Too Fscking Clever

  • If you have six discrete crontabs for a relatively small set of tasks instead of two (or even just one) you may be Too Fscking Clever.
  • If your SQL statement has five or more JOINS in it, you may be Too Fscking Clever (or a web development framework ORM)
  • If you are asked to forward ports to a host and instead DNAT the entire IP address, you may find that your Too Fscking Clever-ness will bite your arse when the usage case changes. Thinking it won’t is a sign of severe Too Fscking Clever Syndrome.
  • “We should cache this data for as long as humanly possible (what’s stale data?)” or “We should only cache this in RAM for 5mins (and refetch from a  large table?)” are classic Too Fscking Clever symptoms.

If you or someone you know has symptoms of Too Fscking Clever syndrome, often identifiable as a frequent need to overengineer what should be a simple solution, invite design by committee or overthink a problem ignoring practical usage cases and requirements,  suggest seeking immediate help before TFC develops into Solution Looking For A Problem Disease, which can in turn lead to madness or a career in Windows Server administration.

Treatment often involves simple counselling (of the W. Venema “what problem are you actually trying to solve” method or similar), introduction to Occam’s Razor, or in extreme cases flogging the subject with a copy of Plan 9 until s/he has an epiphany and tries to simply just get the job done.

This has been a Public Service Announcement.

Presto, We Have No Gallery!

Fedora / Linux stuff:

For those users of my package set, you can now use yum-presto to grab deltarpms of my packages for Fedora 10 and 11. This should make your life easier – I know my upstream link isn’t always fast so the less traffic over it the better for you guys – it’s a good thing I don’t do 120+mb packages like Danger From The Deep anymore eh? :-). Feedback welcomed as always.

The last push of Fedora updates hit my local mirror and mostly played nice, except Gallery2 which leads me to:

General Non-Linux-Specific Stuff:

… the gallery, which has borked itself. Oh Gallery2, why do you mock me?

I used to keep a bunch of old photos – taken or just collected, under /gallery.

As some were of an ex-acquaintance of mine, Tina Wallmann, they proved quite popular and widely linked to (she’s a bikini model and has large *ahem* tracts of land :-))

But they’re old, we’ve long since parted company (have not seen her in a couple of years and she seems disinterested in old friends back here in Brisbane, having moved on to a different crowd in Sydney) and it tends to detract from more interesting content on the site, I’ve decided to let ’em go. I’ll get less page impressions, but it’s quality not quantity I’d prefer. Gentlemen will just have to look elsewhere for their “evening private entertainment”.

The remnants I’ve pushed up to Flickr and integrated into my WordPress install via Fidgetr. It’s a decent compromise I think.

Some updates, and a little “open sermon”

  • I’m in the unusual position of being inside, yet rugged up with a jacket and scarf with what feels like a cold. I can’t say I’m happy about it.
  • Upgraded WordPress here to 2.7.1 (Fedora 11 RPM rebuilt for F10) without too many hassles. It kept retrying the database upgrade(!) but disabling the plugins and a little bit of tinkering (clean cookies, rebuild config, even restarted memcached / set SELinux to Permissive) got it working. I suspect clearing memcached was the trick.
  • Sorry to my Planet readers for some cruft in the RSS, the Related Posts plugin needed to be *ahem* disciplined. It should be fixed now.
  • Loving the Leonidas release – the adventure during upgrade (died partway, restarted, left behind most of F10 for some reason) seems to have cleared out a lot of stuff I didn’t need or use and the rest is a definite improvement. Well done to all concerned!
  • Disappointed that our local news sources are running the front pages with soft non-news pap, when there’s rioting and apparent vote fraud in Iran. Their people are suffering and getting shafted, and you’re running crap about actresses doing nude scenes to get ahead…

To our dear Fedora users:  Please don’t attribute  malicious intent where it’s not warranted. I’ve had one comment here and just responded to a thread on fedora-list from users making some frankly melodramatic claims around how / why decisions are made and features disabled/changed/not kept up to date.

A large chunk of us are not on the Red Hat payroll,  we’re volunteers. Why do we do this? Because we enjoy what we do and are passionate about it. These users should remember that we use it too (“eating our own dogfood”) and want to deliver a top quality distribution.

