Caleb Cushing's Blog

Gradle With Gdub

Thu, 28 May 2020 13:22:49 -0500

So I found this cool tool the other day when researching how to do Gradle multi-module (monorepo). The tool is called gdub and what it does, is it behaves more or less like git, instead of having to be in the directory with ./gradlew all you have to do is be in the directory, or a sub directory, and it will fall back to gradle on the path if ./gradlew isn’t present.

Beware of SQL injection with Spring Boot and Flyway

Mon, 01 May 2017 00:00:00 +0000

So this is a hard to accomplish exploit, and is really only accomplishable by first exploiting another exploit first, or by an employee with some level of trusted access, though this employee might not normally have actual database access. I do believe you should be aware of it, as it leaves open an avenue you may not be thinking of. A sample application So the first thing we need is an application that uses Flyway, let’s just use the Spring Boot Flyway Sample.

From Perl to Java

Thu, 30 Mar 2017 00:00:00 +0000

What’s next This is my last post that targets IronMan. So if you want to keep reading my blog, which will probably argely be a mix of security, and java with occasional dev ops, please subscribe directly. If you have suggestions for what categories I should collect things under fee free to comment. Currently the only for sure category is Security. Why not Perl? This post is 3 years in the making.

Goodbye blogger, migrating this weekend

Fri, 17 Mar 2017 08:41:41 -0500

Well it’s the end of a decade of blogging with blogger for me. Though you’ve probably noticed I haven’t really been blogging for the last 2 years. I hope that’s a combination of these 2 things, but no promises. writing a tech blog with blogger is incredibly painful when I switched from Perl to Java I wasn’t an expert, and had little to contribute So I’m sure you’re wondering what I’ve switched to?

Log (CRLF) Injection with SLF4J

Mon, 27 Feb 2017 04:00:00 +0000

At my job we have a CIO installed policy of remediating issues found by a static analysis tool and what it finds are most targeted at finding security issues. Currently this tool is Veracode, and I don’t recommend it, it misses more problems than it finds, and what it finds, including this issue, are often false positives. Our most common issue, is CRLF (Carriage Return Line Feed) or other log injection, which we have mitigated in a custom log appender (which Veracode doesn’t recognize).

Falsehoods programmers believe about versions

Tue, 04 Aug 2015 10:40:00 +0000

given Jeff Atwoods recent blog post and an inspiration today for me to write a “falsehoods” about versions. If you’d like to contribute yours please feel free to send me a pull request, it’d be greatly appreciated. versions always increase versions are numbers versions are strings versions are semantic versions are decimals a major number of 1 or above means stable api versions with the same major number will have the same api versions have numbers, periods, and maybe a preceding v semantic is always the best way to go versions are consistent within a project semantic versions will never see double digits or triple digits within dots at least if you’re using a semantic version people can compare it correctly versions will be consistent amongst projects in a given language or community semantic versioning cannot be represented as number or decimal as long as the versions increase the length of the version doesn’t matter if versions have the same number they are equivalent in a given archive all code will have the same version semantic versions can only have 3 positions dates are bad for versions versions always increase by exactly one

Single Repository, one Aggregate

Thu, 02 Jul 2015 02:00:00 +0000

A Repository as defined in Domain Driven Design manages a single Aggregate. An aggregate may contain many entities, and value objects, but will have a single object as its root. Many of the Dao and even now some of the Repository implementations I see do not follow this, they are more likely to have a Repository per entity, than a Repository per aggregate, and of course in some cases this is required for various reasons.

Continuous Integration with Wercker and Maven

Sat, 20 Jun 2015 14:40:00 +0000

I’m going to walk you through getting mvn test running in wercker, on the new docker based api. First let’s talk about what Wercker is and why you’d want to use it. Wercker a continuous integration and deployment web application. It will all you to run any language or stack. It currently is free for both private and public repositories; I am hopeful that once it comes out of beta it will maintain reasonable pricing for small personal private projects (Most CI’s are ridiculously priced for hobby projects).

Abandoning all Perl modules

Sun, 03 May 2015 15:26:00 +0000

As of today I have decided to remove myself as maintainer/co-maintainer of all my Perl modules. Feel free to adopt them

Premature optimization is not evil

Wed, 07 Jan 2015 20:46:00 +0000

Or rather people should stop saying this because most of the people that say it don’t actually seem to actually know what is meant by “Premature Optimization” or how to determine when it is evil. I’ve heard people say premature optimization is evil to asking. “Is there a 3rd party library that does this more efficiently?” (knowing if there are better options is premature optimization?), “Thinking about architecting your app for horizontal scalability is premature optimization” (it is if the design is significantly more complex, but if it’s just between using REST and ensuring stateless (which is about the same complexity up front, but it’d be harder to convert later)), “wanting to do Dependency Injection is.

10 ways of implementing Polymorphism

Tue, 07 Oct 2014 04:00:00 +0000

Firstly what is Polymorphism and why is it so important? Polymorphism is the ability to have a many implementations of a behavior that conform to a single interface. Put in perhaps slightly better, pragmatic terms, you have one implementations of a caller, that can operate on many implementations of a “parameter”, without conditionals, or changing the callers code. For instance the following, pseudo?, Perl 6-ism method handler( $obj ) { $obj.

Celebrity nude scandal, on security, an analogy

Sat, 20 Sep 2014 11:25:00 +0000

Though I won’t say they aren’t victims of a crime… What the victims did is fundamentally the equivalent of using skeleton keys in the modern day. What apple did or rather didn’t do, is prevent that. Apple could have used a tool like cracklib, and said at the time of password creation, this is too short, this is not random enough, we are refusing to allow you to put this skeleton key lock on your front door.

Using Spring to create a full REST API in less than 60 lines of code

Tue, 02 Sep 2014 22:42:00 +0000

Spring with Spring Data is awesome. Seriously, I’ve never been able to throw up a full HATEOAS REST web service this fast. To start, I’ll admit my headliner lie, I’m not counting the pom.xml.

Writing deprecation notices in perl, optionally with Moose

Tue, 01 Jul 2014 08:49:00 +0000

Sometimes you want to remove behavior from your code in a future version, here’s the right way to do it.

Java Privacy, broken by design

Tue, 03 Jun 2014 04:00:00 +0000

It is worth noting that none of the following arguments apply to anything using the keyword static which makes things more procedural (or in some cases functional, than Object Oriented. The suggestion in Java is to give the least required permission, but this, in my humble opinion, violates the Open-Closed Principle. Java has four privacy levels. Giving something the least permission required to function is fine in a Security context, privacy in programming however is simply there to discourage developers from doing stupid things.

Two Hundred Posts

Tue, 06 May 2014 04:00:00 +0000

My blog is 6 years old and 200 posts, and over 120k hits, Probably my first interesting post is when decided I was switching to git from svn, and it’s not very interesting, and I think much more poorly written than I write things now. Since then I’ve re-skinned the blog to new templates at least twice. I now list books that I recommend on the right side of my blog, and I’ve ensured that all content is clearly licensed under the creative commons.

REST, ROA, and HATEOAS often leads to bad webservice design

Wed, 02 Apr 2014 04:00:00 +0000

This is not to say that they are bad, but I find that all too frequently the resulting API’s are poorly designed due to forgetting one thing, RPC (Remote Procedure Call) is expensive. Now by RPC, I do not mean custom messaging formats such as SOAP, or XML-RPC, I mean calling a method on a remote server. Do not think that just because you are using HTTP as the message format with something like XML or JSON, that calling GET /resource, is significantly all that different from calling get_resource in a SOAP call.

Matching Hex characters in a Regex

Thu, 13 Mar 2014 15:41:00 +0000

I’ve noticed a common problem with regular expressions and Hex Characters, so I thought I’d blog about it. The most common way to regex a UUID, or SHA1 or some other hex encoded binary value is this (and I’ve seen this in Perl libraries and StackOverflow answers). [a-f0-9] or [A-F0-9] Neither of these are correct as Hex is case insensitive and both of these regex’s are. Hex is most commonly lowercase (unless you’re Data::UUID), but that’s an aesthetic, not a requirement.

The ShareDir Problem

Thu, 27 Feb 2014 15:47:00 +0000

Some of you may have noticed a while back that converted Pod::Spell to the use of File::ShareDir::ProjectDistDir instead of keeping the wordlist in Pod::Wordlist::__DATA__. This move was made in conjunction with making Pod::Wordlist an Object, and in preparation for a time when you’ll be able to specify your own wordlist file. It was also made so that non technical contributors could more easily update the wordlist without going near anything that looked like code.

Advent, good idea, but problematic execution

Sun, 01 Dec 2013 15:00:00 +0000

So advent is 24 days of high quality tutorials, and it’s great, and ++ too all the people who make articles. But I’ve got a problem… it never shows up in my feed that I read in Feedly (formerly read in Google reader). This is compounded by the fact that there are many advents, each with there own yearly feed… so each year I have to poke around at the various projects to see if they’re doing advent, and if so to subscribe to the feed.

Would You Miss Autoderef in 5.20? solutions in search of a problem

Sat, 02 Nov 2013 02:13:00 +0000

This is a response to Chromatics blog post Would You Miss Autoderef in 5.20?, because I can’t ever get comments to work on his MT for something like a year (500, or some blogger openid incompat). In all honesty I don’t find either particularly interesting. I’ve too often been targeting 5.8 or 5.10 for syntax… @{ $foo } is really the most I’ve ever needed,@$foo is nicer, but beyond that don’t need it.

Providing with Providers and Bread::Board

Wed, 23 Oct 2013 05:56:00 +0000

So when I started using Dependency Injection the following problem happened, how do I Inject this dependency when the container is not accessible at this point. Ok, that sentence even confused me a little bit, so what do I mean. Let’s say I have a Repository for Products that is injected into my controller. Each Product stored has one or more ProductVariants that is part of it’s aggregate, which itself has Nested Categories.

Thinking of presenting at YAPC::NA 2014

Mon, 02 Sep 2013 04:40:00 +0000

So I’m thinking of proposing some talks for YAPC::NA Orlando, and/or maybe do some training. Here’s my thought on what I could do that would be a contribution and different from other talks. For Training it might just be a combination of all of the concepts I could do as individual talks. Basically the idea is “I’ve learned Perl and Moo[se], now how do I build a large application”. UML SOLID Object Oriented Design Design Patterns Domain Driven Design Patterns of Application Architecture Service Oriented Architectures, REST, ROA, RPC (including RESTful RPC and Resource Oriented RPC), and Pub/Sub ORM Patterns ( Active Record / Data Mapper / Transaction Script ) MVC Layered Architecture Ports and Adapters Dependency Injection ( with Bread::Board ) Let me know your thoughts.

Pod::Spell maintained but could use more hands

Mon, 05 Aug 2013 04:00:00 +0000

Just before my abrupt departure from my former employer, I took over maintaintership of Pod::Spell. I have started working to clean up the code, add modern and more tests, and improve the wordlist. There is much to be done on this front. More tests are needed yet, to ensure no accidental breakage. There’s possibly a unicode bug lurking within Pod::Spell. More words are needed for the wordlist. Patches are welcome as I don’t have all the time in the world to work on it.

