Saturday, September 30, 2006

test from a treo 650

off to bed
laptop clone in progress
devices collected
alarm set
CEC starts today

CEC: Leaving Tomorrow


Getting on a plane to SFO tomorrow for CEC.


I should start packing any time now.


Decide which Camera(s) to take...Should I bring the D1x or just the point and shoot (and the camerphone)?

If I bring the D1x, I should stop with the yakshaving and clean it; I have a dusty sensor.


I want to go to the book store and pick up some reading for the plane, my laptop won't last for the flight and I may not be able to use it anyway.


I have also been meaning to take my little laptop to the office and update to a current build of Solaris 10, install frkit and grab an old wireless card. It looks like that isn't going to happen.


OpenGrok: My Experience


A few months ago I decided to install OpenGrok on my laptop so I could search the source and configuration files that we are using.


It was simple, I downloaded OpenSolaris Project: OpenGrok/ and Glassfish and installed and was up and running without any problems on my OS X 10.4.7 PowerBook. It was wonderful, I could search to my hearts content. Finding random bits of code that I wanted to reference in new work, all of the uses of "slapd" in a large pile of old monitoring configuration files or files that I knew existed but wasn't sure exactly where.


The only problem was that as installed it was impractical to share, I could point people to my http://mylaptop:8080/grok. But that was not so useful if I wasn't in the office or hadn't started the server. To rectify this problem I decided to install OpenGrok on our CVS/SVN/SCM server.


The following are some observations that may already exist in the wild, but I missed while poking around.




As usual read the instructions Glassfish does not run on Solaris 8, you can save maybe an hour or more of downloading and installation failure if you read a bit more. Particularly if you are installing on a old overloaded Netra T1.


  • Give the classifier more memory, you will run out on some of those large jar files that someone added I am setting max to 768MB.

  • OpenGrok really does a great job, I can find an old monitoring config based on a half remember comment

  • People really don't know what they are missing until they get a hold of it

  • paths.tsv...entries are relative to SRC_ROOT

  • Although it seems clear now, point to the checked out base of your source

Wednesday, September 27, 2006

Silly Blog Stuff


I have a friend who is involved with the structural work of building of satellites and such.


I have noticed that I don't have any readers (or even vaguely interested parties in Antarctica). After a recent event we were discussing yakshaving and I pulled up my blog. The Clustrmap of my blog shows the above lack of interest.


My friend Steve is hoping that he will be able to go to McMurdo Station for CREAM III(2007). He allowed that, as he was hoping to be down that way, that he would be happy to visit my blog to try and create a little dot on the map for me.


Which reminds me of a recent commercial..."Who's Agitating My Dots?"


On an yakshaving related note the New Horizons Probe to Pluto was also built by Steve (and or his company, that I can't remember the name of or find).


Sunday, September 24, 2006

Goings-On WO: 9/17/06


Last week was quite busy, and at the moment I am not even sure why.

I can look back and figure it out but off hand, I just don't know.


Two weeks ago I deployed OpenGrok for on the Managed Operations CVS/SVN server, I have been puttering about with an entry describing my results and experience for at least the last week. I hope to finish it up and get it posted in a couple of days.


We had a film crew on site shooting a marketing video, I worked myself into a couple of shots. I see a cutting room floor in my future.


We had (still have) a couple of conference rooms full of IMs and CDE from APAC for training.


Peter Weber had his staff onsite as well, the office and basically all of the conference rooms were packed.


In my spare time on Wednesday, Thursday and Friday I played with and paniced a Sun Fire X4500(a.k.a. Thumper). Much in the vein of my previous what not to do with your lab boxes post. After creating a 7.4TB fully protected zfs pool I started writing a 7TB file removing disks with cfgadm until I went from a degraded state to a system panic when it became impossible to safely and sanely write data to the volume. Quite neat actually, after the system rebooted all of the volumes were intact and resilvered automatically. This week I am hopefully going to try writing data directly to some disks to see data corruption detection in action then maybe zfs send/recv before we have to give it back.


Went for a ride on Thursday afternoon. The weather was fabulous mid 60s and sunny. About 20 Miles at 13.5 MPH with a coworker. We should have four or so this week, we have decided that Thursday afternoons are for group rides.


Saturday we went to an SCA event and helped out in the kitchen cooking a feast for 80 or so people.


Sunday we went to the Maryland Renaissance Festival with some friends (It was pirate weekend, many Jack Sparrows were sited) and a 22:45 hockey game that didn't start until 23:15.


Next week: CEC 2006


Tuesday, September 12, 2006

Blogging and such


I am about to purchase, or I am at least strongly thinking about purchasing NetNewsWire and ecto.


For feed reading and blogging respectively.


Suddenly having used a good syndication tool I am enjoying and reading a greater range of blogs and stories and such again.


