Paul's Blog

The articles below are on various topics, though the majority are focused on some aspect of systems administration.

IT Operations on TV Shows · November 25, 2014

A recent thread on a technical mailing list I frequent was started by someone observing (perhaps complaining) that many television show plots rely on ridiculous IT operations.

I agree, but I don’t really care. I even approve.


Great Utilities: pbcopy · November 20, 2014

This is the first of what I hope will become a series of posts that highlight useful command-line computing utilities. Sometimes (like this post), the focus will be on what I consider to be relatively obscure programs; at other time, I’ll focus on obscure features of commonly used utilities.

This post is dedicated to a pair of Mac OS X utilities: pbcopy and pbpaste. The “pb” is both stands for “pasteboard”: they are command-line programs to getting content to and from the Mac clipboard.


ALL CAPS at NWS · November 11, 2014

I remain amused at the National Weather Service’s insistence on retaining its bulletin style of all-uppercase letters. Kevin Drum at Mother Jones, Will Oremus at Slate, Robinson Meyer at The Atlantic, and even the NWS itself have given answers, but none answers the real unspoken question. Teletype machines are still used…where, exactly?

Running ssh-add on a Remote Host · November 6, 2014

I learned something new today. It’s not earth-shattering, but it was news to me. I have a standard SSH authorized_keys file that I install on all the machines I manage or use. That file contains a couple different public keys, one corresponding to the private key on my work laptop and one to that on my Mac at home. Today, I was working at home, so I was using my home Mac, with its SSH private key loaded into the SSH agent.


The Evolution of Flushing DNS Cache in Mac OS X · October 24, 2014

I recently updated both my work and home Macs to OS X 10.10, aka Yosemite. As with most OS upgrades, little changes have accompanied the marquee upgrades. In particular, Yosemite has yet another way to flush the local DNS cache.


IPv6 Autoconfiguration · October 22, 2014

A friend sent me a message recently asking about the advisability of assigning a DNS AAAA record (for an IPv6 address) to a computer’s current IPv6 address. He wrote, One thing that I wasn’t certain about with IPv6 was whether or not this address could/would change in the future. As such, I wasn’t sure if I should create the AAAA record using it. Fun!

I knew that machine in question runs Linux and that it acts as a server, always running on the same firewall-protected network.

His question gets to an interesting thing, and configurable too.


Installing Haskell Platform 2014.2.0.0 on CentOS 6 · October 7, 2014

I was recently asked to assist someone install the newest Haskell Platform on a CentOS 6 machine. Mind you, the point of the Haskell Platform releases is to make it easier to get a complete Haskell development environment. I suppose it’s easier if you’re running a Linux distribution for which there are pre-built Haskell Platform binary releases. CentOS 6 is not one of those favored distributions, however, and the procedure was much, much harder than it should have been.


Warding Off IP-based Web Scans · October 2, 2014

Like any other web server on the Internet, mine is frequently the target of IPv4-based scanning attacks. The scanner just polls address after address and starts looking for vulnerabilties (or whatever) as soon as it sees signs of life on TCP port 80.

Apache has a quirk that allows you to mostly ignore these scanners, as long as you’re willing to use a virtual host for your web service.


Launch oVirt 3.3 VNC consoles in OS X · September 26, 2014

I recently ran into obstacles getting oVirt 3.3 VNC console sessions to launch in Mac OS X. I posted a description of the problem and a workaround solution on GitHub.

Steven Soderbergh on Raiders of the Lost Ark · September 24, 2014

Steven Soderbergh has done a really cool experiment. He stripped the color, score, and dialog from Raiders of the Lost Ark to study its staging. He writes, I’m just saying this is what I do when I try to learn about staging, and this filmmaker forgot more about staging by the time he made his first feature than I know to this day (for example, no matter how fast the cuts come, you always know exactly where you are—that’s high level visual math shit).


Using SOCKS5 Over SSH for Web Browsing · September 24, 2014

You’re on the road, connected to a wi-fi network you don’t trust, and you want to do some web browsing without having your traffic sniffed. A VPN connection would solve the problem, but all you really want is to keep your web session from prying eyes.

If you have three things, you’re in luck:

  • OpenSSH installed on your local system
  • A remote system to which you can establish an SSH connection
  • Firefox


Re-reading Mistress of the Art of Death · September 23, 2014

I’m currently re-reading Ariana Franklin’s very entertaining historical mystery novel Mistress of the Art of Death. Both Goodreads and Amazon have plot summaries, which I won’t provide here. My first time through the book, about two years ago, I spent most of my reading energy wrapping my head around the setting (England, in the realm of Henry II) and the various characters. Consequently, I failed to notice a crucial point: Ms.


Xcode License Requires Admin Privileges · September 19, 2014

Early this morning, I installed on my MacBook Pro at work Apple’s latest software updates, including Xcode 6.0.1. The update went smoothly. Later, I needed to work in my local copy of a Subversion repository, so as usual I grabbed the latest changes from the central copy of the repo before starting to work. [heinlein@macbook trunk]$ svn update Agreeing to the Xcode/iOS license requires admin privileges, please re-run as root via sudo.


iOS 8 Update: The Long Road · September 17, 2014

I kicked off the iOS 8 update on my iPhone 4S at 11:40 this morning. The download (all 940 GB of it) took a reasonable amount of time, given the network connectivity at work.

Then the installer spent roughly 45 minutes “preparing” the installation.


Stripping an Atom RSS Feed · September 10, 2014

At work, we’ve got an internal-only blog for some upcoming special projects. Our experience, however, is that blogs get ignored without some external notification system like RSS. The problem is that some of our employees use public aggregators like feedly, which cannot see behind our firewall.

Our internal blog generates an RSS feed, but the feed includes <content> and <summary> sections that we really don’t want published in a public RSS feed.

My solution is to copy the feed to a public web host, but massage it with XSLT to remove the sensitive sections.