Changing default behavior of File::chmod

Sat, 06 Jul 2013 06:03:00 +0000

File::chmod has been around for a long time, and is really stable, and really hasn’t changed since 1999. It is far more user friendly than thechmod() in core Perl. I recently used it for an interview test. It took me a few times to get right however because it’s default behavior in symchmod() mode is to use the systems umask. I find this to be very confusing behavior. I actually thought it was a bug at first, and asked for comaint since it hadn’t been updated in so long.

Moose Interface Pattern with parameter enforcement

Sat, 25 May 2013 13:29:00 +0000

Moose interfaces are problematic, for 2 reasons. They are compile time, but runtime features such as attribute delegation could provide the interface (role ordering is the real problem here) They don’t ensure anything other than the method name. I think this problem can be solved better by using around instead of requires 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 package Interface::Create; use Moose::Role; use Type::Params qw( compile ); use Types::Standard qw( slurpy HashRef); around create => sub { my $orig = shift; my $self = shift; state $check = compile( slurpy HashRef ); my ( $obj_args ) = $check->( @_ ); return $self->$orig( $obj_args ); }; 1; Ordering of course still matters here as you can have multiple around modifiers on a method.

Inversion of Control Principle

Thu, 03 Jan 2013 21:00:00 +0000

If you’re not familiar with the term “Inversion of Control”( IoC ) or “Dependency Injection” ( DI )you may wish to start with Martin Fowler’s post on the subject. If you’re looking for a way to do it with Perl, Bread::Board is the way to go. This post however is about the theory behind it, and a path to grokitude if you’re finding the concepts challenging. I should advise that I am not yet a buddha on implementation.

Override DNS on a Linux system without root

Thu, 06 Dec 2012 21:00:00 +0000

I had this problem for a long time, and no one ever proposed a good solution. Recently I got a new answer on my, almost 2 year old, Unix and Linux StackExchange question. This information seems very obscure and so I thought I’d share it, if you too have had this problem and were unable to find this, or at least found finding it hard, consider upvoting the answer. Problem You’re using a Linux system that you don’t have root on, you need to override the DNS of the system.

Business::CyberSource API is stabilizing as of 0.7.x

Wed, 07 Nov 2012 21:15:00 +0000

Interface Driven Design

Sat, 03 Nov 2012 05:37:00 +0000

What is Interface Driven Design? Interface Driven Design simply means that you should design your software around a flexible, easy to use, easy to understand interface. This is easy to achieve if your objects are of SOLID design. There is a simple table and reference link if you’re not familiar with the principles. My Work is SOLID already Then you’re on the right track but it’s not enough if you don’t fully marry the concept to best practices.

UML Tools

Wed, 05 Sep 2012 06:00:00 +0000

Why UML? Many people appear to think that modelling is only for academic textbooks and school. Several months ago I worked on a project that failed, for numerous reasons, but some of the reasons were mine. So I set out to figure what it was that I didn’t know, that would have allowed me to build this system I had been asked to. After reading Patterns of Enterprise Application Architecture, Domain-Driven Design: Tackling Complexity in the Heart of Software, and Design Patterns: Elements of Reusable Object-Oriented Software and realizing that all of the great books used UML.

Where's 5.16.1?

Tue, 24 Jul 2012 11:58:00 +0000

Per the 5.12 release announcement This release cycle marks a change to a time-based release process. Beginning with version 5.11.0, we make a new development release of Perl available on the 20th of each month. Each spring, we will release a new stable version of Perl. One month later, we will make a minor update to deal with any issues discovered after the initial “.0” release. Future releases in the stable series will follow quarterly.

Perl Core Syntax Wishlist: Role Support

Mon, 11 Jun 2012 06:00:00 +0000

I want to see Role’s added, even PHP got Traits before Perl. It doesn’t have to be a huge thing, in fact all I want is the composition aspect. Let me do this: 1 2 3 4 5 6 7 8 9 package MyRole { sub foo { return 'test' } } package MyClass { with 'MyRole'; ... } MyClass->new->foo; I don’t really want or need anything else right now, just that would be fine.

New Module: MooseX::RemoteHelper (RFC)

Mon, 04 Jun 2012 06:00:00 +0000

Perl Core Syntax Wishlist: Class support

Mon, 28 May 2012 06:00:00 +0000

I would like to see the classkeyword become part of Perl, but unlike some I don’t want it simply because it’s nicer syntax. I’d like it to behave differently from package. I’d basically like to see this class MyClass {method foo { return $self->{foo} }method info { return load_class(‘Class::Info’)->new }}to be the equivalent of {use strict;use warnings;use utf8; # so our class can be named with utf8package MyClass {use namespace::autoclean;use Scalar::Util qw( blessed );# use Class::Load qw( load_class );# or similar for a feature that I’m hoping will be in Class::Load in the future# for now I’ll show with requiresub new { # or something better, point is that there’s a default simple constructormy $class = shift;my $self = ref $[0] eq ‘HASH’ ?

Better Exceptions with Exception::Base

Mon, 21 May 2012 06:00:00 +0000

So I’ve done some complaining and explaining about what I’d like to see in regards to Exceptions in Perl. I Mostly explained what I wanted for catching Exceptions, and a little on throwing Exception objects, but not really how those objects should behave. I’ve looked at and tried various exception modules, including croak, confess, and Throwable. I basically spent time one day reading the manuals of most of the exception objects on CPAN.

Perl Core Syntax Wishlist: die should die

Mon, 14 May 2012 06:00:00 +0000

I hate die it is, in my humble opinion, one of the worst parts of perl. I really wish it would be deprecated, and removed, or at least replaced with something that would tell you were the code that was die-ing was being called. Replace its implementation with that of Carp’s croak or confess and I’d be happy. Better yet, let’s just get real exception support and deprecate die (even if that’s never removed deprecation just make that real big on its pod).

Perl Core Syntax Wishlist: an Exception Stack

Mon, 07 May 2012 22:30:00 +0000

I have come to wish many things were part of Perl syntax that are not, and no using external modules is not enough for me. I think it’s time Perl got the features as part of the language itself (and yes I suppose I could settle for feature.pm, and no I’m probably not going to write them myself, I’m not smart enough yet). The first of these is a proper exception stack.

Adventures with SOAP using Perl: Part 2 ( SOAP::Data::Builder )

Sun, 11 Mar 2012 16:59:00 +0000

Simple scripting CLI with Expect.pm

Sun, 04 Mar 2012 02:04:00 +0000

Adventures with SOAP using Perl: Part 1 ( SOAP::Lite )

Sat, 22 Oct 2011 15:00:00 +0000

The most prevalent of SOAP libraries for Perl is SOAP::Lite it is the oldest and most documented. Though for all of its documentation it can be quite painful to figure out how to use it. First make sure you’ve read Part 0 to set up the server. Once that’s done let’s look at the most simple way to interface with this server. In our first example we need to send a request to getCountries, which is a method provided by the API.

Adventures with SOAP using Perl: Part 0 ( prelude )

Sat, 15 Oct 2011 15:00:00 +0000

This is a prelude to a series on working with SOAP Requests using Perl. For the past 3 months I have been working on a Perl API for CyberSource’s Simple Order API which uses SOAP (I should note, that although I believe most of the API is now stable some area’s still need work, and thus I don’t expect it to reach 1.0.0 anytime soon). First I used SOAP::Lite to do my requests, but I found it confusing to construct the requests that I needed to make.

Experience with having a non Dist::Zilla user contribute to a Dist::Zilla project (it's not hard for them or me)

Tue, 05 Jul 2011 02:02:00 +0000

I’ve heard many times that Dist::Zillamakes it harder for people to contribute to the project. This is not true, it is either unfortunately either ignorance or FUD (much like saying Linux is harder to use than Windows). Truly, there are things that some dzil users do that canmake it harder, but it doesn’t have to be that way. Michael Schwern recently contributed to one of my dzil projects without ever realizing I was using dzil, until I told him.

My solution to not using PluginBundle:AUTHOR for dzil is git

Sun, 05 Jun 2011 15:24:00 +0000

I am now tired of updating my dist.ini’s for my Dist::Zillaprojects. For many people this is when they start using a PluginBundle with their authorname. I discussed why you shouldn’t do this a year ago. Now that I’m tired of managing my dist.ini’s on an individual basis I’m going to show you how I’m going to solve the same problem everyone else is, which is getting tired of updating your dzil configuration for all of your projects.

Regen2 accounts transferred

Sun, 05 Jun 2011 12:56:00 +0000

I killed regen2 about 2 years ago. Today I was contacted by Rafal Kupiec asking about the project. Since it’s dead he asked if he could take over the project. I have transfered the github account, and freenode channel #regen2 to him. The google groups are remaining archived. At some point in the future there should be a site at asiotec.orgI have no idea what he plans on doing with it.

Test::Version under maintenance again

Wed, 01 Jun 2011 09:50:00 +0000

About 4 months ago russoz (Alexei Znamensky)sent me a message about quoting the versions generated by Dist::Zilla::Plugin::OurPkgVersion. I was a bit skeptical at first about needing it, and the suggestion seemed to have more to do with style anyways. But after digging a little I found to my horror that OurPkgVersion was generating completely invalid multipart version strings, e.g:our VERSION = 0.1.0;Which doesn’t work. I was shocked because I was using Test::HasVersion.

New beginnings

Tue, 31 May 2011 23:48:00 +0000

Since I truly last posted a lot has changed. I moved to Houston, TX, USA (from MI) for a position as a Linux System Administrator. As of this week I’ve been moved to the programming department in my company, coding Perl. I’m also an elected moderator on StackExchange’s Unix & Linux. Of course there’s always updates to my CPAN dists.

Adding and Deleting subdomains with Plesk on the Command Line

Fri, 29 Apr 2011 07:31:00 +0000

Plesk has the disadvantage that everything is done through thedatabase. So we can’t just modify Bind’s Zone files.To add an A record of a subdomain you have to do the following:/usr/local/psa/bin/dns -a domain.tld -a subdomain -ip 127.0.0.1the first -a is for add to zone which is why it must specify the toplevel domen, the second is for A record, and must not contain the fulldomain only the subdomain. If you use the full domainsubdomain.

Writing a simple Dist::Zilla::Tester test

Wed, 10 Nov 2010 08:59:00 +0000

Hopefully, someone will use the blog post to write an actual doc patch, seeing as how this is undocumented. I finally wrote A test for DZP::OurPkgVersion with the help of CJM. So I figure it’s best to share the knowledge imparted upon me to all those who are writing plugins without tests. Before we get started I’m going to advise that this test will only check the output that dzil built, if you need it to test anything more sophisticated, you’ll have to learn more.

Making Secure Recoverable Passwords ( part 3 )

Wed, 03 Nov 2010 08:12:00 +0000

If you haven’t read Part 1please do so.Although the criticism of Part 2should be taken with a grain of XKCD Salt, and even the primary plaintiff admitted that it would take him 2 months to crack the final salted sha512. Usually your attacker shouldn’t have your shadow file, and having stored them as anything less is just plain not secure. I will acknowledge it has some merit.Doing a base64 transformation on hex only digits is a bad, idea, and does not have nearly enough possible combinations.

Ubuntu isn't Linux, What's a Beginner anyways?

Thu, 02 Sep 2010 16:45:00 +0000

Today Joel Spolsky announced The resultsof the pollof whether ubuntu SEand unix SEwould be merged, they won’t. In short the Unix community was in favor of it but the Ubuntu community was not. Joel had this to say: So, Ubuntu, Linux, I get it, it’s clearly not the same thing. If you love Ubuntu, we have a site for you. If you love Linux and Unix, we have a site for you.

