2005-8-1
Hello cyberspace...
I've been away from the blog for a while. I've noticed that many of my favorite Web authors have slowed down or stopped writing. Maybe I should have written to let them know that I am a reader. A little encouragement while they are still writing a good bit might help? I am not a psychologist.
Some of my favorites are FreeBSD's Greg Lehey's diary, Telsa Gwynne's diary, James Gosling's "on the Java road", and the blogs in my blogroll. Greg is a guru, an old school Unix wizard, has a ranch in Australia, and makes some mean looking Malay dishes. Telsa is a smart and very funny lady, who is very Welsh these days. I wish she would write more about her reading materials, she turned me on to Lindsay Davis, who writes excellent Roman detective novels. Oddly enough the main character is male, and is well written in my opinion. Also everyone speaks with some British slang, though they are Romans and Western Europeans living 1500 years ago. She is also living in a domestic situation of some sort in a cottage in Wales with one Alan Cox, who ported the Linux kernel to the 68k Macintosh sans docs, and continues to make sure the coolest new sound card works under Linux, as well as other things.
James Gosling is none other than the guy who dreamed up Java, and then went and implemented it. He was an early member of Sun Microsystems and wrote a desktop windowing system for Unix that was better than X. He is still at Sun and, even though they sell laptops running Solaris now, uses a PowerBook and a Linux server. He also likes to invent elaborate contraptions such as guns and catapults for launching t-shirts at conferences.
They have all written their own content management software for their Web sites by hand, come to think of it. I have not, but I've tinkered with mine. Does that count?
Summer is waning already. I'm scheduled for fall classes and I have arranged for more financial aid, which would have been smart last year. I catch on eventually.
I have passed LPIC Junior Linux Administrator exam 101. I have to pass 102 as well to be certified. I need to do it quickly, but Friday I tried to schedule it twice and was told to check my account page to see if the transaction completed or not. By the time I get it scheduled I'm sure I will have been charged for it ten times. The LPI site is PHP and works fine, but the testing vendor Prometric uses ASP, and keeps choking. Coincidence?
I have been in IOS land at work, managing Cisco switches. I am the master of login authentication in IOS at this point. I am also familiar with exactly where Net::Telnet requires newlines in interacting with switches. Sorry, Net::Telnet is the Perl module that lets you talk telnet, and we automate the switch management with Perl. It's been very interesting, and I've had a trial by fire on IOS. I've found IOS to be the big commercial network device OS, which is very poorly documented in spite of all of the books. You just have to observe its habits. Whereas Perl, the poor man's development environment and duct tape of the internet, is incredibly documented. I like Python, but the docs are not nearly as good. If you have to work with IOS try O'Reilly's "Cisco IOS in a Nutshell". I am normally not crazy about the Nutshell books, but it has been really helpful with IOS. I'm actually using the online version through the university's library site, which is great!
The project is converting the switches, and the scripts to control them, to use RADIUS authentication, via our parent department's Active Directory server. It will be something when it is all done and purring like a kitten.
Before being allowed to finish that, however, we were asked to add that department's switches to our management system. Um, but, they don't know where they are. I mean, they kind of know where some of them are, in some of the buildings. And they know what IP ranges the different buildings are assigned. But that only narrows it down to about 1750 IP addresses... So, for the first two ranges I used a script that could ping 255 addresses in about five minutes, and log the results. I just used bash. Then I tried to telnet into the live IPs. That was fine for a couple of locations where almost everyone is gone for summer break. Then I hit a location that had over 600 IPs, and my ping/telnet combo ran out of steam.
So I worked with nmap a little bit, and got it testing the IP range for hosts, and logging the hostname and operating system, with some guesses and probability percentages. Some greps later, nmap taught me how it sees different network devices, and I ended up with a few simple grep arguments piped into tee to log results. Pretty much everything I logged was a Cisco device of some kind, and most of them I had an enable password for, so they are to be added to the system. I double check each IP range later to be sure, but so far I've figured out what nmap calls our Cisco gear.
It would have been cool to filter it all down more and have it do some of the data entry work in MySQL for me, but at some point you have to say you've learned enough today, and forego automation for some repetitive manual work. Hopefully I will not have to add unmapped networks to our system often. So I have plenty of IPs yet to scan.
