EKM

I remember why I got out of being a sysadmin, it’s a lot like being a plumber.

Some software – Dovecot for example – is a joy to use, because it’s well documented, and just works, even when you want it to do slightly strange things. Other software, in this case Cyrus saslauthd, is so follicle destroyingly bad, that it needs to be taken out the back and drowned. Twice.

Having procured a shiny new Android phone and talked Vodafone into supplying me with lots of traffic, I set about setting it up to talk my email and Jabber server, and blog, and all that goodness, and everything is shiny.

Later, it occurred to me, that if my phone is stolen, and the thief is clever enough to extract my password, he has ssh and sudo access to my server. The odds of this happening are exceedingly low, but the results of this happening are catastrophically high. Compounding this is that everything on this server hangs off the Kerberos database for authentication, which means that my users don’t have different passwords for different services, but presents problems once users start saving these passwords on to their phones.

But, I had a great idea. Run up local SQL database that has a list of alternate hashes that only work for email, chat, blogs and other non-shell activity. Awesome. I built the database schema and connected dovecot to in the space of a lunch hour., and all was happy. Tonight, I attempted to connect up other systems. After spending an hour and half battling the mysterious server_set_id in exim, I tried to make the saslauthd connect to the database.

After much cursing, I have discovered that the saslauthd SQL plugin requires that the password is stored in plain text, because the SELECT string isn’t capable of substituting the password into the query string. It also doesn’t handle more that a single row response, which means the entire exercise is looking somewhat futile, because my blogging software (wordpress) and chat software (Openfire) and various other bits and pieces all go through the LDAP server which can only do plain text authentication to Kerberos via saslauthd. It is possible to get exim to use the dovecot sasl server, but this architecturally seems like the wrong way of doing things.

And this is why I hated being a sysadmin, so much software out there is just rubbish.

Update: I set exim to use Dovecots SASL daemon. Works great.

Bivouac continues to get a good run out of me. The blazing heat this summer reminded me of the dearth of shorts in my wardrobe, and so about six weeks ago, I procured a pair of Cactus WK Shorts for the not particularly cheap price of $139. On the upside, if I ever discover the urge to go hiking a decade from now, I’ll probably be taking these, because they won’t have worn out.

What the picture on the right doesn’t completely convey is that before they’ve been washed a few times, they stand up like that all by themselves. On first wearing, the fabric is more reminiscent of the material used to make tents, because these beasties aren’t regular twill cotton, but rather, are made from 14 oz canvas.

The care instructions tell me not to hand wash the first few times, and to “…always use a mild soap rather than the traditional NZ industrial grade laundry powder…” which I should have paid attention to, as my pair has now developed a few light character creases where they folded in the washing machine.

The construction is a fairly generic five pocket pant design, similar to a pair of cut-off jeans, with a generous fob pocket that will easily take a set of keys or a medium sized smart phone. They are quite comfy once softened up, though I would have appreciated a crotch that was perhaps an inch lower. My only real complaint is that they pick up stains with disturbing ease which do not simply brush off like such accidents would on a pair of polyester shorts – and there’s no room for weight gain, because there’s no way these will stretch. Ever.

I’ve had an Android phone phone for a bit over a week now, and already I’m seeing the possibilities.

One of my little bug bears is that I see posters up for concerts and think ‘Oh that would be cool to go to’ – and then totally forget when the evening rolls around.

In theory, I can put these concerts into the calendar on my phone, but often, that’s just not feasible.

However, there’s a neat bit of software by ZXing that will scan in QR codes, or the equivalent for iPhones. QR codes can embed information in various formats, including events. Here’s one below.

I’d go to so many more events if posters had these.

Update @ 1350 17th Jan: Changed the iPhone link for a free App.

Update @ 1525 17th Jan: Replaced the QR code with one generated locally. Some reader implementations were returning very strange results. If you’re reading this and could try the above code and leave a comment with the software you use and the results it gives, that would be awesome.

Another year has rolled over. I spent a large chunk of the new years party staring into space thinking about where I’ve been, and what I’m going to do.

2010 didn’t entirely go as planned. But, rather than dwelling on what I didn’t do, and what went wrong, I’m going to look at what I want to achieve. Here’s my list for 2011.

• Develop and/or contribute to an Android app.
• Develop and/or contribute to an application in Linux.
• Go and see at least two of the following; Plays, live bands, classical concerts*.
• Invest in some shares (finally). (18/08/2011)
• Pay off my student loan. (20/01/2011)
• Write at least 20,000 words of fiction.
• Get back down to 80 kg.
• Blog more.

Travel isn’t on there, because it’s time & money consuming. I can do that when I’m older. The time to build things is when I’m ‘young’.

* This is what I’m going to do for my birthday.