Ik ben ongeveer 4 jaar geleden gestopt bij NLnetLabs, omdat ik DNSSEC wel een beetje zat was en het zou waarschijnlijk nog jaren duren voordat DNSSEC op het hoogste niveau ingevoerd zou gaan worden.

Maar nu lijkt het toch bijna zover te zijn. Ben benieuwd wanneer we echt overstappen en er een officiele DNSSEC root key wordt gedistribueerd.

% dig . @l.root-servers.net dnskey 

; <<>> DiG 9.5.1-P2.1 <<>> . @l.root-servers.net dnskey
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64132
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;.              IN  DNSKEY

;; ANSWER SECTION:
.           86400   IN  DNSKEY  256 3 8 AwEAAa1Lh++++++++++++++++THIS/IS/AN/INVALID/KEY/AND/SHOULD
/NOT/BE/USED/CONTACT/ROOTSIGN/AT/ICANN/DOT/ORG/FOR/MOR E/INFORMATION+++++++++++++++++++++++++++++++++++++++++++ +++++++8
.           86400   IN  DNSKEY  257 3 8 AwEAAawBe++++++++++++++++THIS/IS/AN/INVALID/KEY/AND/SHOULD
/NOT/BE/USED/CONTACT/ROOTSIGN/AT/ICANN/DOT/ORG/FOR/MOR E/INFORMATION+++++++++++++++++++++++++++++++++++++++++++ 
++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 
++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++8=

;; Query time: 119 msec
;; SERVER: 199.7.83.42#53(199.7.83.42)
;; WHEN: Thu Jan 28 08:43:00 2010
;; MSG SIZE  rcvd: 439

Maybe I'm marketing this to death, but I've released rdup version 1.1.0 a couple of days ago.

It should rock! :-) Further details can be found on the temporary project page.

Go is een splinter nieuwe taal van Google die (naar ik hoop) groot belooft te worden. Ik heb al wat programmaatjes hierover geschreven, maar om de taal beter te leren kennen heb ik de Go tutorial vertaald naar het Nederlands. Binnenkort verschijnt er ook een blog item bij AT Computing over Go.

Dit is nog lang niet af, maar het begin is er. Er moet nog

• eens goed doorgelezen worden;
• beter lopend verhaal van worden gemaakt;
• spelling controle is ook geen overbodig luxe;
• vergeleken worden met de laatste Engelse versie.

Heb je zin om te helpen, laat het gewoon even weten, als het allemaal teveel wordt open ik wel een account op github.

Dit natuurlijk allemaal onder het mom van; release early, release often. :-)

During the last few weeks I've attempted to translate the Go tutorial to Dutch. This was a lot more work than anticipated and I'm still not finished, but I just wanted to share what I've got up to now.

You can get the text version here.

Things do

• Finish translating the last few paragraphs;
• Proof read;
• Spell check;
• Update it to the latest Go release;
• Get this included in Go?

These are the release notes for the soon to be released rdup 1.1.0.

This is the first release of the new rdup branch, version 1.1.0.

Why this new branch?

I (and because of user requests) wanted to implement some extra features which needed (extensive) code modifications. I did not want to mess with the current stable release, hence a 1.1.x branch. However 1.1.x will obsolete 1.0.x soonish.

What is the difference with 1.0.x? (aka new features)

1. there is now only one default output format which always includes the files' contents;
2. the rdup output is now more comparable with the tar archive format, with the big difference of being able to delete files.
3. the new output includes: user- and groupnames and the modification timestamp of the file. They can now be correctly set on remote systems. (I.e the uid 'bert' stays 'bert' even if the remote side using a different uid numbers for 'bert');
4. more efficient, files are only read once. In rdup 1.0.x both rdup and rdup-tr read files, in 1.1.x only rdup reads files.

With this change the following new features were added

• rdup now has a -a switch: restore a-time when reading files;
• rdup-up now sets the m-time on files it creates, this is the default;
• rdup-up sets the user- and groupname more correct, see point 3. above;
• rdup-tr can now be run on remote systems, because it receives the files' content on standard input.

This work led to the following changes

• rdup has gotten the -P flag from rdup-up. This also makes the -a flag work even if you pipe the files' through external programs: they are only read once from disk;
• rdup-tr only processes from stdin to stdout;
• rdup-up only processes stdin;
• much more tests are added to the test suite (make check);
• code cleanups.

Some future work will of course remain, but I'm happy with how things turned out. A proper release will happen this week.

