Archive

Archive for the ‘management’ Category

The joys of btrfs and OpenSuSE – or “no space left on device”

March 13th, 2012 29 comments

At one point during the installation of OpenSuSE 12.1 on my Thinkpad I got a little adventurous and selected “btrfs” as the file system of choice. I wanted to have one large partition, but usually like /home to be apart from the rest so that I can keep all my data while doing a reinstall, upgrade or whatever. btrfs seemed a great choice to combine the two as it supports “subvolumes” which can be handled almost like own file systems. Read more…

Categories: linux, management, software, wtf Tags:

keeping track of changes in /etc

January 17th, 2012 No comments

using git was kind of painful as you had to configure “apt” to keep track of the changes with a “Post-Invoke” command. Determining the caller of apt was something ugly like “caller=$(ps axww | grep “^ *$$” -B3 | grep ” apt-get ” | head -n1 | sed ‘s/^.*\(apt-get .*\)/\1/’ )”. Forgetting to “chmod og-rwx /etc/.git” made your password shadows world readable. No fun at all . . .

The simple solution to all of that is called: etckeeper

It uses git per default but can use mercurial(hg), bazaar, or darcs as well. Supported packet managers are apt(dpkg), yum(rpm), pacman-g2 and probably more. Etckeeper does a commit every day per default, but as its a normal git (or hg …) one can manually commit any time (by using git directly or through “etckeeper commit message”). Everything (else) can be configured at /etc/etckeeper – funny coincidence – changes there will be tracked by etckeeper as well. Sounds like a self fulfilling prophecy – doesn’t it 😉

BTW: Normally, etckeeper is run inside /etc but with the command “etckeeper init [-d directory] one can keep a clone of /etc elsewhere (read: backup).

Categories: linux, management, software Tags: ,

Password Strength

November 10th, 2011 3 comments

I personally use 1password to generate, manage and backup my passwords. This lead to a controversial discussion today, because some people felt uncomfortable with the idea to upload all your passwords (albeit encrypted) to the cloud. Some interesting articles:

Good Bye Passwords (in German):
http://blog.koehntopp.de/archives/3085-Sag-zum-Passwort-leise-Tschuess….html

Awesome article about password strenght and password management:
http://www.troyhunt.com/2011/03/only-secure-password-is-one-you-cant.html

Password entropy calculator:
http://rumkin.com/tools/password/passchk.php

Most of my passwords are 50 characters long and thus not easily guessable (> 256bit entropy using the calculator above). How do you handle your passwords?

MS Security Essentials

October 12th, 2011 No comments

Der Eine oder Andere benutzt ja vielleicht VirtualBox oder Ähnliches um doch mal ein Windows zu starten. Bisher habe ich da als Virenschutz immer Avira-Antivir in der Free-Edition benutzt. Allerdings hat sich da mitlerweile sehr viel Werbung breit gemacht und das Ding bremst die, ohnehin schon nicht beliebig schnelle, VirtualBox aus.

Durch Zufall bin ich letzte Woche auf MS Security Essentials gestoßen. Ein kostenloser Virenscanner von Microsoft. Und er erkennt sogar 0zapftis 😉

Download unter: http://www.microsoft.com/de-de/security_essentials/default.aspx

MSSE erkennt sogar 0zapftis

Live Encryption of Non-Bootable Partitions with OS X 10.7 Lion

July 4th, 2011 3 comments

With many people looking forward to the release of OS X 10.7 Lion, whole disk encryption (WDE) is on top of many nerd’s looking-forward-to list. With most regular setups, this works unproblematically. However, if you have multiple partitions and/or disks, the benefits of live encryption – encrypting your data on the fly without having to reformat – are not supported by the System Preferences UI.

However, there is a surprisingly straightforward way to migrate your drives (be it – as in my case – a second internal hard disk or your thumb drive, etc). OS X’ Core Storage service supports drive encryption on the fly via the diskutil command using the following syntax:


diskutil cs convert /dev/diskXXsYY -passphrase

where diskXXsYY represents the partition you want to encrypt. Diskutil will try to unmount the partition in order to convert it to a logical Core Storage volume. If that’s not possible (as in my case where my home directory resides inside), you will have to restart the system. Otherwise, the conversion process will begin immediately. You can check on its progress by again using diskutil:


diskutil cs list

which will list your partition as part of a new Core Storage Volume and state how much has been encrypted.