I need a new favorite OSI license or Why I don't like the GPL anymore

Fri, 06 Aug 2010 03:11:00 +0000

I don’t like the GPL anymore after the WordPressThemefiasco. I don’t like the idea that a theme, plugin, addon, extension, whatever is ‘derived’ from the thing it’s adding on to and thus must also be GPL.If I build a deck onto the back of my house is that deck derived from my house? No! if I take the blueprints of my house and build another one that’s 80% like it is that house derived from my house?

Some Stack Exchange site's I'd like to see come to fruition

Tue, 03 Aug 2010 12:20:00 +0000

If you can't beat them, join them

Mon, 02 Aug 2010 12:53:00 +0000

I have been heavily criticized for criticizing, critiquing, and complaining about lack of quality in open source projects. I have done these things because I care, generally because I care about that specific project, or Open Source (or whatever I’m talking about) in general. I’ve been attacked, insulted, and sworn at. I’ve recently come to the realization that the community support that behavior, to the point that they won’t stand up against those doing it.

Creating new projects with dzil new and templates

Fri, 30 Jul 2010 18:00:00 +0000

Here I talked about creating a new catalyst project using a minting profile for Dist::Zilla. If you don’t know how to create a minting profile read that first. I’m sure once you’ve tried that you’ll agree that having a little bit more than the basics in a newly minted dist would be a good thing. first we need to create our profile.ini correctly 1 2 3 [GatherDir::Template] root = repo include_dotfiles = 1 (note: if you’ve got [DistINI] plugin loaded you’ll probably want to remove it) Now you can put any file in the subdirectory repo of your profile (if you leave out include_dotfiles = 1 then anything beginning with a .

Don't Use Big Words

Mon, 26 Jul 2010 16:54:00 +0000

Next time, in promulgating your esoteric cogitations, or articulating your superficial sentimentalities and amicable, philosophical or psychological observations, beware of platitudinous ponderosity. Let your conversational communications possess a clarified conciseness, a compacted comprehensibleness, coalescent consistency, and a concatenated cogency. Eschew all conglomerations of flatulent garrulity, jejune babblement, and asinine affectations. Let your extemporaneous descantings and unpremeditated expatiations have intelligibility and veracious vivacity, without rodomontade or thrasonical bombast. Sedulously avoid all polysyllabic profundity, pompous prolixity, psittaceous vacuity ventriloquial verbosity, and vaniloquent vapidity.

Making re.pl usable

Sun, 25 Jul 2010 18:00:00 +0000

For starters I’m not a super fan of interactive shell’s for non-system shells. I don’t see the point as much. When I first tried Devel::REPL I didn’t like it at all, compared to every other interactive shell I’ve used (with the notable exception of Oracle’s SQLPLUS, which is the worst shell ever) it was an unfriendly toy not worthy of mention. I couldn’t go up in history, there was no tab completion, and all in all the default output was ugly no colors or formatting.

Making secure recoverable Passwords (Part 2)

Fri, 23 Jul 2010 21:32:00 +0000

This has been prompted by Dave Jacoby’s post on generating passwordsand the fact that I’ve learned a new trick since my my first article in 2008; which you should read first (it’s a prereq).Some might point out that using a hex digest limits the characters that will be generated too much, do this then.echo -n “date” | sum | base64So let’s say you have to change your password every month. Pick a day, let’s say the second Tuesday of the month.

Annoucing Template::Plugin::Haml

Wed, 21 Jul 2010 08:10:00 +0000

A few months ago we had an assignment in Web Server Admin to create a CGI page, of course the perl was just to print text not actually do anything more, but I decided to use CGI.pmjust because I never had. The whole thing was nothing more than hello world.#!/usr/bin/env perluse 5.012;use CGI qw(:standard);say header,start_html(‘hello world’),h1(‘hello world’),end_html;and I thought, wow I can write all that html with just that? why can’t I use that syntax as a templating language.

A page for Perl WebHosts?

Fri, 16 Jul 2010 00:09:00 +0000

We need a page linked from Perl.org that says ‘Get Hosted’ (or something like that). The page will have a list of the top 10 Perl friendly web hosts on it. The top 10 will be determined by people with CPAN ID’s voting it up or down (the use of CPAN ID’s should prevent spammers from gaming the system like digg get’s gamed). It could have in the listing, rank, # of positive votes, business name, site uri, technologies supported (e.

I wish my would go away

Sat, 10 Jul 2010 21:53:00 +0000

I been thinking about it for a few days, and of course consider I know nothing about grammar parsing or how any of this works. I wish the my $var; syntax would go away… or at least be less necessary. In almost all cases you want a lexical variable and use strict; doesn’t allow you to use $var anyways. So what’d I’d like to see is my become a mostly unnecessary reserved word, make $var a lexical variable by default, e.

git workflows

Fri, 02 Jul 2010 08:29:00 +0000

If you use git and you’re past the tutorialand using it for an actual project, I suggest you take a look at the workflowsmanpage as well. It will give you ideas on how to branch, merge, rebase and cherry-pick.This has been a public service announcement, that is all.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Announcing Dist::Zilla::Plugin::Catalyst

Sun, 27 Jun 2010 21:37:00 +0000

So I just recently finished reading Restful Web Services and decided I wanted to go back and play with Catalyst and REST some. The original way to create a Catalyst skeleton is to run catalyst.pl. This creates a lot of nice files to get you started. dzil new basically does the same thing for a generic cpan module. Honestly, without any plugins dzil new isn’t that useful. However, once you add Git::Init , you remove several steps from the creation of a new module and repository.

Solving code generation problems in dzil

Sat, 26 Jun 2010 06:16:00 +0000

Firstly I want to clarify a bit on my opinions of PluginBundle::USERNAME modules, as some comments there have inspired this post. I don’t think you should use them because it makes it harder to disableplugins, and I think Robin Smidsrød put it best: Mostly it is because the Dist::Zilla::PluginBundle::USERNAME doesn’t actually say anything about its intention. It only says use Dist::Zilla as this person does, but what does that actually mean?

please don't use Dist::Zilla::PluginBundle::USERNAME

Sat, 19 Jun 2010 02:05:00 +0000

or create them. Here’s the problem…. (short version is Don’t put PodSpellingTests in them)normally you’d have[pluginA][pluginB][pluginC][pluginXTests][pluginYTests][pluginZTests]and one of them doesn’t work on your system (for whatever reason), well you can just do this.[pluginA][pluginB][pluginC];[pluginXTests][pluginYTests][pluginZTests]the ;is a comment in ini, now dzil won’t use that plugin. But people will say well you don’t want to do that of course I want that plugin enabled. Here’s why you may not temporarily. Casual user X has a bug in /your/ module that’s using dzil, they code up a patch, and they want to run your test suite.

RT git workflow

Thu, 17 Jun 2010 20:16:00 +0000

git was designed to be very flexible in its workflow. One of the things it was designed to do was handle email patches, since there are a lot of patches sent to and from the mailing list. This is a good thing, even if you don’t have a mailing list, or you have your own bug tracker (in addition to RT), you can use RT to receive email patches from git.

Test Perl 5.12 on Arch Linux

Wed, 16 Jun 2010 04:23:00 +0000

Perl 5.12 has been languishing in the testing repo for a while, there are now several packages that have been rebuilt in testing and community testing. All of the rebuilds I reported have been fixed. If you use arch please make sure you’re using their rebuilt packages (and not one you rebuilt because it took like 2 months to do this) if you have any problems file a bug. If you aren’t sure which package is really the problem feel free to drop me a line and I’ll see if I can help you tack it down.

github renders POD

Mon, 14 Jun 2010 02:33:00 +0000

Not much to say here, but if you didn’t know it if you put a file.pod in your github repo it will be parsed and formatted, here’s an example:=pod=head1 HELLOworld=cutUnfortunately you have to actually visit the GISTto see it rendered.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Semver.org probably not compat with all downstream

Sun, 13 Jun 2010 17:57:00 +0000

For those that don’t know I currently create packages for AUR, and I used to work on Funtoo, as well as a fork of it Regen2 (which died by my hand). So I’ve got some experience working with BSD-ish style distro’s. I can’t comment on the Debians or Red Hats of the world, other than REPO HELL DRIVES ME NUTS. Now to the topic. Semverseems sane except for 1 thing that it doesn’t mention and an example that encourages it.

Selling Open Source Software (specifically games)

Sun, 13 Jun 2010 01:13:00 +0000

This is a pseudo reply to Jason Calacanis for what he said about using an Open Source game engine to build a game in This Week in Startups #54, Ask Jason segment. I believe Jason is implying that you can’t make money with open source software(that’s not a support contract variant) directly, but it’s a good resume builder. True there aren’t any big billion dollar open source companies, and companies like Red Hat make money off support, but I don’t believe he’s correct.

I am a $explicitive, or Formal Apology to RJBS

Fri, 11 Jun 2010 16:23:00 +0000

A lot of people think I’m a $explicative (insert your favorite one there). I’ve said some things that I shouldn’t have because I was pissed at the Person(s) at the moment. I would like to formally apologize to RJBS for the negative things that I said, about him. He’s been nothing but kind to me and is a great contributor to the perl community (and maybe others?). I greatly disrespected RJBS and I actually do regret it.

Using ref to fix 5 year old bug

Fri, 04 Jun 2010 12:00:00 +0000

So I haven’t been hacking perl for 5 (or more) years but I forked Template::ShowStartStop from Template::Timer which is that old. since I forked it this test has bugged me since I didn’t really understand the test, the section of code it referred to or the actual problem. This is an approximation of the error you’d get. Couldn’t render template “undef error - Can’t call method “name” on unblessed reference at /usr/lib/perl5/site_perl/5.

Testing TT Template's

Thu, 03 Jun 2010 21:18:00 +0000

So the poorly made patch the other day converted my Test::More test to use Template::Testwhich removed quite a bit of code from the test itself. I hadn’t seen Template::Test beforehand.Here’s a very simple example of a test you could write to make sure a template is being output ok.#!perluse strict;use warnings;use Template::Test;my $tt = Template->new();my $vars = {var => ‘world’,};test_expect(*DATA, $tt, $vars);DATA–test–hello [% var %]–expect–hello worldIf you want more examples I now have quite a few for Template::ShowStartStopwhich you can see in the Test directory of the master branch.

Submitting Patches is better than "Patches Welcome"

Fri, 28 May 2010 18:47:00 +0000

So I received my first patch for Perl code a week ago. Amazingly I didn’t have to tell the person patches were welcome, they must have assumed so because my project was licensed under an OSI approved license. Also amazingly I’ve applied the patch even though it didn’t meet my quality standards. I figure that’s my fault though because no where did I document what those were.Back when I forked Regen2 from Funtoo one of the first things I did (and a reason for the fork) was create a policy for patch submission.

That's not what I'm saying

Fri, 21 May 2010 02:11:00 +0000

people seem to think that I’m saying support should be a #1 priority. will someone please cite where I said that? yes I said it should be a priority, I said you should do it. I did not say where on the list it should fall. Even if you’re an employee at a company making $100k a year, if you’re wife is dying, your priority is that, hopefully your children come before said company in most cases too.

Warranties, what do they have to do with anything?