Those interested may check out the latest git code and play with that.

Ken je het gevoel: Je bent in een (technisch) gesprek met iemand en je denkt halverwege het gesprek: "Volgens mij heeft hij/zij er geen ene moer van begrepen". Had ik maar iets om het goed uit te kunnen leggen.... Daarom nu

De ClueBat!

Met deze honkbal knuppel van kennis zul je nooit meer problemen hebben om bijvoorbeeld iemand de geheimen van het SMTP protocol uit te leggen:

Of wanneer de letters in diegene z'n voorhoofd staan:

Ik heb nog 3 knuppels over. Eentje voor DNS (zijn gelukkig maar 3 letters). Nog suggesties voor de laatste 2?

Cluebat creatie

Met maken van zo'n bat is wel een rot werkje en ik moet me er nog meer in bekwamen, maar met een Dremel (van de buurman) kom je een heel eind:

One of the oldest tricks in the sys admin's arsenal is booting with init=/bin/bash. You'll need this when you want to reset the password for root for instance.

It used to go like this: Boot with init=/bin/bash and after some time you greeted with a prompt ala

root@(none):/#

Most often I then took the following steps:

mount -o rw,remount /
/etc/init.d/networking start

Now you also have networking, so you may upgrade the system with apt-get or whatever... You are now a happy puppy.

upstart

Now enter upstart, the new init-replacement from Ubuntu, while I like the idea some things are of course changed for the worse. When you boot a system with upstart in init=/bin/bash-mode, the following happens:

root@(none):/# mount -o rw,remount /
root@(none):/# /etc/init.d/networking start
Rather than invoking init scripts through /etc/init.d, use the service(8)
utility, e.g. service networking start

Since the script you are attempting to invoke has been converted to an
Upstart job, you may also use the start(8) utility, e.g. start networking
Rather than invoking init scripts through /etc/init.d, use the service(8)
utility, e.g. service networking start

Since the script you are attempting to invoke has been converted to an
Upstart job, you may also use the start(8) utility, e.g. start networking
start: Unable to connect to Upstart: Failed to connect to socket
/com/ubuntu/upstart: Connection refused

Go figure; you don't have a upstart running because "init" is now bash. But this leaves me with a problem.

How do you start networking in this case?

ifup eth0 or /etc/init.d/network-manager start all complain with

start: Unable to connect to Upstart: Failed to connect to socket
/com/ubuntu/upstart: Connection refused

I have my server configured with DHCP, so as an act of final desperation I used:

dhclient eth0

and that did the trick.

If you have your interfaces specified in /etc/network/interfaces you may need to cut&paste it and use the go'old ifconfig program. If you are lame enough to use network-manager and have configured it with a static IP address you are on your own.

Single user mode

You may be able to get away with all this crap, by starting your system in single user mode (just a S to your grub line). But Debian/Ubuntu may then ask you for the root password. I never really like this single user mode - I want the power of init=/bin/bash.

It has started again. When does the EU just stop with this madness? I just (re)signed the petition.

Familiar with the following?

You are aware of (shell)file which contains a interesting line and you think: "I want to execute this line on the command prompt". Most people will do the following:

% more <file>
[select interesting bit with your mouse]
[paste]<enter>

And the code gets executed.

I propose the following function: f(), which does the following:

1. It opens the file in $EDITOR (:= vim of course);
2. You delete everything you don't want to execute;
3. What's left gets executed;
4. And it is added to your shell's history.

The code of the function looks like this:

1 int main(int c) {
2     printf("This is nice");
3     exit(1);
4 }

It should either be possible to use this verbatim in bash or make it work with a few tweaks.

There is better stuff in the standard Go release but I wanted to try something for myself. In Go, this function is also called Map(), but is (of course) nicer. Anyhow, I'm liking this Go stuff more and more. Next I want to rewrite the DNS stuff in Go.

package main

import (
    "fmt"
)

type e interface{}

func mult2(f e) e { 
    switch f.(type) {
    case int:
        return f.(int) * 2 
    case string:
        return f.(string) + f.(string)
    }   
    return f
}

func Map(n []e, f func(e) e) {
    for k, v := range n { 
        n[k] = f(v)
    }   
}

func main() {
    m := [...]e{1, 2, 3, 4}
    s := [...]e{"a", "b", "c", "d"}
    Map(&m, mult2)
    Map(&s, mult2)
    fmt.Printf("%v\n", m)
    fmt.Printf("%v\n", s)
}