The other project is simply installing the Cisco Clean Access Server/Perfigo/Redhat 7 product on our Clean Access Servers. I'm not involved in configuring right now nor am I interested after working with it for about a day. I'm a snob, but as companies use Linux in their products, they seem to completely mangle it. If you can just use their little Web interface all is well, but if you need to MAKE IT DO MORE! in the usual Linux fashion, you will be disappointed.
Speaking of which, I should send this to Greg's "Why I Hate Linux" page: This morning I was asked to make a couple copies of the Cisco software, and so I used mkisofs to create a copy of the CD. (Later I found it was a broken image, so I guess they've successfully made mkisofs harder to use) I then was going to mount the iso as a loopback file system to make sure it was kosher. losetup gave me errors trying to address the device /dev/loop0 or /dev/loop/0. Neither existed. I found out I needed to load loop.ko (?). So I did. Now the entries were in /dev, but losetup still didn't work. I ran MAKEDEV several different ways. I know that 2.6 kernels now use new abstractions for /proc and /dev, but come on! I rebooted after setting my /etc script to load loop.ko on boot. Didn't help. I read man pages of course, and finded and greped /usr/share/doc. Argh! I read the mount man page. I did a mount -o loop and it worked. Aaagh! Who changed this stuff? I use the loopback device often, it's great. But why break losetup? What if for some reason you need to mount several virtual filesystems on several loopback devices, and then mount them to different parts of the file system? Well, you can't under Ubuntu. It wants to losetup and losetup -d for you via a mount wrapper. Also cdrecord and mkisofs don't seem to work right from the command line. The GNOME stuff works, but I hate it. I can't use the GNOME stuff on Windows, but I can use cdrecord and mkisofs. STOP BREAKING STUFF. None of this breakage was documented, and yes I searched the mailing list archive, which does not have a search bar. No, you have to load each month one at a time and use /foo or ctrl-f foo or whatever. And the fancy Content Managed web forums have no search capability at all. But they do have lots of fancy boxes and pictures and emoticons. BLECH.
Ubuntu has made a pretty good one-cd Linux distribution, but they should not punish long-time users by breaking existing tools in their desire to make gui tools work. What if your script depends on the command line binary to quietly return status in Unix tradition? You have to install Debian I guess. Or BSD.
One more thing, I promise. mkbootdisk does not work, because the fscking auto-mounter detects the filesystem WHILE IT'S BEING MADE, and mounts it before the mkbootdisk script can, which makes mkbootdisk fail. Why even have mkbootdisk then? You can't use it. Why have losetup? Apparently they still think these things work or they wouldn't bother including them on a single CD distro. Bad brokenness.
On the other hand, at least with a single cd install you can get the system installed at all. OpenBSD is the only system that installs from a single CD and gives me wireless so I can install more stuff, other than Ubuntu. Everybody else makes me do the things I've detailed in the past to get wireless connectivity.
I recently tried to install Solaris 9, Mandrake LE 2005 and Suse 9.3 on a test box. All it had to do was get a DHCP lease and run a browser so we could test Clean Access. Solaris doesn't have a Tulip driver (are you kidding?), Mandrake couldn't find any of the ftp mirrors pre-set in the installer, so it installed a minimal system that didn't allow me to even use urpmi to install a browser or configuration tools, and, well, okay Suse installed. It had a text browser, which I was able to use to find a mirror and install mozilla from it. But the installer didn't offer to find a mirror for me to install from, so I ended up with an FVMW desktop and menu buttons that did nothing because things were not installed.
So, bottom line I continue to be disappointed by distributions. Having said that, you do what you can with the tools you have. I guess I'm getting lazy and hoping new releases will make life easier, but they don't. Ubuntu is about the best I've seen, but why did they have to break those simple things?
I'm looking forward to the combined efforts of Mandrake Connectiva LinOS and TurboLinux, at least I think it was those four. They decided this month to use the Debian system for a back-end to make their work more like Ubuntu, but moving over their existing tools. That sounds like a challenge, the Mandrake init scripts have nothing in common with Debian. But it could lead to good things.
I used two releases of TurboLinux, and both were useful. The 6.something was missing some things I was used to in Slackware, but version 8 was really something. I first got my Cisco wireless card to work on Linux under TurboLinux Server 8, and it was a good system. I remember accessing files via ftp like they were on my local machine, awesome. That trick has been tried lots of times, but it really works on Turbo. I wish they had a PPC release these days.
Bed time. Signing off. I'm writing from Ubuntu through my server tonight.