One last warning: to the best of my knowledge, the encrypted volumes can only be mounted after a user has logged in (even if the passphrase has been stored in the system keychain). I had to migrate parts of my home folder to the system disk, because Lion would refuse to log me in otherwise. Needless to say, it may take a while for big disks to be encrypted (16h for my 1TB drive).

Categories: management, software Tags:

Calendar Server

June 14th, 2011 6 comments

Some things just don’t work very well. For me this has been keeping track of all my addresses, and meetings, and events in one single place but being able to access them on all my machines (macbook, ubuntu, my crapy nokia N7mini and so on).
I’ve been struggling with this issue for years [sic] and after moving from funambol(SyncML) to google calendar (CalDAV’ish) i am now trying something new – http://trac.calendarserver.org/. That is basically the open source version of apple’s ical-server which supports the CalDAV protocol (Calendar over WebDAV) and CardDAV (addresses). This is what I had to do to get it working:

vim /etc/fstab
    # add the "user_xattr" option to root
    # / ... errors=remount-ro,user_xattr ...
sudo apt-get build-dep postgresql
sudo apt-get install python-setuptools python-xattr python-twisted subversion curl libsasl2-dev libsqlite3-dev
mkdir CalDAV
cd CalDAV
svn co http://svn.macosforge.org/repository/calendarserver/CalendarServer/trunk CalendarServer
cd CalendarServer
./run -s
./run

Fingers crossed that everything compiles as expected. Say yes to copying the test configuration if asked. The test definition can be found in ./conf/caldavd-dev.plist and the user definition in ./conf/auth/accounts-test.xml. A user named admin with the passwort admin is already included. Now you can point your iCal, Safari, Firefox or simillar to port 8443 of your system to test the server. The run script features a -d for the deamon mode and an -i for installation as a real system service that can be enabled at boot time. It might be a godd idea to start the server in a screen session and then run the ./testserver and the ./test script in another one to check if everything works as expected. In my case a few tests failed, so i will update the svn export from time to time to see if this got fixed. As I do want to run this as a service and to keep a snapshot of this working version I did a self sustained installation with

./run -b /dst/dir

I still have to create a configuration that fits my needs but regarding the features this application provides i’m in cheerful spirits 😉

Categories: management, software Tags: , , ,

(Doodle) des DFN

December 20th, 2010 1 comment

Wer Doodle aus Gründen des Datenschutzes nicht mag für den gibt es vom DFN eine Alternative. Laut einem Vortrag von Hern Herber (Datenschutzbeauftragter der TUD) ist dieser Terminplaner auf jeden Fall auch bei Dienstgebrauch zu verwenden.

https://terminplaner.dfn.de/?language=de

So wie es aussieht ist das auch für alle aus der Welt frei zugänglich.

Categories: management Tags: , ,

scp für viele kleine Dateien

August 8th, 2009 1 comment

Immer benutze ich folgendes hilfreiches Kommando, welches elegant und schnell viele kleine Dateien per ssh kopiert:

tar cf – <dir_to_copy> | ssh <bar@foo> “tar xpf – -C <dest_dir>”

Das Ergebnis befindet sich dann auf foo in <dest_dir>/<dir_to_copy>.

Warum nimmt man da nicht scp? Scp hat die bei vielen kleinen Dateien unangenehme Eigenschaft, jede Datei einzeln zu puffern und dann zu übertragen. Das kann selbst bei gewaltigen Bandbreiten dann zu übertragungsraten von wenigen kB/s führen, was schon mal nervig sein kann.

Durch die Benutzung von tar wird das ganze Verzeichnis als einzelner Stream in großen Blöcken übertragen wie man sich das wünscht.

Categories: bashism, linux, management, software Tags:

Reading List on Software Management

July 16th, 2009 No comments

I recently came across the Fog Creek Reading List, which presents 75 books on software management. Additionally, Podcast#12 of Stackoverflow.com comments some of them.
Since I am always looking for interesting literature (mostly on processes of software development) and sometimes run out of ideas, I took the time to go through a good part of this list and add some books, taken from cross references.
It is a mix of management-, accounting-, psychology-, selling- and inspirational books plus stories about software companies/startups. If you are just doing a quick browse, I recommend the Fog Creek list – it has pictures.

Remarks:

  • means No information gathered
  • 0-5 ratings, (+ = 0.5 on amazon)
  • Pricing is from amazon.de
  • Please excuse the formatting 8[

download link

Categories: management, software Tags: , ,