Fri, 21 May 2010 02:11:00 +0000

so the whole ‘open source’ has no warranty thing keeps coming up as a defensible reason that I’m wrong.Microsoft offers a 90 day limited warranty that the software will work to some degree or another as advertised or some such. If you really want to consider what they’re saying… it should work if it doesn’t we can send you another disk or you can return for refund. which really is what you could have done at the store anyways.

of Volunteers and Work

Wed, 19 May 2010 22:23:00 +0000

So, I’m heavily criticized for my unpopular opinion that open source volunteering is a job. I would like to point out the definitions of Volunteer and Work from answers.comI have removed a few irrelevant definitions, like those of ‘botany’.volunteern.A person who performs or offers to perform a service voluntarily: an information booth staffed by volunteers; hospital volunteers.Law.A person who renders aid, performs a service, or assumes an obligation voluntarily.v., -teered, -teer·ing, -teers.

Google trashed my Google Site's Content

Tue, 18 May 2010 01:50:00 +0000

When I forked Regen2 from Funtoo over a year ago I created a web page for it on sites.google.com. The hosting and uptime were both right for what I needed. The dns has long expired but I went to sites today to find a public link to the content, only to find that at some point they upgraded sites and completely trashed all the content I had put on there. Sure they have a revision control on there now… but it doesn’t contain ANY of the content I had left.

GPL 3 and Artistic 2.0 Software::License

Mon, 10 May 2010 14:34:00 +0000

As of right now Software::Licensehas no way to combine licenses on the fly. To be honest this deficiency might not be a bug in SL, it could be in Pod::Weaveror Dist::Zillathis is a know deficiency and RJBS plans on fixing it at some point. In the mean time we can implement dual licenses (and multi-licenses) in much the same way the Perl5 license is implemented.I was probably in legal violation (I am not a lawyer) with Template::ShowStartStopversion 0.

Documentation! it should be TDDD

Sun, 09 May 2010 22:21:00 +0000

UPDATE: I shouldn’t have said what I said about RJBS and have apologized publicly Test Driven Development should be Test and Documentation Driven Development. I don’t want to read your code to figure out how to use it. I don’t really care if you write the Test, documentation, or the feature first. But you should do all three before moving on to the next one. I’m gonna pick on Dist::Zilla this seems like a very good tool.

Don't Say "Patches Welcome"

Wed, 05 May 2010 13:24:00 +0000

Don’t say “patches welcome” it does more harm to your community than good. Why? It’s a polite way of saying “I don’t care. Fuck you. Fix it yourself. End of discussion”. 1.) Not a Developer The person you are saying this to is not developer. They don’t know how to do it. Period. At this point you are refusing to help them. This person may now have the opinion that your community isn’t helpful.

Teaching Perl - Week 3 - Textual Data

Mon, 03 May 2010 06:44:00 +0000

So lastweekyou should have covered variables, conditionals, flow control statements, calling functions, stdin/out/err, and using new perl features.This week we’re covering text processing, scalars, external libraries, and reinforcing what we learned last week. Text Processing is one of Perl’s specialty’s, mostly due to it’s powerful regular expression engine.First install LWP with cpan. cpanp -i Bundle::LWPwill do it.#!/usr/bin/perluse strict;use warnings;use LWP::Simple;getprint(“http://aur.archlinux.org/packages/modern-perl/modern-perl/PKGBUILD");So this is almost completely new… what does it do? and what does it have to do with text?

Teaching Perl - Week 3 - Prelude Commentary

Sun, 02 May 2010 13:22:00 +0000

So I think that Head First Programming: A Learner's Guide to Programming Using the Python Languageis a great guideline to teach any programming course, esp a 10 week course as it has 10 chapters. We’re one week behind. Arguably you could merge week 2 into week 1 and I may do just that in a rewrite of this series. In fact I’d suggest you do just that. But for now I’m going to continue on and we’ll see what people think once I reach the end.

Dist::Zilla vs xenoterracide

Wed, 28 Apr 2010 21:32:00 +0000

Yes, I am invincible! I solved my problemwith Dist::Zilla. If you agree with me that you should be able to install from your git repository, without requiring your users to have Dist::Zilla installed here’s one way of doing it.First install Dist::Zilla::Plugin::CopyTo. Now Edit your dist.ini. Most people probably use one of the Dist::Zilla bundles. Assuming you use Basic here’s what you do.; remove GatherDir from basic so we can specify it seperately[@Filter]bundle = @Basicremove = GatherDir; specify the where your ungenerated source lives[GatherDir]root = src; specify where you want the generated source to live[CopyTo]dir = .

My new Love/Hate Relationship with Dist::Zilla

Tue, 27 Apr 2010 08:30:00 +0000

Dist::Zillais a great release tool, code generator, and it just plain takes the boring part of doing a release away from you.That having been said, it does, imo, horrible things to your source repository. “But, Caleb, it cleans up your source repository you can remove a lot of excess stuff you don’t really need to be storing there”. Well… I disagree, to the point that I’ve used every explicative in the book to express my displeasure.

cat that displays tabs at 4 spaces

Sun, 25 Apr 2010 20:26:00 +0000

So in the tabs vs spaces war I’m squarely on the side of use tabs. tabs have meaning. tabs allow people to set there editor’s to whatever space display width their eyes are comfortable with as opposed to what yours are (e.g. you like 2 spaces I like 4). However, I’ve heard the argument what about when you cat the file, etc. Well it is actually a bit annoying… so let’s fix it.

Teaching Perl - Week 2 ( part2 )

Sun, 25 Apr 2010 18:41:00 +0000

This part2 was prompted by Chromatic’s post on state. I’d never heard of state before, and it’s documentation is poor. Let’s take a look at how state could affect our game. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 #!/usr/bin/env perl # guess a number game use strict; use warnings; use feature qw( say state switch ); say 'welcome'; # generate the winning number between 1 and 10 # see perlfaq4 for algorithm details my $winning_num = 1 + int( rand( (10-1)+1 ) ); until ( $winning_num == state $guess ) { say 'Guess a number between 1 and 10: '; $guess = readline(*STDIN); # check to see if we have a winner, or the guess is to high, or low.

Teaching Perl - Week 2

Sun, 18 Apr 2010 22:15:00 +0000

Teaching Perl - Week 1 - ( Part2 )

Sun, 18 Apr 2010 05:29:00 +0000

Teaching Perl - Week 1 - ( Part1 )

Tue, 13 Apr 2010 18:13:00 +0000

Make sure you’ve read Part 0first.As I said before Baker provides a Linux server for the perl class. However, none of the students have had a unix class. So I advise touching on it and giving them a link to these tutorialsif they want to use it, and a helping hand. The book also talks about ActiveState but this isn’t the recommended way to do perl on windows anymore. Avoiding crux will prevent you from wasting a week or more on unix which is not what the class is about (my instructor failed horribly at this, and at knowing unix (or perl for that matter) well enough to cover it).

Teaching Perl - Part 0 - Preface

Tue, 13 Apr 2010 16:10:00 +0000

This is my 2 cents on how perl should be getting taught at my school. My school’s curriculum sucks in general across the board. But assuming I can’t change what classes are taught, when and what prerequisites this is how I would teach perl given the current computer science curriculum.Since people reading this are probably not familiar with the Fail that is Baker College(I would not choose Baker if I had to start again but credits don’t transfer easily, so it was easier to continue on with it).

Unpaid volunteer work is a job

Tue, 30 Mar 2010 13:49:00 +0000

So the common misconception in the open source community is, “I don’t get paid, I don’t have to do it”. Actually, it’s not a misconception, you’re absolutely right, you don’t have to, you can stop, leave, go away. It’s also well know that FOSS software is without warranty or guaranteed support. But by the vary nature of being a volunteer you are offering to do a job for free. No? have you tried working for a volunteer organization and telling your boss there “I don’t have to do it because I’m not paid”.

Say Perl

Sat, 27 Mar 2010 02:08:00 +0000

SayPerllaunched yesterday. It’s essentially aggregated perl blogs translated through google’s translation service into english. Very awesome. 3 things could make it better.1) An atom/rss feed 2) instead of clicking on ‘spanish’ and listing all the feeds that were written in spanish… click on spanish (or make it espanol) and have it show all the feeds translated into spanish.3) It’s newest post is a while ago… so it’s update speed could be a bit better.

Perl Blogger annoyances

Thu, 25 Mar 2010 16:00:00 +0000

So I love Iron Man and people who blog perl. But I’ve got some complaints. No Language Specific Feeds. I’m not discriminating against people of foreign languages I want a Russian only feed as much as an English only. I just can’t read it, and I’d rather not have it in my feed. So I’m using Dagolden’s English only Feed. This feed doesn’t work 100% right however, see next.

Bad Customer Service from T-Mobile

Thu, 25 Mar 2010 12:55:00 +0000

So about 2 months ago I got fed up with Sprint (they suck for different reasons) and I already knew that they had better service coverage than Verizon in my area. My friend suggested T-Mobile, so I went and got setup with them for a 14 day trial period. I took the phone made some calls tried the web browser, I didn’t like the blackberry itself, but that’s besides the point.

my git remote

Wed, 24 Mar 2010 03:12:00 +0000

So occasionally I like to fork a project on GitHubwell the proper way to do it is to use GitHub’s fork button which then clone’s the repo into your account. this is great! I can than clone that locally develop it an push to it. Usually I do this push with git push origin. I can then ask the owner of the original repo that I forked from to ‘pull’ my changes in.

Managing CPAN on Arch Linux

Sun, 14 Mar 2010 00:45:00 +0000

So if you’re running Arch Linux and want to install a bunch of packages from CPAN the best way is NOT to use the official cpan client, or even the new cpanminus. No your best bet is to use AUR or lacking AUR packages, create your own, and I’m gonna walk you through how I do it. The really nice thing about installing packages with Pacman is that unlike cpan there is a utility to uninstall them.

Iron Man and introductions

Sat, 13 Mar 2010 21:59:00 +0000

So I’ve decided to “compete” in the Iron Man competition.My name is Caleb Cushing, I’m a 25 year old, unemployed, student, living in the Greater Lansing, MI, USA, area. I’ve been programming perl for approximately 6 months. This includes a lot of off time, time to relearn the language from the class I took a couple years ago (and learn modern perl), learning Catalyst and DBIC, all of which is an ongoing process.

How not to ask for help

Thu, 11 Mar 2010 00:22:00 +0000

This is the story of my friends problem today. I got one for ya. Field like field so of course I’m like: “? is that a question? he had given me no prelude, no premise. response I tried field like ‘%’ + field2 + ‘%’ No good though So I explained that % is a wildcard. He still hadn’t explained what his problem is or what he was trying to do.

You should have hired me! ( just a vent )

Wed, 10 Mar 2010 13:30:00 +0000

So this is about the 10th time my friend has asked me for help on a SQL (w/ SQL Server) problem. I Actually interviewed with his company at one point and they elected not to hire me. Why? because I have never found windows errors useful, have therefore never used its logging facility, and was unable to answer questions about it. I’m was UNIX guy then and am now. But I’m still better at figuring out problems on software I’ve never even used, with only about 1/10th of the information that I need.

bash and konsole

Tue, 16 Feb 2010 23:06:00 +0000

So I’ve had lots of problems using a multi-tab xterminal, for the casual user I’m sure they’d not even notice them, or think I’m silly, but when you spend all day in a shell they become less so. Historyone of the big problems I’ve had is with history. see when you close a shell then it writes the history. well if you have 5 tabs open each with with a super long history they’ll write those histories out in the order they close in.