The human race is a race of cowards; and I am not only marching in that
procession but carrying a banner.
-- Mark Twain
... more like this: [foo]
Some of my favorites are FreeBSD's Greg Lehey's diary, Telsa Gwynne's diary, James Gosling's "on the Java road", and the blogs in my blogroll. Greg is a guru, an old school Unix wizard, has a ranch in Australia, and makes some mean looking Malay dishes. Telsa is a smart and very funny lady, who is very Welsh these days. I wish she would write more about her reading materials, she turned me on to Lindsay Davis, who writes excellent Roman detective novels. Oddly enough the main character is male, and is well written in my opinion. Also everyone speaks with some British slang, though they are Romans and Western Europeans living 1500 years ago. She is also living in a domestic situation of some sort in a cottage in Wales with one Alan Cox, who ported the Linux kernel to the 68k Macintosh sans docs, and continues to make sure the coolest new sound card works under Linux, as well as other things.
James Gosling is none other than the guy who dreamed up Java, and then went and implemented it. He was an early member of Sun Microsystems and wrote a desktop windowing system for Unix that was better than X. He is still at Sun and, even though they sell laptops running Solaris now, uses a PowerBook and a Linux server. He also likes to invent elaborate contraptions such as guns and catapults for launching t-shirts at conferences.
They have all written their own content management software for their Web sites by hand, come to think of it. I have not, but I've tinkered with mine. Does that count?
Summer is waning already. I'm scheduled for fall classes and I have arranged for more financial aid, which would have been smart last year. I catch on eventually.
I have passed LPIC Junior Linux Administrator exam 101. I have to pass 102 as well to be certified. I need to do it quickly, but Friday I tried to schedule it twice and was told to check my account page to see if the transaction completed or not. By the time I get it scheduled I'm sure I will have been charged for it ten times. The LPI site is PHP and works fine, but the testing vendor Prometric uses ASP, and keeps choking. Coincidence?
I have been in IOS land at work, managing Cisco switches. I am the master of login authentication in IOS at this point. I am also familiar with exactly where Net::Telnet requires newlines in interacting with switches. Sorry, Net::Telnet is the Perl module that lets you talk telnet, and we automate the switch management with Perl. It's been very interesting, and I've had a trial by fire on IOS. I've found IOS to be the big commercial network device OS, which is very poorly documented in spite of all of the books. You just have to observe its habits. Whereas Perl, the poor man's development environment and duct tape of the internet, is incredibly documented. I like Python, but the docs are not nearly as good. If you have to work with IOS try O'Reilly's "Cisco IOS in a Nutshell". I am normally not crazy about the Nutshell books, but it has been really helpful with IOS. I'm actually using the online version through the university's library site, which is great!
The project is converting the switches, and the scripts to control them, to use RADIUS authentication, via our parent department's Active Directory server. It will be something when it is all done and purring like a kitten.
Before being allowed to finish that, however, we were asked to add that department's switches to our management system. Um, but, they don't know where they are. I mean, they kind of know where some of them are, in some of the buildings. And they know what IP ranges the different buildings are assigned. But that only narrows it down to about 1750 IP addresses... So, for the first two ranges I used a script that could ping 255 addresses in about five minutes, and log the results. I just used bash. Then I tried to telnet into the live IPs. That was fine for a couple of locations where almost everyone is gone for summer break. Then I hit a location that had over 600 IPs, and my ping/telnet combo ran out of steam.
So I worked with nmap a little bit, and got it testing the IP range for hosts, and logging the hostname and operating system, with some guesses and probability percentages. Some greps later, nmap taught me how it sees different network devices, and I ended up with a few simple grep arguments piped into tee to log results. Pretty much everything I logged was a Cisco device of some kind, and most of them I had an enable password for, so they are to be added to the system. I double check each IP range later to be sure, but so far I've figured out what nmap calls our Cisco gear.
It would have been cool to filter it all down more and have it do some of the data entry work in MySQL for me, but at some point you have to say you've learned enough today, and forego automation for some repetitive manual work. Hopefully I will not have to add unmapped networks to our system often. So I have plenty of IPs yet to scan.
The other project is simply installing the Cisco Clean Access Server/Perfigo/Redhat 7 product on our Clean Access Servers. I'm not involved in configuring right now nor am I interested after working with it for about a day. I'm a snob, but as companies use Linux in their products, they seem to completely mangle it. If you can just use their little Web interface all is well, but if you need to MAKE IT DO MORE! in the usual Linux fashion, you will be disappointed.
