoked the licensing under the GPL for the pchdtvr version 1.0 codebase, all prior versions of the pchdtvr codebase and all release candidates of the pchdtvr codebase, including all of the various interim pchdtvr versions after version 1.0 and before the name was changed to atscap.

Read more of inkling's blog post on SF.net.

See this post over at Groklaw for more information about why the GPL License is a Non-Revocable license.

Posted by Jacques Marneweck at 11:50 PM | Permalink | Comments (0) | TrackBacks (0)

The CTO and founder of Joyent's Jason Hoffman will be in Cape Town next week and there is going to be a small Geek Dinner with Jason on Wednesday night. Let me know if you're keen to attend. All you pay for your dinner and drinks at the restaurant.

Posted by Jacques Marneweck at 11:21 PM | Permalink | Comments (0) | TrackBacks (0)

Rails is a Ghetto - A Rant from Zed Shaw, Mongrel developer:

Zed Shaw has been holding his mouth shut for some time about ruby on rails. Now that he no longer depends on RoR, he releases a rant about previous jobs, and some RoR developers.

Quite an interesting take on things in the rails community. I tend to avoid the rails community at large, and chat to the ruby community at large seems to be more productive.

Amazing how many tech people seem to get conned into working for free. Been there, done that, got the t-shirt.

Sometimes I wish the ruby on rails community were more like the general ruby community. Guys like RubyPanther, apeiros, etc. on #ruby remind me of back in the day getting the hang of PHP and chatting to clued up guys in the language while learning the language.

I'm going to be checking out the local Ruby scene tomorrow night. The local Ruby users group aka brigade is meeting at the barn.

Posted by Jacques Marneweck at 11:10 PM | Permalink | Comments (0) | TrackBacks (0)