Can't Find Google's OpenID

Sun, 14 Feb 2010 12:48:00 +0000

I think that Google’s (not Blogger’s) OpenID is a failure. It’s not memorable and you can’t find it. I’ve been trying to figure out where google has my OpenID listed for 30 minutes now. This is not the first time I’ve had to do this. I usually use Blogger’s because it uses my blog’s url, but it’s currently error-ing with a typepad blog. Why can’t google use something like google.com/username ?

KDE 4 is finally ready for users

Thu, 11 Feb 2010 14:21:00 +0000

I just installed KDE SC 4.4 last night and I can say that I feel that it’s finally general user ready. The last bug that I felt would prevent average use is now gone. What was that bug? when you pressed print screen nothing would happen. There was a workaround to make print screen work but it didn’t work out of the box. I feel that there are some things that should just work and that’s one of them.

empty() function for postgresql in sql

Wed, 20 Jan 2010 13:00:00 +0000

In PostgreSQL the ASCII NUL or empty string \0 is seen as NOT NULL. This is because postgres developers consider any characters data. I know there are better discussions on it but I can’t find them right now. Unfortunately the programming language you are using probably doesn’t see it the same way. There’s a good chance that initialized variables are set to \0 and so when you try to insert from your language to a NOT NULL field with variables that are seen as undefined in your language, postgres accepts it, and now you have fields that you probably consider to have no data but are NOT NULL.

PostgreSQL initial setup (authentication) Part 2

Tue, 19 Jan 2010 11:37:00 +0000

I ran into so problems and lack of information with my last post on this topic. Firstly my syntax for local all all to local all all ident devel doesn’t seem to work in my current setup. It’s possible that it has something to do with the configuration of the Debian/Ubuntu server I was basing that against, and now my targets are Arch Linux and Slackware. So our goal here will be to provide an alternate user that can log in as postgres via ident.

Bypassing disabled accounts with KDM

Mon, 16 Nov 2009 19:06:00 +0000

So the most common way of disabling an account in a unix system is changing the users shell in /etc/passwd to /bin/false or /sbin/nologin. However, I’ve discovered on Arch Linux that if I do this only shell login’s are disabled, I was still able to log the user in with gui via kdm. I also tried using usermod –expiredate 1. this was not effective either however. the only way I found to lock the account from kdm login was to do a passwd -l accountname, which only locks password authentication.

Difference Between a Database and a Database Instance

Tue, 10 Nov 2009 15:00:00 +0000

I was prowling StackOverflowtoday and the questionwas asked when you would use 2 databases. I’m amazed at the number of answers of replication and sharding (some under the guise of some other description). The only answer I can think of to be correct is Different Applications/Services (shared hosting probably falls under those 2 in a weird way). I’m going to explain why a replicated database and/or a sharded database are not multiple databases.

Port forwarding in OpenWRT

Sat, 03 Oct 2009 19:34:00 +0000

So you need the outside world to have access to some box’s on your internal network. first you should use Static DHCPto tell static the IP’s of the computer you’re routing to. Then you of course need to know the inbound from the outside world and the port on the computer you are forwarding too. For this example we’ll forward WAN (Wide Area Network (or (probably) the Internet)) port 8080 to a local dev box running Apache on httpd (we assume you know how to set apache up and make sure it’s working on the LAN(Local Area Network)).

Quick sha1sum with Crypto++

Tue, 22 Sep 2009 01:59:00 +0000

I’ve been working on Korama. I was originally planning on hashing each music file and using the sha1 for the track primary key. However, after benchmarking an actual implementation. I’ve decided that it’s too slow, 20 minutes for 3k+ tracks, also my program was about 5 minutes slower than find … -exec sha1sumnot sure on the reason why. However, since I had problems figuring out how to do it I figure I’ll post a basic sha1sum program that I made with the help of people on the Crypto++Mailing List.

FSDaily security fail (see image)

Sat, 05 Sep 2009 17:01:00 +0000

<img style=“display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 334px;” src=“http://2.bp.blogspot.com/_3oPDnpvYrb4/SqLUMaJclwI/AAAAAAAAABY/o-xV9JVASss/s400/fs_daily_fail2.png" border=“0” alt=““id=“BLOGGER_PHOTO_ID_5378094214676256514” />Hint, Hint! FSDaily don’t access your db with the root account. and definitely make sure that, that error page doesn’t show that to users.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

PostgreSQL initial setup (authentication)

Mon, 24 Aug 2009 01:00:00 +0000

If you followed my last initial setuppost on creating users and are running a default install of postgres you currently should be able to access the database on your cli. However, many distributions do not install postgres in a default manner. A great many distributions make the default authentication for sockets ident sameuser. This is technically much more secure than trustwhich is the default. However, you may find yourself locked out of your database on the local cli if you make the database name different.

Adding a new group to an open shell without logging in and out

Sun, 23 Aug 2009 01:00:00 +0000

Most Unix users believe it’s impossible to add a group that was recently added to your user account without logging in and logging out. If you’re running X and need to give your gui new permissions (like dolphin/konqueoror) this may be true, for the most part. I don’t know how to change it for those processes. However, if you need to change it for a shell prompt it’s easy. You merely execute the command newgrp <newgroupname> in an open shell prompt and that prompt will now be loaded with the new group.

More Security = Better. Wrong!

Sat, 22 Aug 2009 19:54:00 +0000

So I just had a discussion on #ubuntu-server on freenode about why my not having a password to connect to postgresql via a socket (read local cli) is insecure. So I asked them, how exactly is it that someone is going to get this access? The answer “there are bad people on the Internet”. I’m sure many people right now are agreeing with them and thinking I’m crazy. Let’s discuss my setup though shall we.

OpenWRT static DHCP

Mon, 06 Jul 2009 02:47:00 +0000

I use OpenWRT on my Linksys WRT54GL, all shell, no web interface. My basic problem is that both me and my roomate need ports forwarded from the internet to our systems. This means NAT, for nat you need to know the IP address that you’re forwarding too. I could just ‘static’ the IP on our boxes and then set up the NAT. This is not the correct way to do things, as it would be much more difficult to keep track of who uses what IP and make sure that dnsmasq doesn’t give out our static-ed IP’s.

To pointer, or not to pointer: That is the question

Sat, 27 Jun 2009 17:53:00 +0000

For a very long time now I’ve been looking for good explanations of pointers, and how the varying kinds differ.I’ve finally found a book that does a good job of explaining what they are and how they differ. The book is by Bjarne Stroustrup (the creator of C++) it’s called Programming: Principles and Practice Using C++. The book is supposed to teach you how to program (become a good programmer) using C++ not teach the C++ language.

iptables browsing samba shares

Sat, 16 May 2009 00:37:00 +0000

NOTE: this assumes that you’ve read my previous post on basic iptables setup on the desktopSo I just spent the longest time trying to determine what ports I needed to browse and use samba shares. The sad answer is it’s just one.iptables -A INPUT -p udp –sport 137 -j ACCEPTthe catch with all the information I found with google was that most of it was for samba servers. I didn’t want that.

Git Presentation

Mon, 11 May 2009 16:27:00 +0000

I’m doing a git presentation and the Lansing Coldfusion User Grouptomorrow night. Anyone who wants to is welcome to comeBelow are the slides for the presentation.EDIT: I don’t know why but google doesn’t show all slides formatted right in mini mode. It’s cut off some of the text and overlapped some things.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Jeff Atwood fails at password security

Wed, 06 May 2009 19:10:00 +0000

This was originally written for a class assignment and as that has not been modified (much) for the web. Jeff Atwood’s password was compromised, the following includes a summary of how it happened, and how better security policies could have avoided it. This was written for Advanced Report Writing at Baker College.Summary of ArticleOn May 3, 2009, Jeff Atwood reports that his Stack Overflow password was compromised an that he received an email explaining the details.

Regen2. don't care anymore

Tue, 05 May 2009 01:53:00 +0000

Yep, I don’t really care anymore. So much work needs to be done, I can’t do it alone, but neither Gentoo, Funtoo, Sabayon, or Exherbo, are going down the right path to the salvation of the ‘gentoo way’. Without help or regular feedback I lost the will to work on it. Will regen2 ever be revived? I don’t know.if you want go to Funtoo, it should be easy enough to dogit remote add funtoo git://github.

Arch, Funtoo, and Regen2's future

Thu, 30 Apr 2009 11:52:00 +0000

as I’ve been saying here recently I’m burned out, on so many angles it’s not funny. I’m apathetic, I’m not really sure I care anymore. I’m actually playing with arch at the moment to see if it’s a better fit. I also here debian sid might work. I don’t want to maintain the tree 7 days a week anymore, and I’d like an up to date system. I’ve been talking with Daniel Robbins lately about the possibility of a common tree with Funtoo, I’m not sure he wants to do it the same way I do, which is unfortunate.

Regen2 0.9.1.0 Released

Wed, 22 Apr 2009 00:45:00 +0000

Release Highlights vanilla-sources-2.6.28.9 gcc-4.3.3 glibc-2.9_20081201-r2 openrc-0.4.3-r1 baselayout-2.0.0-r2 git-1.6.2.3 perl-5.10.0 bash-4.0_p17 app-sh/dash is now included in the tarball, in the next major release I hope to make it /bin/sh please test and report any bugs with doing this. apache2 and mysql are known to have issues. openrc works fine, the average desktop system should work. Known Issues emerge --sync will not clone the tree if it does not exist in portage 2.

Looking for tree maintainers

Tue, 21 Apr 2009 20:01:00 +0000

I’d like to see multiple people merging the tree, with best case scenario being that it happens more than once a day. worst case status quo. I’m willing to write the scripts and teach anyone how to do it. I just ask that you can read an ebuild (to some degree) and have good judgement, or at least not too embarrassed to ask. Most ebuild merges are IUSE, KEYWORDS, and cvs line.

Regen2 0.9.1.0

Tue, 14 Apr 2009 23:54:00 +0000

I haven’t forgotten about it. I seem to lack all motivation on Spring Break. Nothing to procrastinate on. Now that school has started I’m working in full swing, I’ve been learning metro the past few days. I should have the tarballs ready by the end of the week. I’m not sure on mirrors right now. Have at least one volunteer mirror, and I will be torrent-ing them. I’ve been seriously procrastinating on finding out how to get on the Uni mirror ring.

~arch will be testing again not stable

Tue, 24 Mar 2009 05:29:00 +0000

I think the idea of a meta distro on top of a stable base is the way to go, let people choose just what they want on bleeding edge. I like my kernel, gcc, and perl solid, sometimes I want firefox’s beta’s but that doesn’t mean I want the rest of the system like that. At some point gentoo’s ~arch became more stable that stable, this needs to end. Even if it means making stable a bit more unstable.

Regen2 0.9.1.0 soon

Mon, 23 Mar 2009 02:44:00 +0000

Last night I decided I’d be rolling out the first release of Regen2 in the first week of April.So as I’m sure everyone knows version are arbitrary they mean nothing… well ours are going to mean something. The first 2 numbers are the year, so 20(0.9).1.0. the Third number is the quarter, we are going to be mass stabilizing system once per quarter. I’m not sure that this will include new profiles.

postgresql initial setup (users and databases)

Wed, 18 Mar 2009 05:22:00 +0000

This guide assumes that you’ve managed to install and start the postgres server. I’m ignoring these because they are well documented in several places, probably including your distribution, however, what to do next isn’t. First you need to connect to the Postgres database with psql as postgres, on gentoo* distributions you must be in the Postgres group to do this. In the event this doesn’t work you may have to su to the postgres unix user account somehow and run psql from there.