Speaking of which, I should send this to Greg's "Why I Hate Linux" page: This morning I was asked to make a couple copies of the Cisco software, and so I used mkisofs to create a copy of the CD. (Later I found it was a broken image, so I guess they've successfully made mkisofs harder to use) I then was going to mount the iso as a loopback file system to make sure it was kosher. losetup gave me errors trying to address the device /dev/loop0 or /dev/loop/0. Neither existed. I found out I needed to load loop.ko (?). So I did. Now the entries were in /dev, but losetup still didn't work. I ran MAKEDEV several different ways. I know that 2.6 kernels now use new abstractions for /proc and /dev, but come on! I rebooted after setting my /etc script to load loop.ko on boot. Didn't help. I read man pages of course, and finded and greped /usr/share/doc. Argh! I read the mount man page. I did a mount -o loop and it worked. Aaagh! Who changed this stuff? I use the loopback device often, it's great. But why break losetup? What if for some reason you need to mount several virtual filesystems on several loopback devices, and then mount them to different parts of the file system? Well, you can't under Ubuntu. It wants to losetup and losetup -d for you via a mount wrapper. Also cdrecord and mkisofs don't seem to work right from the command line. The GNOME stuff works, but I hate it. I can't use the GNOME stuff on Windows, but I can use cdrecord and mkisofs. STOP BREAKING STUFF. None of this breakage was documented, and yes I searched the mailing list archive, which does not have a search bar. No, you have to load each month one at a time and use /foo or ctrl-f foo or whatever. And the fancy Content Managed web forums have no search capability at all. But they do have lots of fancy boxes and pictures and emoticons. BLECH.
Ubuntu has made a pretty good one-cd Linux distribution, but they should not punish long-time users by breaking existing tools in their desire to make gui tools work. What if your script depends on the command line binary to quietly return status in Unix tradition? You have to install Debian I guess. Or BSD.
One more thing, I promise. mkbootdisk does not work, because the fscking auto-mounter detects the filesystem WHILE IT'S BEING MADE, and mounts it before the mkbootdisk script can, which makes mkbootdisk fail. Why even have mkbootdisk then? You can't use it. Why have losetup? Apparently they still think these things work or they wouldn't bother including them on a single CD distro. Bad brokenness.
On the other hand, at least with a single cd install you can get the system installed at all. OpenBSD is the only system that installs from a single CD and gives me wireless so I can install more stuff, other than Ubuntu. Everybody else makes me do the things I've detailed in the past to get wireless connectivity.
I recently tried to install Solaris 9, Mandrake LE 2005 and Suse 9.3 on a test box. All it had to do was get a DHCP lease and run a browser so we could test Clean Access. Solaris doesn't have a Tulip driver (are you kidding?), Mandrake couldn't find any of the ftp mirrors pre-set in the installer, so it installed a minimal system that didn't allow me to even use urpmi to install a browser or configuration tools, and, well, okay Suse installed. It had a text browser, which I was able to use to find a mirror and install mozilla from it. But the installer didn't offer to find a mirror for me to install from, so I ended up with an FVMW desktop and menu buttons that did nothing because things were not installed.
So, bottom line I continue to be disappointed by distributions. Having said that, you do what you can with the tools you have. I guess I'm getting lazy and hoping new releases will make life easier, but they don't. Ubuntu is about the best I've seen, but why did they have to break those simple things?
I'm looking forward to the combined efforts of Mandrake Connectiva LinOS and TurboLinux, at least I think it was those four. They decided this month to use the Debian system for a back-end to make their work more like Ubuntu, but moving over their existing tools. That sounds like a challenge, the Mandrake init scripts have nothing in common with Debian. But it could lead to good things.
I used two releases of TurboLinux, and both were useful. The 6.something was missing some things I was used to in Slackware, but version 8 was really something. I first got my Cisco wireless card to work on Linux under TurboLinux Server 8, and it was a good system. I remember accessing files via ftp like they were on my local machine, awesome. That trick has been tried lots of times, but it really works on Turbo. I wish they had a PPC release these days.
Bed time. Signing off. I'm writing from Ubuntu through my server tonight.
The human race is a race of cowards; and I am not only marching in that
procession but carrying a banner.
-- Mark Twain