Paul's Blog

The articles below are on various topics, though the majority are focused on some aspect of systems administration.

iOS 8 Update: The Long Road · September 17, 2014

I kicked off the iOS 8 update on my iPhone 4S at 11:40 this morning. The download (all 940 GB of it) took a reasonable amount of time, given the network connectivity at work.

Then the installer spent roughly 45 minutes “preparing” the installation.

Read more...

Stripping an Atom RSS Feed · September 10, 2014

At work, we’ve got an internal-only blog for some upcoming special projects. Our experience, however, is that blogs get ignored without some external notification system like RSS. The problem is that some of our employees use public aggregators like feedly, which cannot see behind our firewall.

Our internal blog generates an RSS feed, but the feed includes <content> and <summary> sections that we really don’t want published in a public RSS feed.

My solution is to copy the feed to a public web host, but massage it with XSLT to remove the sensitive sections.

Read more...

Of CFEngine and CentOS 7 · September 6, 2014

All the cool DevOps kids are using puppet and chef for configuration management these days, but I’m still sticking with CFEngine, which has served me well since the late 1990s.

CentOS doesn’t have a native cfengine package, so I’ve used the EPEL cfengine package on CentOS 6 machines for some time now. There’s currently no such package for CentOS 7, however, so I’ve relied instead on the one found in the Fedora 20 package set.

Read more...

Block Single Host with firewalld · September 1, 2014

I’m fairly fluent in basic firewall operations with iptables, but the firewalld included in CentOS 7 is new to me. I’d gotten the firewalld-friendly version of fail2ban working on a VM I manage. One remote host was pounding away on port 22/tcp; it was duly denied access for several minutes at a time, but it never took the hint and went away.

I finally decided just to drop all packets from the IP address completely. To do so, I had to spend some time in the man page for firewall-cmd, the command-line interface to firewalld.

Read more...

Welcome · August 23, 2014
So I’ve got a blog now. I like DocBook for the precision it gives me in my long-form articles, but it presents too much overhead for shorter pieces. The software behind the blog is Hexo, which is based on node.js. Writing is done in the lightweight markdown markup language. I did have to wrestle with the Hexo theme quite a bit before the blog layout would work and play well with the rest of my site, but I’m pretty pleased with the results.

Read more...