However you can’t please all of the people all of the time – but just because a feature / change doesn’t suit you, doesn’t mean that the developer / packager  is out to get you

The distinct advantage of an open community is just that: it’s an open community.

If you don’t like a feature, suggest/contribute changes and/or send a patch. If the documentation is lacking, why not write up a how-to and publish it, help update the wiki or the distro documentation? Likewise if the art isn’t to your taste,  I’m sure the Art team welcome volunteers. If you’re fairly knowledgeable, share it with other users on the lists / IRC / forums.

A “This is broken, you guys suck and out to get us” attitude is not helpful, please let such attitudes die off.

Cheers,

A user, packager, infrastructure hacker and occasional developer (since Red Hat 5.1)

Scale and speed and spam

Obligatory Laugh-and-head-shake digression: I’ve been fighting email spam for 12 years plus, and I still see stupid spammers – pardon the tautology – indiscriminately junkmailing abuse@  role addresses. Idiots. Why not just offer crack to a cop?

With that thought out of the way…

Mike McGrath’s memcached plug prompted me to give it a go here, for well, two reasons.

a) I’ve had some (good) experiences in the workplace with it – it’s a boon for database intensive web apps especially and b) because I can and it’s there (which is always a good reason in my ever humble view)

Memcached itself is always a fairly simple install for Fedora – Install via yum (including memcached-selinux if you’re running SELinux – and if you aren’t why not! :-)), give it some options via /etc/sysconfig/memcached eg. CACHESIZE=”64″ (at home, usually “1024” at work because their app is a lot heavier) start it up and point clients at it.

WordPress was a touch trickier – there isn’t an “official” WordPress plugin, with a client available buried in WordPress Plugins version control (http://plugins.trac.wordpress.org/browser/memcached/trunk/) – which has worked well – if you’re reading this it’s not killed my blog.

To install, grab the above file(s) and drop the object-cache.php file in /usr/share/wordpress/wp-content, set “WP_CACHE” to “true” in wp-config.php and you’re most of the way there.

On the server side, memcached-tool’s “stats” command should start seeing increases in cache hits/misses and cached object numbers.

Adding Andy Skelton’s batcache plugin can help to fine-tune what and how it caches – it’s functional but not as “click-and-drool” as many WP plugins, but how much tweaking do you need to do really?

Drupal was a similar adventure I’ll go into elsewhere; there’s a reasonably simple to install plugin from drupal.org – download, drop into /etc/drupal/all/modules, configure and enable –  and the results just as good.

I was surprised to find related Perl packages not in the main repository (Other major languages are covered – my workplace couldn’t survive without the Python bindings :-)) so I whipped up a package of Cache::Memcached 1.26 (also for RHEL/CentOS) on my own repository, plus I’ll be uploading it for review for Fedora proper[2] as a Perl-using systems admin it’s just too useful not to have (monitoring / stats-gathering scripts for a start :-))

In my continued masquerade as a web developer/SEO maven (which isn’t fooling anyone, I know!) I’ve spent too much time looking at analytics to the point of my poor old eyes turning square and developing line graphs burnt in to my retinas.

At least that’s been a little successful. I have one sticking point in the development side, which is avoiding / dumping web form spam. I could use CAPTCHA but I forsee a lot of visitors finding it off-putting, which is undesirable (it’s for my girlfriend’s business venture). I could use Akismet but that seems more suited to blogging, alas (and I’d need to package the PHP PEAR apps for it anyway).

I’m welcome to other suggestions as always.

[1] well, if you’re not reading Planet Fedora via an aggregator anyway..
[2]  Update at 9:07pm AEST: Bug #504403 if someone is keen.

This should be obvious, but..

If it’s not notifications / oddly explained failures to build from gcc itself (hello davfs2 on CentOS/RHEL5, where did that fail? Insights welcomed as the build.log is charmingly opaque. Cheers) or flex & bison (Hello vulcan on F10/x86_64, whaddaya mean you can’t parse and move the .yy files? Jebus on a razor scooter every other distro version and arch did it happily except the one I actually run!) it’s another thing.