Tree hasn't been updated - why

Thu, 12 Mar 2009 12:54:00 +0000

So 2 days ago, when I went to sync to gentoo I didn’t get any updates. I’m not really sure why as the process seemed to go alright. It could have something to do with the next bit.My System appeared to have been compromised. Syslog-ng was disabled and all logs post dec 30 2008 were removed. So i’ve spent the better part of yesterday/today reinstalling my system. Tree should be synced and merged tonight.

SYNC_METHOD

Sat, 07 Mar 2009 20:18:00 +0000

I’m going to be pushing out an new feature to portage today, since testing has gone well.SYNC_METHOD is a new portage variable, I’ve also gone to the trouble of defining it in make.globals. The default for Regen2. is git, however, rsync and cvs have also been defined although not tested.the main benefit of SYNC_METHOD is to use one way of detecting the program you should use to detect the tree. previous variations were problematic, as rsync does not have a directory like .

to Gentoo dev or not to Gentoo dev

Wed, 04 Mar 2009 18:15:00 +0000

So after a little post about Regen2 on the Gentoo-dev mailing list. I’ve been offered mentoring to become an official gentoo dev. I’m conflicted, my main reason for saying yes would be to learn stuff that I can’t learn on my own. But I’m not sure I really want to be a gentoo-dev this means doing these other time consuming things, and I wouldn’t be able to do nearly enough from the inside.

regen2 maintaining it's own openrc

Sun, 22 Feb 2009 20:50:00 +0000

So openrc was updated recently, and I noticed it, I decided it was time to find out why drobbins had created his own version. so I viewed them, ultimately I decided that drobbins had made too many changes but the gentoo ebuild had its own issues. So I modified the Gentoo ebuild to use EAPI 2, removed all of the live ebuild code that shouldn’t be in it, updated the branding, and we’re ready to rock.

split package.mask

Sat, 21 Feb 2009 23:30:00 +0000

There’s been a problem with ${PORTDIR}/profiles/package.mask since I added sunrise, I didn’t realize at the time the problem wouldn’t be adding atoms, it would be keeping track of when they should be removed. I’ve decided that the best way to do it is to use portages ‘directory concatenation’ feature, I turned package.mask into a directory, it now contains a file for each overlay that has a package.mask, and one for gentoo.

merged java-overlay

Sat, 21 Feb 2009 23:24:00 +0000

Java in Gentoo is horribly out of date, and from what I’ve seen of the java overlay, it doesn’t improve the situation much, but it’s still better than without it. I’ve merged it into regen2.org, since this was I think the most painful merge since the first I ever did, I may have made mistakes on some ebuilds, let me know if you experience problems.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.

USE="experimental-git" sys-apps/portage

Thu, 19 Feb 2009 23:14:00 +0000

drobbins recent tipmade me think, that maybe I should point out that his solution to the problem is an annoying work around. I had this problem for a while, it was caused by my having autocrlf = input in my .gitconfig settings. Several people have told me that they have this problem without changing their crlf settings for git. After a while I decided that Funtoo/Gentoo’s git handling patches were incomplete at best and unfriendly at worst.

Heritage Paper - Cultural Diversity

Thu, 19 Feb 2009 14:34:00 +0000

This blog entry is a test of Google Docs blog publish feature. I thought some might be interested in this paper I wrote for my Cultural Diversity class that I’m currently attending at Baker College of Auburn Hills, MI.My name is Caleb William Cushing, born Caleb Lee Rogers. I was born on October 21, 1984 in Lansing, Michigan, USA. I’m German / Norwegian by birth and German / English by law.

Banned from #funtoo

Mon, 16 Feb 2009 09:25:00 +0000

open letter to Dan Robbins - merge regen2

Wed, 11 Feb 2009 06:15:00 +0000

I had an interesting conversation with thewtex on #funtoo yesterday. My conclusion is, this divergence of tree’s is stupid. We should be working on a common base, at least common enough that users could relatively easily merge our tree’s. My tree is currently ahead of yours in content by 3 sunrise merges, 1 mpd, and the 2 merges of the python overlay. Your users can’t easily get these updates.Due to the fact that we have irreconcilable views on what patches we allow, the fork must remain.

tag builds

Sun, 08 Feb 2009 01:18:00 +0000

This is just a feature concept. May or may not ever happen. Live builds for portage usually run off the trunk/master branch of a scm tool. This is a great idea, but why couldn’t we take this a step further, usually people who use scm’s ‘tag’ there releases, so why couldn’t the same ‘live’ build have an option for using a tag instead of trunk. This would allow releases to roll out much faster too.

a snake in regen2

Fri, 30 Jan 2009 07:01:00 +0000

I’m sure you’re thinking I’m talking about me ;) nope first order of business, add more stuff which should be in gentoo. I’m pleased to announce that I’ve added py3k also know as Python 3.0 to Regen2. It will remain hardmasked as unmasking could create stability issues on a gentoo based system given it’s reliance on python.

Forking Funtoo - Regen2 project born

Thu, 29 Jan 2009 02:39:00 +0000

So, I won’t be the Tree Maintainer for Funtoo anymore. In light of the new situation I’m forking Funtoo. I’m not going into details why I’m not the tree maintainer anymore on this blog, except to point out how Regen2 will differ.I’ll be continuing to maintain a tree with all the overlays I had added and more to come. you can get a copy of my version of portage at git://github.

Funtoo News

Fri, 23 Jan 2009 14:18:00 +0000

I’ve decided I’m going to start posting a sort of weekly newsletter (I’m not committing to weekly though) merely to document anything I feel important that happened, or is about to, but isn’t quite important enough for it’s own post.RA(ra– on #funtoo) or r_a@lavabit.comsubmitted quite a few patches this week including 1 that fixes many of my major borkage on non-latin1 changelog breaks. He’s become a regular contributor and I’d like to thank him.

mpd overlay

Sun, 18 Jan 2009 10:42:00 +0000

I’m adding the MPD overlay courtesy of Rullzer who’s kind enough to merge and maintain it in tree. Nothing big here, just some more up to date ebuilds, and more clients for MPD.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Funtoo gets the new Perl

Fri, 09 Jan 2009 08:45:00 +0000

Soon, Dan Robbins will be merging my perl-experimental branch which contains the perl-experimental overlay. This overlay contains a handful of packages, the most important of which is perl-5.10.0 which has been out for about a year now and Gentoo still hasn’t put in portage. One nuisance of the perl-experimental overlay is they don’t use changelogs which means if you want to know what’s going on with a package from this you’ll have to check out git log as well as the changelog.

Sunrise's over Funtoo

Tue, 06 Jan 2009 14:49:00 +0000

Sunrisea Gentoooverlayis being added to Funtoo. So if you’ve got layman tracking sunrise and you’re using funtoo you’ll be able to delete sunrise from your overlays as I’ll be merging sunrise’s reviewed ebuilds daily.The hardest part of the whole process was merging package.mask, use.local.desc and categories. Since this is new be on the lookout for bugs or problems.Want to add an overlay to funtoo yourself? First, it’ll have to be a git or svn overlay.

Recovering from a deleted /etc

Tue, 30 Dec 2008 15:59:00 +0000

Last night I inadvertently deleted /etc and had to recover my system which was still running, and for my own sanity avoid downtime. Everything was still running when I realized what had happened so without logging out most things would continue to if I didn’t stop them.I run a mix of stable and unstable. If you are on one or the other you will probably be able to simply extract /etc from a recent tarball, I tried doing this from drobbins builds but it was ineffective.

sync target support

Sun, 21 Dec 2008 17:40:00 +0000

HereI explain why emerge –sync should return to it’s original sync form.I think emerge sync should have the ability to have a target. Currently emerge –sync has a target of the SYNC variable in make.conf or the default hardcoded. However, git support is being added to portage. git is a very powerful tool, and the Funtooproject uses it to manage it’s full portage tree. git doesn’t work like rsync, it’s not so straight forward as rsync uri, which is effectively what emerge sync is doing.

--sync should be sync

Sun, 21 Dec 2008 15:32:00 +0000

emerge sync never should have become emerge --sync, of course 2 years ago I thought it was the right thing, it isn’t though, live and learn. sync is currently an argument with the syntax of an option. What’s the difference? An argument is what the command, or executable operates on. Some examples cp file0 file1 copies file0 to file1. ls list the current working directory ls dir0 lists directory dir0 Right, so how is --sync an argument and not an option?

types of use flags

Fri, 19 Dec 2008 15:03:00 +0000

Ok so I have yet another idea for portage and other portage like package managers. actually this is probably more aimed at EAPI. Different types of USE flags. The 2 I’m thinking of off the top of my head could be described as volatile and non-volatile. Basically a use flag marked volatile means a package needs to be recompiled if it gets changed one marked non-volatile most likely just pulls in another dependency or copies files such as documentation.

Download Book, The Ruining of a Good Feature

Fri, 12 Dec 2008 13:57:00 +0000

1-3 Months ago Safari Booksfinally started allowing you to download full books in pdf. It used to be that you had to download chapters of books in pdf. This was annoying even if you had tokens to do it. Tokens are Safari Books way of making sure we aren’t pirating en masse, you get 5 tokens a month and can only keep 3 months worth. So now we can download full books how nice?

Regen2 development has officially begun

Thu, 11 Dec 2008 04:30:00 +0000

That’s right I’m putting my money where my mouth is. It’s small but the first 2 packages when into the regen2 treethis morning. They are MySQL 5.1.30 which was added because the gentoo maintainer refused to add it do to instability. I agree that it is unstable, but we have ~M Hard Masked packages for that reason. It has been added as ~M. The other app added is qsynergy, the ebuild was already on portage and I know it to be good so I added it to the tree, I’ll probably stabilize it in a few weeks.

PostgreSQL \edit and Syntax Highlighting

Sat, 29 Nov 2008 10:35:00 +0000

If you’ve ever used \edit with PostgreSQL you’ve probably noticed that it’s not using syntax highlighting that your favorite editor most likely supports. I’ve wondered why this is for a while, Postgres uses vim on my system which supports robust highlighting among other things. I had a few things suggested to me, such as setting putting settings in my .vimrc, most of which would have forced filetype=sql on files that weren’t sql, and would have been active outside of psql.

Finally Linux gets something first

Mon, 17 Nov 2008 12:56:00 +0000

… and it’s something we didn’t build. We get lots of things first but we usually build them. We never get proprietary software first. At best we get proprietary software the same day. Generally we get it months later. However, today linux takes another giant step towards being the dominant next OS, we are the first to receive 64-bit flash from adobe. Windows isn’t getting it, Mac OS X isn’t getting it, we are.