Monday, September 11, 2006

CEC2006: Submitted


I just submitted our presentation, that was due today. (A couple of hours ago now)


With time to spare!


We really should have made time to do this earlier and saved ourselves some pain.


Now: Going to bed while my wife organizes the fight against a firewall problem.


Note: Shouldn't have stayed up till 3am fooling around with graphs, got them done much faster

today after sleeping. Also RRDTool Rocks (Still)


Next: Sleep, Presentation Review


Sunday, September 10, 2006

Encrypted FS on Solaris 10, Ugly Hack


This is an off the cuff solution to encrypted file systems on Solaris 10 in response to OpenSolaris Adventures which mentions concerns about file security given physical access to a device.





Until zfs has crypto support or encrypted lofi is available, you could set a bios password. Or create your own loopback file based fs. Of course if the file is decrypted and the attacker steals your laptop you are out of luck. So only having the decrypted data in /tmp would offer some protection.





The poor man's version would be something like:

1) Make a source file (Preferably in /tmp)

2) Create a Loopback

3) Layout a filesystem

4) Add content

5) Encrypt (To not /tmp)

6) Delete source file




Ongoing Usage scripted as:

1) decrypt /var/tmp/encrypted.current to /tmp/decrypted

2) create lofi and mount

3) encrypt to /var/tmp/encrypted.new

4) delete decrypted file

5) Move encrypted.current to .bak and new to .current



Steps 1 - 4:


t2000-10# mkfile 10m /tmp/foo

t2000-10# lofiadm -a /tmp/foo

/dev/lofi/1



t2000-10# newfs /dev/lofi/1

newfs: construct a new file system /dev/rlofi/1: (y/n)? y

/dev/rlofi/1: 20468 sectors in 34 cylinders of 1 tracks, 602 sectors

10.0MB in 3 cyl groups (16 c/g, 4.70MB/g, 2240 i/g)



t2000-10# mkdir /tmp/foo_mnt

t2000-10# mount /dev/lofi/1 /tmp/foo_mnt

t2000-10# cat /usr/man/man1/* | nroff -man > /tmp/foo_mnt/important.txt


Content is visible to the casual viewer:




t2000-10# cat /tmp/foo | strings | head -100

...

Moi2

a subcommand and no arguments is

an error. This guideline is provided to allow the

common forms command --

p, command -?

?, command

--

n, and command -V

V to be accepted in the

command-subcommand construct.

Several of these guidelines are only of interest to the

authors of utilities. They are provided here for the use of




t2000-10# umount /tmp/foo_mnt

t2000-10# lofiadm -d /dev/lofi/1


Step 5:


t2000-10# time encrypt -a 3des -v -i /tmp/foo -o /var/tmp/3des_encrypted

Enter key:

[..................|...................|...................|...................]

Done.

encrypt -a 3des -v -i /tmp/foo -o /var/tmp/3des_encrypted 4.44s user 0.63s system 60% cpu 8.434 total



t2000-10# rm /tmp/foo



Simple check to see if data is still accessible:


t2000-10# lofiadm -a /var/tmp/3des_encrypted

lofiadm: size of /var/tmp/3des_encrypted is not a multiple of 512



t2000-10# file /var/tmp/3des_encrypted

/var/tmp/3des_encrypted: data



t2000-10# cat /var/tmp/3des_encrypted| strings

...


Accessing Encrypted Data:


t2000-10# decrypt -v -a 3des -i /var/tmp/3des_encrypted -o /tmp/decrypted_fs

Enter key:

[..................|...................|...................|..................]

Done.



t2000-10# cat /tmp/decrypted_fs| strings | head -100

...

VkQP

a subcommand and no arguments is

an error. This guideline is provided to allow the

common forms command --

p, command -?

?, command

--

n, and command -V

V to be accepted in the

command-subcommand construct.

Several of these guidelines are only of interest to the

authors of utilities. They are provided here for the use of



t2000-10# lofiadm -a /tmp/decrypted_fs

/dev/lofi/1



t2000-10# mount /dev/lofi/1 /tmp/foo_mnt





Checking Contents:


t2000-10# cd /tmp/foo_mnt

t2000-10# head important.txt



User Commands Intro(1)



NAME

Intro, intro - introduction to commands and application pro-

grams

Thursday, September 7, 2006

CEC 2006: Procrastinating

I am currently working on our presentation for the Sun Continuing Engineering Conference 2006.




We are presenting "Managing Systems at Grid Scale"




In December 2005 Sun Managed Operations (aka SevenSpace) took over the infrastructure management for commercial and retail sungrid deployments. Managing at grid scale raises many challenges to tools and operations mind-sets when compared to traditional enterprise systems management.





I am going to go home and try to work on my slides.




Things to do at CEC:
Find Bill Walker and try to get a Very cool fridge magnet...




I will have to bring my oh so tiny Solaris Laptop with me.