Last 10 blog posts
Some days ago, me and Valhalla played the game of trying to see what happens when one turns them all on: I would send her screenshots from my Conversations, and she would poke at her Prosody to try and turn things on:
Valhalla eventually managed to get all features activated, purely using packages from Jessie+Backports:
The result was a chat system in which I could see the same conversation history on my phone and on my laptop (with gajim)(https://gajim.org/), and have it synced even after a device has been offline,
I now have an XMPP setup which has all the features of the recent fancy chat systems, and on top of that it runs, client and server, on Free Software, which can be audited, it is federated and I can self-host my own server in my own VPS if I want to, with packages supported in Debian.
Valhalla has documented the whole procedure.
If you make a client for a protocol with lots of extension, do like Conversations and implement a status page with the features you'd like to have on the server, and little green indicators showing which are available: it is quite a good motivator for getting them all supported.debian eng pdo
When I feel part of a tightly coordinated and synchronized team I feel proud for the achievements of the team as a whole, which I see as bigger than what I could have achieved alone.
I also don't feel at risk of taking bad decisions. I feel less responsible. If I do what I'm told, I can't be blamed for doing the wrong things. I find it relaxing, every once in a while, to not have to be in charge.
I guess this could be part of the allure of a totalitarian regime: being freed from the burden of growing up
Thinking about this, reading those articles about romantic relationships, I see quite a bit of parallels also with organising cooperation and teamwork.
It looks like I ended up making parallels between Polyamory, Anarchism, and Free Software again. If you think there should traditionally be also a mention of BDSM, go back to "I find it relaxing, every once in a while, to not have to be in charge".debian eng life pdo
- systemd: Masking units [archive]
- A good explanation of the three level of "stopping" a service in systemd, with a focus on masking.
- How Skype fixes security vulnerabilities
- «This post describes my fruitless effort to convince Microsoft employees that Their service is vulnerable, and the humiliation one has to go through should One’s account be blocked by a hacker. This is a story of ignorance, pain and Despair.»
- Mapping the Shadows of New York City: Every Building, Every Block
- «You’re looking at a map of all of the shadows produced by thousands of buildings in New York City over the course of one day. This inverted view tells the story of the city’s skyline at the ground level.»
You can get it at https://github.com/spanezz/intervallo
$ intervallo --help usage: intervallo [-h] [--font file.ttf] [--audio file.mp3] [--duration sec] imgfile [imgfile ...] Create an Intervallo RAI out of a collection of images. positional arguments: imgfile input image files optional arguments: -h, --help show this help message and exit --font file.ttf Font to use for subtitles --audio file.mp3 Audio track --duration sec Time for each image in seconds
./intervallo --font DejaVuSerif.ttf --audio Paradisi-Toccata.mp3 *.jpg
The images are captioned with their file name, without extension. You may want to rename the image files to have nice descriptive names.
For some audio to use, you can try https://archive.org/details/IntervalloRai-Paradisi
https://www.youtube.com/watch?v=ZCERwjTB4ckdebian eng pdo sw
- German Cities Are Solving The Age-Old Public Toilet Problem [map]
- «City governments are paying local businesses to open up their restrooms to the public. … The program, called Nette Toilette or Nice Toilet, is active in 210 cities and has been running since 2000. Cities pay from $34 to $112 per month to a business, and it puts a sticker in its window to tell people that they can come in and pee for free. … Bremen, a city with a population of over half a million people, reckons it saves $1 million per year by using the network, which costs it $168,000 per year. So successful is the scheme that it has given Bremen the best ratio of public toilets to citizens in Germany.»
Ansible's default output, including the
stderr of failed commands, is JSON
encoded, which makes reading Jenkins' output hard.
Ansible however has Callback plugins that could be used. In that page it says:
Ansible comes with a number of callback plugins that you can look at for examples. These can be found in lib/ansible/plugins/callback.