The Motherboard I want doesn't exist

Sat, 08 Nov 2008 05:04:00 +0000

My Desktop is dieing and needs to be replaced. So I’m working on researching the parts I’d need to replace it. As any good IT person knows, the motherboard is the most important decision to make when building a computer. Theirs a good chance that someone reading this will cry out I’m wrong. The reason the Motherboard is the most important decision is it dictates the potential of the whole computer.

accept input from stdin

Thu, 30 Oct 2008 02:11:00 +0000

if possible emerge-ng should be able to accept input from <STDIN>, e.g. cat packagelist | emergeng, thus far neither portage nore pkgcore have this capability.

minimum permissions and privilegdges

Wed, 29 Oct 2008 00:53:00 +0000

I like security… which means I should be able to run portage as portage (user) and have the umask be 077, or perhaps 027. Unfortunately the last time I checked portage could handle these restrictive permissions (I forget if it was these exactly) except for one set… java. In a perfect ebuild world all ebuilds would be able to be installed under a very restrictive umask.Should regen2 ever come to fruition this should be fixed.

pkgcore the victor

Tue, 28 Oct 2008 01:22:00 +0000

pkgcore is my pick for the next portage and codebase for emerge-ng. I admit I haven’t let paludis have a chance (yet).Why haven’t I let paludis have it’s chance?The reasons are quite simple. Everytime I have tried paludis prior to this it has required extra configuration (meaning it doesn’t work out of the box). I believe this was fixed recently. However,paludis@1208029212: [WARNING] Use of Portage configuration files will lead to sub-optimal performance and loss of functionality.

Graphical Package Manager

Sun, 26 Oct 2008 00:51:00 +0000

Anyone that knows how I work in linux, knows that I"m comfortable with the cli, and prefer it to a gui. I know that not everyone is or should have to be. Sometimes a gui can make management easier. Even a die hard cli person like me realizes that. However, you should never have to do things the gui way, they are just front ends. emerge-ng needs to support having a gui even if the development of such a project is not directly part of the emerge-ng project.

Why not Sabayon?

Sat, 25 Oct 2008 22:12:00 +0000

I’m going to be short and sweet on this. The last time I checked, Sabayon made you run ~arch, upgrading would break your system, and it was all about bleeding edge gui’s. Sabayon is good for the last. But stay away from it if you want or need stability, or gentoo upgrades.

More than 3 levels of stable

Fri, 24 Oct 2008 11:17:00 +0000

Currently Gentoo has arch, ~arch, and ~M ( - if not available ).One of the main things people want are security patches only updates. I tend to agree with this, although they should be between arch and ~arch, maybe +arch. Technically a security patch can break things which is why they shouldn’t be considered stable.Regen2 should also have strict rules about what’s what. Alpha products should always be ~M, beta’s and rc’s should be ~arch.

versioned /etc

Wed, 22 Oct 2008 10:27:00 +0000

regen2 should support an /etc that’s under version control. something like etckeepercould/should work. Or we could just build our own tool for use with an existing vcs.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Dan Robbins Tarballs

Tue, 21 Oct 2008 11:17:00 +0000

I think having weekly tarballs is a great idea. But I’m less concerned about the release schedule of such things for regen2 and more concerned about the system packages that tarballs contain. A new tarball should be released, 1 week after a new glibc or gcc is updated, for sure, but any system package should be enough. Why 1 week? well once they stabilize they will hit a lot more people who are likely to have bugs, and that gives time for bugs to be fixed before tar-ing it.

no more stabalizing rx one after another

Mon, 20 Oct 2008 20:06:00 +0000

so yesterday gentoo stabilized. gentoo-sources 2.6.24-r3 today they are stabilizing 2.6.24-r4. Come on people? I just built the damn kernel didn’t you test long enough before releasing? well here goes building another kernel.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

buildpkg

Sun, 19 Oct 2008 06:31:00 +0000

emerge-ng should be able to build rpms, and debs. regen2 should be the distro that builds other distro’s, not only should it be good at that (gentoo is now) it should be designed for it.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

kde-overlay (svn) now requires paludis

Sat, 18 Oct 2008 17:58:00 +0000

details are hereso apparently the folks running the kde overlay have decided to discontinue portage compatibility. I suppose I can’t blame them, on the other hand I don’t approve. Even though I haven’t started testing paludis yet. I am still firmly against it as it is as gentoo’s next package manager. I won’t be regen2’s without heavy modification. Including some re-writes. I do intend to investigate the possibility of using paludis code in emerge-ng.

pkgcore & paludis

Fri, 17 Oct 2008 17:35:00 +0000

So I figure it isn’t fair to judge them without using them for a bit (even though they miss the mark of being drop in). Over then next few days I will be testing them to see how they work.

emerge-ng multiple trees

Tue, 14 Oct 2008 23:29:00 +0000

first I hate repositories, but it is unlikely they will go away. So we must strive to make sure that they are only needed for truly rare things. from my perspective the sunrise repo shouldn’t exist. and vcs builds should be in the tree. regen2 should strive to have everything possible in the tree. when it can’t an overlay should have all the capabilities of the main tree. meaning that an overlay shouldn’t automagically be considered less stable and require the keywording of all the ebuilds in it.

emerge-ng and vcs builds

Tue, 14 Oct 2008 01:22:00 +0000

gentoo is a source based distribution, and this is a good thing. why then has the ability to have trunk builds (which has been added to many overlay’s) seem like such a hack? all non-binary program ebuilds in the tree should have a ‘trunk’ version option. emerge –sync should then be able to find out whether trunk has been updated so you can correctly rebuild programs as needed with emerge –ask –verbose –update –deep –newuse world–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.

what is regen2 linux?

Fri, 10 Oct 2008 19:35:00 +0000

In short a concept aimed at forking Gentoo Linux. First some history and my own experiences.Gentoo is a sick adolescent who refuses to acknowledge his illness. Because he refuses to acknowledge the illness he can’t be helped. There are many who have ideas about how to help him. Some of those are wrong.Gentoo’s biggest problem? Democracy. Making it actually work is not easy. Most of the really successful, open source, projects have one or two people at the top.

emerge-ng

Thu, 09 Oct 2008 16:45:00 +0000

at the time of this writing. a concept for software with a name that may not be it’s final, and it may never get done.emerge-ng should ultimately be a drop in replacement for the portage package (the main package manager) in gentoo linux.for clarity I will be referring to portage as the software and if I mean to refer to portage’s tree (basically one giant software repository), I will refer to it that way.

TCO Windows vs Linux (Part 1: a Linux Professonal)

Sun, 20 Jul 2008 20:10:00 +0000

Today fsdaily posted an forum threadasking why they should use linux but not using certain reasons. However, some of the reasons they said can’t be used are part of the TCO (Total Cost of Ownership) of a computer.What is TCO? Here’s some of what Wikipediasays about it.A TCO assessment ideally offers a final statement reflecting not only the cost of purchase but all aspects in the further use and maintenance of the equipment, device, or system considered.

The real problem with windows is not windows

Sat, 05 Jul 2008 12:39:00 +0000

(note: this was originally intended as a reply to Why Is So Hard for Windows Users to Understand That Linux Is Not Windows, but it got so long I felt it should be it’s own post. I’m not sure the title is good, but it’s close enough)(note: I use the term users in this blog to mean people who use computers that do not, develop, administrate, repair, or are other wise considered power users, and professional computer users.

Debian and OpenSSL blunder - goodbye debian?

Thu, 22 May 2008 23:41:00 +0000

I’m sure you’ve read about Debian’s OpenSSL blunder. If not here’s a recap on Linux.com. I’m just wondering… is it possible that the pain will be so great for admins that the great stable debian will be discontinued from production server use? I would (but I don’t use debian based systems for anything but livecds), seriously this is a hugely idiotic mistake, the pain of which is only beginning. This may in fact be the biggest security blunder I have ever heard of in open source.

dvorak vs manufacturer's

Mon, 12 May 2008 21:44:00 +0000

The DvorakKeyboard is supposedly better than the qwertykeyboard.Theoritically all you have to do is change the keyboard layout in your OS and then pop the keys off your keyboard and re-arrange them (technically the second step isn’t required but nicer). However all the keyboards I’ve seen attache the F and the J differently (they also have the home row bumps). Why do they attach them differently? why does it matter to them?

can't reach google.com for at least 4 hours

Tue, 06 May 2008 23:56:00 +0000

no it isn’t my browser, no it isn’t my computer, and no it isn’t my network. It could be my isp’s network I don’t really know.I can’t contact google… tried mailing webmaster, but guess what.Thank you for writing to Google. We’d like to assist you, but we onlyrespond to messages submitted through our online contact form. Pleasevisit http://www.google.com/support/ to submit your message, and we’ll getback to you soon. We apologize for any inconvenience, and we look forwardto hearing from you.

ext3 defaults update and grub breaks

Thu, 01 May 2008 17:20:00 +0000

GRUB vs. the Inodes: Who Needs a Bootable System, Anyway?So apparently ext3 decided to bump the default inode size to 256 however grub 0.97 can’t boot this and grub people aren’t about to fix it because they are working on grub 2. Yeah that sounds about right… don’t maintain your existing code base even though your next product isn’t out yet.Amarok is doing this too, it’s quite annoying, and very poor develompment practice.

recipe for success

Tue, 29 Apr 2008 13:13:00 +0000

Example 1In 2003, an Internet meme known as “How You Remind Me of Someday”, or “Nickelback to Back”, was created to illustrate the similarities between the songs “How You Remind Me” and “Someday”.In response, bass player Mike Kroeger said “I think that’s remarkable for someone to notice that there is a hit quality. If all hits sound the same, then sorry. When you are a band that has a distinct style such as us or AC/DC, that happens.

Making secure recoverable passwords

Sun, 27 Apr 2008 14:08:00 +0000

Update: I would suggest using a password manager like LastPass, or a long passphrase before this method now. For the basic you need a calculator with a decimal to hex function. Your OS should have one built in (scientific mode), many calculator’s do to. For advanced you’ll need special hashing software, suggestions for it can be found below. Windows: HashCalc Macintosh MacHash Linux/(*nix) Gnu Coreutils Now that we have the software we need.

Tracking your home directory with a VCS

Sat, 26 Apr 2008 19:00:00 +0000

Josh Carter has done some interesting benchmarkingin this area.His tests include Subversion, Mercurial, Git, and Bazaar–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

More Advice to a Young Developer

Fri, 25 Apr 2008 15:39:00 +0000

More Advice to a Young DeveloperI think most of it applies to IT In general or even the world at large.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Poor Support - READ WHAT I SAID

Fri, 25 Apr 2008 10:20:00 +0000

For Starters I’m annoyed and ranting. I’m going to pick on some particular companies, but this problem applies to the WHOLE support industry.Stop using generic scripted answers for problems where they obviously don’t apply. I’ve used them myself in the support industry, but where they apply.Examples are paraphrasedExample1: Amazon.com and there poorly worded emailsMe> I received an email saying that I had recently bought or viewed lawnmowers, I haven’t. Has my account been compromised?

firefox 3 beta5

Wed, 23 Apr 2008 09:18:00 +0000

I installed firefox 3 beta5 the other day. I’t really fast and has some really cool new features. Unfortunately it’s still too buggy for me. I’m downgrading back to 2.0 I’ll see firefox 3 when it’s stable.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

busybox vi

Tue, 22 Apr 2008 09:07:00 +0000

although there isn’t much to say about it, it’s even more limited than the original vi. If you are like me and have been using a vi clone for so long that other editor’s are unimaginable. I suggest trying busybox vion your *nix cli. At least until you can install vi(m).–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Seagate Kills Linux Support

Sun, 20 Apr 2008 20:20:00 +0000

This was on Mad Penguin(wish he had cited it). I guess my next new hard drive won’t be a seagate. I’ll Stick with Western Digital and Maxtor (I’ve never had problems with maxtor’s going bad before 3 years. Mine have lived ~5 maybe more).–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Open Source it or not?

