Savon |
2006-09-04
|
Got some mails about Savon already, so I threw together a first project page in my Trac. That should help people to get started if they want to check it out.
Present Perfect |
||||||||||||||||||||||||
|
Got some mails about Savon already, so I threw together a first project page in my Trac. That should help people to get started if they want to check it out.
Just found out that Echelon, the US government's super spying program, uses Berkeley DB. An Alias episode showed Echelon being compiled, with a phony "compilation progress dialog" (do I wish I had one of those !), but the screen itself was full of actual gcc lines compiling, among other files, crdel_auto.c Knowing that the US government uses BDB suddenly makes me a whole lot less worried about my privacy being invaded.
WARNING: This is a half year old entry that I've only now come round to finishing. Wherever it says "this weekend", mentally replace with "when it was still cold and rainy". This weekend I had one of my better yak shaves. I've been having trouble with my home network mail server setup ever since Telefonica upgraded part of their network, because my postfix would tell me that my username did not exist. (Every time I had called them to ask I had gotten a different story on the problem, until a woman caved in and explained that they had done an Exchange upgrade and they lost a chunk of the mailboxes, as well as a lot of the authentication data). After reinstating my account, I tried to get my Postfix SASL authentication working again for the past few weeks. No matter what I tried, it will still deny me to send any mail from an address that was not @telefonica.net, while before this has always worked fine. For some of the authentication mechanisms (CRAM-MD5) I think, SASL was throwing errors, so I even went as far as downloading and rebuilding SASL - but that was another dead end. So this weekend I decided I wanted to start playing and experimenting with the postfix configuration, possibly upgrading, and keeping track of what I do (because I always manage to back myself into a corner by tweaking too much). So obviously, I felt I should use a version control system for this. I've been wanting something that does this for a long time - tracking all my custom changes to config stuff and other files, and being able to easily go back in history and see what I had done before. Given that I mostly use subversion these days and like the nice integration with Trac, I wanted something based on subversion. So, again like before, I look for projects that use svn and make it easy to store /etc stuff in it. I found something that didn't really suit my needs, and searched other sites (like freshmeat) for other similar projects, but I didn't find anything useful. So I set out to make my own. In one day, I had a simple prototype knocked together that would mostly use the svn binary for its functionality. I had made it simple on myself by just layering the svn checkout on top of the live system; it felt a little unclean to have a .svn directory in / but I decided I could live with it for the time being. I used svn properties for tracking permissions, owner and group information (by name, not by id), because for configuration data this is important to have. I proceeded to put parts of my system config for my home server in svn, hooked up a trac install so I could browse it easily, and played with postfix, commiting step by step. Two weeks after that the hard drive in my server crashed, which was bad, but one gets used to it. It was a lot better than all the other times, though, since this time I had more than half of my custom config in an svn repository, and after reinstalling the machine with FC5 (it was FC3 before), I did a checkout and merged in my old config.
Fast-forward to now. (We're in the present again, no matter how brief the present really is, despite what the top of this post says). A general disapproval about having .svn directories everywhere was expected and expressed. Andy however found a more serious flaw with this approach. As most people know, svn keeps a complete copy of the repository version of each file in the .svn directory. So, while some file in /etc (say, /etc/shadow) may be 400, readable only by root, the copy in /etc/.svn would still be world-readable. Not a good thing After some thinking, I decided I wanted to redo this tool from scratch, and also consider some other features that would help me use this tool for our platform deployment. The most important one I wanted was to have a concept of an overlay managing a part of the file system, using multiple layers. The layers would then combine as if they were stacked, which would be similar to how I understand things like UnionFS to work (I haven't tried UnionFS myself, only read about it). The layering would allow me to have parts of the config checkout be related to the machine's role, part to the specific host, and part to all hosts together. Over a weekend, I reworked the tool in a branch, adding a decent testsuite as I went, and added the overlays and layers support. It's now close to ready for a first release, and I have used it to roll out our platforms since then, and besides a few quirks here and there, it is working out very well. The testsuite achieves 85% coverage, which is a lot considering I didn't put in a lot of effort to add tests after the usual add test/fail/implement feature/succeed cycle. So, yay for the beauty of yak shaving. For those interested, the tool is called "savon", and you can browse trunk, or do a checkout and start playing with it. I will put up more info later when I make some more time for it, but feel free to ask me questions in the meantime if you're interested.
Our new office manager (well, our first) starts in two weeks. When she was trying to find this place security downstairs described our company as "Bohemian". I wonder if that means that we work late, or start late, or never shave, or wear shorts. Maybe I should go and ask. Hero of August Award goes to Jan Schmidt. Not only did he join me in my quest to install machines at the data center - twice - on a Friday, his personal project day, but he also took care of my cat for a full week, but more importantly ! He fixed
If I didn't know any better I'd swear he's trying to bed me. Everyone should have a hero like Jan - he improved my quality of life by leaps and bounds over the last month. (The race for Thomas's Hero of September starts tomorrow, for any contestants that want to partake.) Meanwhile, I didn't get to enjoy my new alarm clock yet, because stress is keeping me up late and waking me up early. Soon, my pets. my hands are covered in cake
but I swear I didn't have any
My baby sister turned 28 yesterday. For her birthday she got a crushed shoe and a bent rear bicycle wheel, courtesy of a truck driver who failed to notice her when leaving a roundabout. She got stuck between her own bike and a metal bar protruding from the back of the truck. By some incredible miracle she only has a bruised toe; she can't really explain what happened. She was just coming back from a double emergency shift at the hospital she works in as a doctor. She was saying on the phone how surreal it was to have been saving lives herself only an hour before and being so close to becoming a life needing saving. When the ambulance took her off she did request to be taken to a different hospital than the one she works with, because she didn't want her collagues to see her like that. I guess she didn't suffer any personality damage. Perhaps this is the worst birthday you can have, and perhaps being given the chance to live again, 28 years after the first time, is an unbeatable present. Treasure your days, people. |
|||||||||||||||||||||||
|