That is a link to a git repo with just a pile of Python sources and no, say
README.md index to what they do. Hopefully they have some docstring with a short description of what they do?
debian eng pdo rant
I woke up this morning with some Django server error mails in my inbox:
UnicodeDecodeError: 'ascii' codec can't decode byte 0xc5 in position 9: ordinal not in range(128) … 'REMOTE_USER': u'…-email@example.com',
I did what one does in cases like these, I tried to fix the bug and mailed
…-firstname.lastname@example.org asking them to try again and let me know if
I get a bounce:
<Actual user's email> (generated from …-email@example.com) SMTP error from remote mail server after MAIL FROM:<firstname.lastname@example.org> SIZE=3948: host … […]: 550 Please see http://www.openspf.org/Why?id=enrico%40enricozini.org&ip=2001%3a41c8%3a1000%3a21%3a%3a21%3a21&receiver=bq : Reason: mechanism
I resent the mail to the actual user's address, and it went through. Job done, at least until they get back to me telling me that my fix didn't work.
- Activating SPF checks breaks receiving email via a forwarding address.
- Activating SPF checks breaks hiding an email address behind a forwarding address.
I accidentally made an ansible connector plugin for schroot. I haven't even used ansible yet, so I have no idea what I am doing.
You can choose the chroot type by setting something like
in your variables.
You can install this locally as
# Based on chroot.py (c) 2013, Maykel Moya <email@example.com> # Based on chroot.py (c) 2015, Toshio Kuratomi <firstname.lastname@example.org> # (c) 2016, Enrico Zini <email@example.com> # # This is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # Ansible is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Ansible. If not, see <http://www.gnu.org/licenses/>. from __future__ import (absolute_import, division, print_function) __metaclass__ = type import distutils.spawn import os import os.path import pipes import subprocess import traceback from ansible import constants as C from ansible.errors import AnsibleError from ansible.plugins.connection import ConnectionBase, BUFSIZE from ansible.module_utils.basic import is_executable from ansible.utils.unicode import to_bytes try: from __main__ import display except ImportError: from ansible.utils.display import Display display = Display() class Connection(ConnectionBase): ''' Local chroot based connections ''' transport = 'schroot' has_pipelining = True # su currently has an undiagnosed issue with calculating the file # checksums (so copy, for instance, doesn't work right) # Have to look into that before re-enabling this become_methods = frozenset(C.BECOME_METHODS).difference(('su',)) def __init__(self, play_context, new_stdin, *args, **kwargs): super(Connection, self).__init__(play_context, new_stdin, *args, **kwargs) self.chroot = self._play_context.remote_addr #if os.geteuid() != 0: #raise AnsibleError("chroot connection requires running as root") # we're running as root on the local system so do some # trivial checks for ensuring 'host' is actually a chroot'able dir #if not os.path.isdir(self.chroot): # raise AnsibleError("%s is not a directory" % self.chroot) #chrootsh = os.path.join(self.chroot, 'bin/sh') ## Want to check for a usable bourne shell inside the chroot. ## is_executable() == True is sufficient. For symlinks it ## gets really complicated really fast. So we punt on finding that ## out. As long as it's a symlink we assume that it will work #if not (is_executable(chrootsh) or (os.path.lexists(chrootsh) and os.path.islink(chrootsh))): # raise AnsibleError("%s does not look like a chrootable dir (/bin/sh missing)" % self.chroot) self.chroot_cmd = distutils.spawn.find_executable('schroot') if not self.chroot_cmd: raise AnsibleError("chroot command not found in PATH") self.chroot_id = "session:" + self.chroot self.chroot_type = "stable" existing = subprocess.check_output([self.chroot_cmd, "--list", "--all"]) self.chroot_exists = False for line in existing.splitlines(): if line == self.chroot_id: self.chroot_exists = True def set_host_overrides(self, host, hostvars=None): super(Connection, self).set_host_overrides(host, hostvars) self.chroot_type = hostvars.get("schroot_type", self.chroot_type) def _connect(self): ''' connect to the chroot; nothing to do here ''' super(Connection, self)._connect() if not self._connected: if not self.chroot_exists: self.chroot_id = subprocess.check_output([self.chroot_cmd, "-b", "-c", self.chroot_type, "-n", self.chroot]).strip() subprocess.check_call([self.chroot_cmd, "-r", "-c", self.chroot_id, "-u", "root", "--", "apt-get", "update"]) subprocess.check_call([self.chroot_cmd, "-r", "-c", self.chroot_id, "-u", "root", "--", "apt-get", "-y", "install", "python"]) display.vvv("THIS IS A LOCAL CHROOT DIR", host=self.chroot) self._connected = True def _buffered_exec_command(self, cmd, stdin=subprocess.PIPE): ''' run a command on the chroot. This is only needed for implementing put_file() get_file() so that we don't have to read the whole file into memory. compared to exec_command() it looses some niceties like being able to return the process's exit code immediately. ''' executable = C.DEFAULT_EXECUTABLE.split() if C.DEFAULT_EXECUTABLE else '/bin/sh' local_cmd = [self.chroot_cmd, "-r", "-c", self.chroot_id, "-u", "root", "--", executable, '-c', cmd] display.vvv("EXEC %s" % (local_cmd), host=self.chroot) local_cmd = [to_bytes(i, errors='strict') for i in local_cmd] p = subprocess.Popen(local_cmd, shell=False, stdin=stdin, stdout=subprocess.PIPE, stderr=subprocess.PIPE) return p def exec_command(self, cmd, in_data=None, sudoable=False): ''' run a command on the chroot ''' super(Connection, self).exec_command(cmd, in_data=in_data, sudoable=sudoable) p = self._buffered_exec_command(cmd) stdout, stderr = p.communicate(in_data) return (p.returncode, stdout, stderr) def _prefix_login_path(self, remote_path): ''' Make sure that we put files into a standard path If a path is relative, then we need to choose where to put it. ssh chooses $HOME but we aren't guaranteed that a home dir will exist in any given chroot. So for now we're choosing "/" instead. This also happens to be the former default. Can revisit using $HOME instead if it's a problem ''' if not remote_path.startswith(os.path.sep): remote_path = os.path.join(os.path.sep, remote_path) return os.path.normpath(remote_path) def put_file(self, in_path, out_path): ''' transfer a file from local to chroot ''' super(Connection, self).put_file(in_path, out_path) display.vvv("PUT %s TO %s" % (in_path, out_path), host=self.chroot) out_path = pipes.quote(self._prefix_login_path(out_path)) try: with open(to_bytes(in_path, errors='strict'), 'rb') as in_file: try: p = self._buffered_exec_command('dd of=%s bs=%s' % (out_path, BUFSIZE), stdin=in_file) except OSError: raise AnsibleError("chroot connection requires dd command in the chroot") try: stdout, stderr = p.communicate() except: traceback.print_exc() raise AnsibleError("failed to transfer file %s to %s" % (in_path, out_path)) if p.returncode != 0: raise AnsibleError("failed to transfer file %s to %s:\n%s\n%s" % (in_path, out_path, stdout, stderr)) except IOError: raise AnsibleError("file or module does not exist at: %s" % in_path) def fetch_file(self, in_path, out_path): ''' fetch a file from chroot to local ''' super(Connection, self).fetch_file(in_path, out_path) display.vvv("FETCH %s TO %s" % (in_path, out_path), host=self.chroot) in_path = pipes.quote(self._prefix_login_path(in_path)) try: p = self._buffered_exec_command('dd if=%s bs=%s' % (in_path, BUFSIZE)) except OSError: raise AnsibleError("chroot connection requires dd command in the chroot") with open(to_bytes(out_path, errors='strict'), 'wb+') as out_file: try: chunk = p.stdout.read(BUFSIZE) while chunk: out_file.write(chunk) chunk = p.stdout.read(BUFSIZE) except: traceback.print_exc() raise AnsibleError("failed to transfer file %s to %s" % (in_path, out_path)) stdout, stderr = p.communicate() if p.returncode != 0: raise AnsibleError("failed to transfer file %s to %s:\n%s\n%s" % (in_path, out_path, stdout, stderr)) def close(self): ''' terminate the connection; nothing to do here ''' super(Connection, self).close() #subprocess.check_command([self.chroot_cmd, "-e", "-c", self.chroot_id]) self._connected = False
- So You Want To Learn Physics... [archive]
- «This post is a condensed version of what I've sent to people who have contacted me over the years, outlining what everyone needs to learn in order to really understand physics.»
- Operation Tamarisk [archive]
- «Operation Tamarisk was a Cold War-era operation run by the military intelligence services of the U.S., U.K., and France through their military liaison missions in East Germany, that gathered discarded paper, letters, and garbage from Soviet trash bins and military maneuvers, including used toilet paper.»
- Mortara case
- Of how in Bologna, where I live, in the 1850s/1860s, when my grand-grand-granddad lived, the Papal State seized a child from a Jewish family «on the basis of a former servant's testimony that she had administered emergency baptism to the boy when he fell sick as an infant.»