Am I also the only person who sees “advice” like this “fix” for a library error and let out a Charlie Brown-esque “AUGH!” (Two good ways to fix this, microbrew to the commenter who posts the most elegant one first ;-))

I’ve had much success installing Fedora Directory Server and Cobbler over the last couple of days (home and the workplace respectively) but remind those attempting it that “with great power, comes a great responsibility to read the supplied documentation carefully before issuing a ‘service <foo> start'” .

These two are an example of packages that are insanely great, very powerful and can do everything but bring about world peace. Conversely the configuration items and possibilities are legion, ergo consider what you want to achieve and what you’re working with before you open your text editor.

Doing it the other way around is of course an excellent way of creating a timesink. 😀

Sensible defaults are good and common, but not always ideal. Just because it starts doesn’t mean it will suit your needs. Approach with a plan and you’ll be much happier and more successful.

(The same reasoning applies to “live” server installs. “It boots” doesn’t mean “It works” or “It’s secure” – especially the latter, having seen a few folk learn the hard way ;-))

I hate it when that happens…

I had a bit of free time – and a half-day at work yesterday to boot – so I thought I’d modernise my set of hacked-up shell scripts (calling mock/createrepo/rsync+ssh) and install the all-singing & dancing Koji suite.

Now I’ve done this at work (1.2 under RHEL 5) with a fair amount of success. No problems on my slightly venerable but functional Fedora 9 server – or so I thought

(The fun that is Kerberos I’ll not go into, I do have a working KDC and other services are fine. I’d also be keen to see a day where Koji is database-independent :-P)

Packages installed OK, configuration looks good, principals look sane and added to keytabs. PostgreSQL database looks spiffy. All is well?

No such luck! Fired up kojiweb and Firefox gives me nothing. Checking the error log, it appears that httpd is an unhappy camper – it’s segfaulted.

So I tell Apache to generate some coredumps (CoreDumpDirectory) and run some gdb magic. I obtain the following enlightenment:

  • I have far too much hooked into Apache and could really do with some cleaning (auth modules in particular lightly used)
  • Something httpd did has tripped up a call to lua libraries. “bt” stops at this gem: block = (*g->frealloc)(g->ud, block, osize, nsize);
  • The only Apache module that uses lua is mod_security, which is too useful to disable. Crap – might have a chat to the fine gents @ Breach about that if I can’t find anything useful.

If anyone else has had a successful crack at Koji+ModSecurity+SELinux (if you’re running a server you do have it turned on and Enforcing, yes!?) or some insight into my problem, I’d be very keen to hear from you 🙂 I have core dumps but they’re 50mb apiece, so I’m not going to post it here (or the backtrace, it’s quite long)

To top things off, my otherwise very useful Blackberry Storm[1] crashes occasionally with an “Error 534”. C’mon Research In Motion, make your error messages useful! Making me pine for the elegance[2] of Windows error messages is bad indeed, k?

I think I’ll avoid production equipment for a little while, I seem jinxed. *sigh*

[1] I’m not enough of a conformo to go with an iPhone and the local telco (not Telstra!) gives free BB/RIM traffic on their plans, which is an Epic Win in my book.
[2] Detect Obvious Sarcasm (y/n/duh)

Sort-of-Emergency Post

I’ll keep this short as it’s a little late and I should turn in.

I’ve had a bit of a hosting hiccup – my now ex-host unceremoniously cut me off and disconnected my server on Valentine’s Day, citing an ESA copyright notice. Unfortunately for him and the ESA, there’s absolutely zero proof or truth to the notice itself. What I found a bit insulting was the null routing of my home IP – to the entire network there –  preventing me from accessing the reboot port / console to see what was happening!

I’ve decided to simply move on. I’ve brought my server home (Thanks SteveL!) and my sites and most functions are being served from my “loungeroom datacentre” until I get better hosting.

All mail / web / domain and messaging services are fine. Of the game servers only Battle for Wesnoth is running. NTP is sadly out, as of course the IP has changed. I may or may not rejoin the pool, I’ve not decided.

The Fedora repository is fine (getsnmp and tintin got updates)

No IPv6 though, alas, not until some internal changes are made.

As this is only a DSL connection it’s not ideal but it will do for a week or two – I’ll likely go with a VPS (Xen preferred or VMWare – not Virtuozzo!) and have leaned towards Slicehost or Linode. I’ve had a couple of more local offers, but these two have the backing and experience I like. Suggestions for others welcome 🙂