Phil Pennock

@philpennock
1 Followers
13 Following
23 Posts
Phil PennockFeb 3, 2021
For those updating Alpine Linux to 3.13, beware that the change to ifupdown-ng means that /etc/network/interfaces parsing changes auto directives: you can only have one interface per auto directive, and need to repeat the directive for multiple interfaces. Before you could use "auto lo eth0".
Phil PennockJan 12, 2021

That feeling when you go back to a website for a second time and when your password manager auto-fills, the website says "no more than 15 characters" for the password, so you try the first 15 of your password and it works, and you look at the timing, and you just *know* that you triggered warnings in the logs and this new filter is because of you.

Thanks, Rite Aid.

Phil PennockDec 31, 2020
I appreciate the irony that the major current angst of open source developers: portability of bugs and wikis if moving from github, is one of the features of Fossil and moreover used to be one of the main criticisms of Fossil by people who didn't understand the need to bundle them.
Phil PennockDec 30, 2020

Pro-tip: BSD default sysctl net.link.ether.inet.maxhold of 1 is incompatible with Happy Eyeballs concurrent DNS resolution when resolver is not in arp/ndp cache. DNS queries get lost.

Go's non-cgo resolver triggers this and leads to 5s stalls in DNS resolution on BSD when resolver not currently in kernel neighbor cache.

Linux's equivalent documented in man-pages as value 3, in kernel docs & reality is 101.

net.link.ether.inet.maxhold=10 going into my /etc/sysctl.conf files now.

Phil PennockDec 23, 2020

Well that was a fun diversion. After a U2F token failed to work with a weird error message, I go to TOTP only to find GnuPG is not working on the secure storage box. That's Alpine Linux and GnuPG is from `@edgemain` for $reasons; yesterday it got updated to 2.2.26 and so now failed. Root-caused to an added symbol dependency on a newer version of libgpg-error than was in stable main.

`apk add gnupg@edgemain libgpg-error@edgemain libgpg-error-dev@edgemain` sufficient.

Phil PennockDec 21, 2020
Planning for the day when we have to bulk-disable a pubkey algorithm for being broken: I wonder if sshd needs an way to track in its own state, not just in logs, which remote IPs have successfully locally authenticated as which users? So that we can have a mode for "trust this algorithm P1 only if we've already (recently?) seen a successful login for that target user from that IP"; also "if and only if there does not exist an SSH key of pubkey type P2 for this user".
Phil PennockFeb 22, 2019
Apparently Bernie Sanders sent out email to declare that he was running. I just found my copy in Gmail’s spam folder.
Show threadPhil PennockNov 26, 2018
Oh. One of the jails is stuck on an old userland and FreeNAS's messing around with jail ecosystems has left this one behind. Time to figure out how to kick it back into manageability.
Phil PennockNov 26, 2018
*sigh* FreeNAS appear to be building packages on newer base image without changing the pkg ABI definition, so `pkg upgrade` broke zsh because `libdl.so .1` is missing. 5.6.2_1 bad, 5.6.2 good. `pkg install /var/cache/pkg/zsh-5.6.2.txz` recovers.
Phil PennockOct 24, 2018
@jpmens re your Sonos blog-post: I hit the breaking point in September too, looked around for options and purchased a HifiBerry with case. Add RPi and my own speakers and I have better stereo sound, albeit less pretty.