Fri, 18 Apr 2008 19:34:00 +0000

When building a new web service should you open source it or not? if you do open source it, it may make it harder to have a revenue.I am of course building my product on a LAMP stack, and I’m a huge open source proponent. But if the majority of the revenue model is based around people using my site, wouldn’t it hurt me to allow others to basically rebuild my site on there own?

rss/atom bulk

Fri, 18 Apr 2008 19:02:00 +0000

I’ve noticed recently that some of the feeds I’ve subscribed to are including a lot of stuff I don’t care about, I’m wondering if it would be possible to have a bayesian filter for rss/atom like I do for email.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

What's wrong with Open Source Developers

Mon, 14 Apr 2008 23:36:00 +0000

I was going to write something up about what’s wrong with open source developers. But Beranger beat me to it by explaining why Open Source is not about love.I agree with him on everything except what he says about kde (and even that’s not wrong kde4 just isn’t ready to be judged yet).I have one thing to say in addition to it though.There are 4 kinds of open source developers1.) The insulting arrogant loud mouth2.

Maintainance Problem

Sun, 13 Apr 2008 00:18:00 +0000

Although open source means worse case scenario you can grab the source and maintain it yourself often this doesn’t happen. Many awesome projects just go into obscurity and I’m sure many people aren’t even aware they are no longer maintained. There was no announcement, no project closing, no call for help. The developers just stopped coding, maybe they died, who knows.I’m starting a blog called Maintenance Required(maybe I’ll do more later) to list software that needs someone to take care of it.

Would you steal a buck? How about a can of soda?

Sat, 12 Apr 2008 21:22:00 +0000

Would you steal a buck? How about a can of soda? An interesting article questioning why people make predictably irrational decisions.

msysgit shouldn't be used

Fri, 11 Apr 2008 23:49:00 +0000

Unfortunately the developers of this project are the kind that I don’t want to deal with. Their documentation is below average, and the average documentation is already sad. Instead of plugging in to msys, they require you to use their fork of msys. I call it a fork because it isn’t a 1:1 copy, they add and removing things as they see fit. Their primary installer doesn’t include msys.bat (apparently other installers do) this makes launching the msys bash environment easy.

iptables for the average desktop user

Tue, 08 Apr 2008 23:20:00 +0000

The Best guide for learning the basics of iptables is here Linux 2.4 Stateful firewall design for the most part it continues to apply to the 2.6 kernel. The only things that won’t apply to your linux system will be: emerge if you aren’t on gentoo, and the kernel options which have changed since 2.4 and even a couple of times during 2.6. I’m not going to cover those here. If you need help building your kernel or installing iptables I suggest that you consult with either the iptables home page or even better your distribution.

Tagged - A site that doesn't get it right

Fri, 04 Apr 2008 19:07:00 +0000

Taggedyet another Social Networking site. I don’t mind that these sites want to connect to my email and check for contacts… but always ALWAYS allow me to skip that section. I find it poor security to enter my password just because something asks for it. Fortunately I was smart enough to stop entering data, and click a link in the ‘welcome to’ email to go straight to my profile. I’m adding them to the hall of shame for being a security risk.

msys - native *nix on windows

Wed, 02 Apr 2008 21:55:00 +0000

msys homeThis is not a virtual machine, not an emulator, and technically not linux. This is a native linux like environment on windows, including BASH, the coreutils, vim and more. Brought to you by the wonderful people who brought us mingw. If you are a *nix person and HAVE to use windows I highly suggest you install this. With this Firefox, Opera, Pidgin, and many more cross platform apps you will start to feel to home in windows.

really nice

Wed, 02 Apr 2008 09:36:00 +0000

if you are using the cfq io scheduler in linux you can use ionice to nice your io. so to really nice something you would do nice -n 19 ionice -c 3 programname. This may not be the best idea on all programs but it works. If a program is beating your hd and cpu and you don’t want it to run this when starting it.

what hack to do first?

Wed, 02 Apr 2008 08:59:00 +0000

Lets see, I could work on the ipset init script bug (meaning write the init script) for gentoo. I could start digging into amarok 2’s sql.I have to figure out my Linksys WRT54GL and whether I want openwrt or ddwrt or just to leave it as is. I could be hacking my web app, or regen2. So many choices, so little time.I don’t really feel like doing the router now. So that’s out.

Perl by Example not on O'Reilly's Safari

Tue, 01 Apr 2008 18:38:00 +0000

I like Safari. It’s a great product that I pay ~$500 a year for. I just started a Perl class and the book is Perl by Example. Guess what it isn’t on safari or at least searching for the exact title doesn’t find it. I’ve queried the O’reilly and Prentice Hall people. I pay $500 a year, all the rest of the ‘By Example’ Books are there, I want my book.

Just answer the question!

Tue, 01 Apr 2008 13:38:00 +0000

I don’t mind when people offer additional advice. But when a question about package Y is asked don’t suggest package X (unless you have to say not possible in Y but it is in X). I mean when I ask how do I fix this dependency blocker in portage don’t suggest paludis. The blocker would still exist.If I ask which files are my config files so I can migrate them. don’t say move all of your files.

Blogger needs better contact info

Mon, 31 Mar 2008 09:41:00 +0000

I have 4 Instant messenger addresses, and freenode (irc) hacked into my ‘about me’ why is it that blogger thinks one will be enough? maybe someday. But that day is not yet here. Blogger should allow for customizable profiles more like it does with our blogs.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

wiped out svn

Mon, 31 Mar 2008 04:26:00 +0000

So I’m sitting at my computer running out of space on /var and I think ok I need to move my svn repositories to /srv which is on ext3 and part of /. so I go to move them there… it says file exits. I ls /srv/svn sure enough there they are. I’ve already moved them great rm -r /var/svn (gentoo doesn’t enable -i by default) it deletes everything. I shortly realize that /srv/svn was a symlink to /var/svn.

How to disagree

Fri, 28 Mar 2008 22:57:00 +0000

I recently stumbled upon Paul Graham. He wrote this article on How to Disagreerecently. All of his essays/articles are well written.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

what's in my name (xenoterracide)

Thu, 27 Mar 2008 01:00:00 +0000

So 2 days in a row I’ve had developers discussing the root of my handle. so here we go. xeno is greek, normal definitions aside in science fiction it is often used when referring to alien life forms. terra is latin, it means earth. is english (with latin roots), means killer or killing. loosely translated it meant to me ‘alien earthling killer’, but that was when I was 16. Now, it’s just my handle and has no other meaning to me other than it’s unique and a part of my history.

ReGen2 Linux

Wed, 26 Mar 2008 22:33:00 +0000

I’m starting a blog for my thoughts on forking Gentoo Linux here–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

New version of SELinux released

Tue, 25 Mar 2008 18:20:00 +0000

also see the selinux home/news page http://www.nsa.gov/selinux/news.cfm–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Unix Toolbox

Mon, 24 Mar 2008 17:49:00 +0000

Found this Unix Toolboxon Diggtoday. Most complete list of commands for Linux/BSD/UNIX that I’ve ever seen. I could only think of one missing off the top of my head. ionice.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

USA's Secuity is at risk... from itself

Fri, 21 Mar 2008 17:43:00 +0000

Yes, yes, one again the USA has made a fool of itself. This time by sending emails out with a return address of ‘donotreply.com’. the guys blog is funny, look at all the corporate fools.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Favorites

Tue, 18 Mar 2008 20:01:00 +0000

Just a thought… blogger should add a ‘Favorite Videogames’ to our profiles. I believe that videogames are similar enough to music/movies/books that they should get their own area. Or perhaps just games.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Dawn of War: Soulstorm

Wed, 12 Mar 2008 20:30:00 +0000

To start I just got this game so I will be expanding this review throughout the next few days.First the Bad.The intro movie (to the game) feels more cartoony than the previous ones, I don’t like the style. I don’t feel that it is on par with Relic’s previous movies. This is a trivial complaint and perhaps merely artistic preference.There doesn’t seem to be a race intro movie like there was in Dark Crusade.

10,000 B.C

Sun, 09 Mar 2008 14:33:00 +0000

First, I enjoyed this movie. I’d give it a B grade as far as movies go. However, it can’t possibly survive it’s own hype. The CGI in the movie is awesome. The story is so, so. Historically it’s wildly inaccurate, but you should have known that from the trailer. I won’t be buying this one, nore probably watching it again. However, I think it is worth seeing at least once, and probably on the big screen just for the graphics.

What Open Source Operating System's still need

Fri, 07 Mar 2008 15:25:00 +0000

I’m not going to mention things that are beyond the control of open source such as drivers and multimedia. These things are the fault of the corporations that control them.The first thing I think these systems need is a unified password manager. Instead both gnome and kde have there own password storage system and so do a million other apps. I think OpenBSD should lead the pack on this one given there reputation for security.

The Eye (movie)

Tue, 26 Feb 2008 12:36:00 +0000

imdb entryI went to see this the other night. Because NCGwas having problem’s with Cloverfield… and we were already there.I didn’t find it scary at all. A little creepy. The blurry vision and screaming death shadows were just annoying.I did think that it might be an interesting concept for a Mage Awakening in Mage the Awakening RPG. Not as is of course.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.

Anti-depressants no better than Placebo

Tue, 26 Feb 2008 11:43:00 +0000

Article.Well apparently some research has been done, on non-published studies done, that shows for the most part anti-depressants aren’t better than placebo’s. Say it ain’t so… the drug companies wouldn’t not tell us if they knew that you could get the same effect without buying their drugs at $100 a bottle would they?saw this article first on slashdot–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

I have an account?

Fri, 22 Feb 2008 18:12:00 +0000

Most people complain, “I don’t know what my username and password for site x is”. I don’t have that problem, because I use the username xenoterracide almost everywhere, except for anal places that provide me with usernames, like my bank or school, or don’t allow that many characters in the username.My problem is I can’t remember all the places I have an account.I was looking at flickr last night, needed an account to look at something.

Participation Points

Wed, 20 Feb 2008 19:51:00 +0000

At Baker College they don’t allow teachers to grade based on attendance. I’m sure this policy is common with most schools. So what do the teacher’s do? they grade based on participation. This is crap as to be able to participate you must attend the class. What the teacher’s are actually doing is re-labeling attendance points as participation. Because it doesn’t matter whether you take part in a class conversation. All you have to do is show up.

Jumper (movie)

Fri, 15 Feb 2008 16:35:00 +0000

IMDB entry)Saw this movie yesterday. It was Ok. It wasn’t great, it wasn’t horrible. I can’t really say anything, good about it. But I can’t say anything bad either. I enjoyed it, I won’t be buying it, or seeing it again though.–This workby Caleb Cushingis licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Modern Bigotry - Black History Month

Fri, 15 Feb 2008 16:12:00 +0000

First off, I’m not racist, I’d like to think I’m not bigoted in any way.But I’m tired of all these equality rants from blacks and females.WE WERE SLAVES. So? so what? every race under the sun has had slaves and been enslaved at some point during the history of humans. Why are you special?Why don’t we have a white history month? A Jewish history month? A Latino history month? etc, etc.