sabi notesNotes mostly about Linux and computer issuessabico computinghttp://www.sabi.co.uk/Copyright 2018 Peter G.http://www.sabi.co.uk/2022-03-06T11:55:00ZNFS and filesystem instances with multiple roots2021-08-04T22:30:00Z2021-08-04T22:30:00Zhttp://www.sabi.co.uk/blog/210804A debate among Linux kernel developers about
NFS and filesystem instances with multiple roots has one side
arguing that there should be only one root per filesystem instance,
but this is both a misunderstanding of UNIX filesystem semantics
and unnecessary.A couple details about authentication tokens2021-07-04T21:50:00Z2021-07-04T21:50:00Zhttp://www.sabi.co.uk/blog/210704Usuall three distinct second authentication
factors should be registered with account. Also they are effectively
unique identifiers, so using one for multiple accounts will mark
them as belonging to the same entity, which may or may not
matter.Much slower battery capacity decrease2021-07-02T14:10:00Z2021-07-02T14:10:00Zhttp://www.sabi.co.uk/blog/210702After 6 months the battery of a new laptop had
already lost 14% of its capacity. Setting a maximum charge threshold
has dramatically slowed that down.Impressions of a Lenovo E495 laptop2020-12-30T11:10:00Z2020-12-30T11:10:00Zhttp://www.sabi.co.uk/blog/201230The ThinkPad E495 is excellent value for money
with good performance, great expandability, the only non-trivial
issue being a battery with limited capacity.Identifiable or self-identified targets2021-06-23T18:10:00Z2021-06-23T18:10:00Zhttp://www.sabi.co.uk/blog/210623By using conveniences like online ordering
it is much easier to be targeted by hostile operations.A really nice typeface2021-06-12T16:50:00Z2021-06-12T16:50:00Zhttp://www.sabi.co.uk/blog/210612Over the years I have become a fan of the
Ubuntu typeface, which is highly legible and compact, and I prefer
it even to DejaVu.Updated CSS styles for ATOM and RSS feeds2021-05-23T13:30:00Z2021-05-23T13:30:00Zhttp://www.sabi.co.uk/blog/210523I have updated and improved my CSS styles to
render directly in a web browser ATOM and RSS feed files.Multiple passwords per UNIX account2020-11-08T12:00:00Z2020-11-08T12:00:00Zhttp://www.sabi.co.uk/blog/201108it is possible in the default UNIX/Linux to
have multiple user names per user number, but not multiple passwords
per user name, which prevents some useful configurations.Two factors, things you have, things you know2020-11-07T14:10:00Z2020-11-07T14:10:00Zhttp://www.sabi.co.uk/blog/201107Two factor authentication can be done in
different ways, as long as it is recognized that the usual
description of factor types is somewhat misleading, in particular
for biometrics.Booting with GRUB2 from EFI, some details2020-08-10T22:30:00Z2020-08-10T22:30:00Zhttp://www.sabi.co.uk/blog/200810Booting from EFI using GRUB2 involves several
steps, some of which, at least under Ubuntu, are not so obvious.Short proper names for devices and media2021-05-03T20:20:00Z2021-05-03T20:20:01Zhttp://www.sabi.co.uk/blog/210503With some simple configuration it is possible
and desirable to give proper names to specific media and devices.Account and identity, PulseAudio, etc.2020-03-19T19:30:00Z2020-03-19T19:30:00Zhttp://www.sabi.co.uk/blog/210319PulseAudio confuses user numbers and account
names, making it harder to have multiple account names per user
numbers, but there is a workaround.A big issue with NFS Ganesha and the Ubuntu LTS 16 and 18 kernels2019-09-08T14:10:00Z2019-09-08T14:10:00Zhttp://www.sabi.co.uk/blog/190908The NFS Ganesha server daemon serves an NFS
protocol that seems to be partially incompatible with that of the
Linux kernel NFS client, and this means several files per directory
become invisible.NFS v3, v4 and types of identity mapping2019-09-04T21:00:00Z2019-09-04T21:00:00Zhttp://www.sabi.co.uk/blog/190904NFS v3 and v4 do identity mapping in completely
different ways, and in particular if using Kerberos
authentication.NFS user/group name or id mapping options2019-09-01T15:30:00Z2019-09-01T15:30:00Zhttp://www.sabi.co.uk/blog/190901Various options on how to do user id and group
id mapping with the 'idmapd' daemon and NFS Ganesha.A weird change in the semantics of Linux linking2019-08-27T21:00:00Z2019-08-27T21:00:00Zhttp://www.sabi.co.uk/blog/190827Afdter several years it happened discovered
that under recent Linux version inode linking has a new restriction
related to mount points.Keeping separate configuration data and templates2019-06-15T17:10:00Z2019-06-15T17:10:00Zhttp://www.sabi.co.uk/blog/190615Configuration management templates files should
be very simple with almost no embedded logic, the customization
logic for the values expanded in the template should be separate or
a separate block at the eginning of the template.Computer scientism and the SSSD service2019-05-29T22:10:00Z2019-05-29T22:10:00Zhttp://www.sabi.co.uk/blog/190529The 'sssd' daemon should have been a library,
turning it into a "microservice" is an example of computer
scientism.A simple test of ZFS record size and compression2019-05-24T19:00:01Z2019-05-24T19:00:01Zhttp://www.sabi.co.uk/blog/190524Some simple numbers from storing a Linux kernel
source tree under ZFS with different record sizes and compression algorithmsSpeed of SSH ciphers and MACs in common cases2019-04-02T21:10:00Z2019-04-02T21:10:00Zhttp://www.sabi.co.uk/blog/190402Some speed tests of various SSH algorithm
implementations on some current systems.Impressions of 27in 3840x2160 monitor KA270HK2019-03-31T12:20:00Z2019-03-31T12:20:00Zhttp://www.sabi.co.uk/blog/190331The Acer KA270HK is very good and using it with
a separate monitor arm makes it even better.Wireless keyboard and mice: just say no2019-03-23T14:50:00Z2019-03-23T14:50:00Zhttp://www.sabi.co.uk/blog/190323Using wireless keyboard and mice in an office
environment is a bad idea because of radio ambiguity and the ease of
losing paired dongle for non-BlueTooth ones, plus there is the
problem of battery replacement and lower "security".LAN tags define broadcast domains with no internal links2018-02-11T12:10:00Z2018-02-11T12:10:00Zhttp://www.sabi.co.uk/blog/180211In effect VLAN tags apply only to broadcast
addresses turning them into multicast ones, and that is not such a
great idea.Great little book about 'git' and the purpose of 'git'2020-12-06T14:10:00Z2020-12-06T14:10:00Zhttp://www.sabi.co.uk/blog/201206A pocket guide about 'git' is pretty good
but 'git' is commonly misrepresented as a version control system
when instead it is a tool to review and edit collections of
content contributions.A sign of the times2020-06-14T13:15:00Z2020-06-14T13:15:00Zhttp://www.sabi.co.uk/blog/200614When booting the Linux kernel now says that it
also supports the chinese CPUs from Hygon and ZhaoxinAndroid 9 and 10 and Ethernet2020-05-12T21:00:00Z2020-05-12T21:00:00Zhttp://www.sabi.co.uk/blog/200512My Android 9 or 10 phones work well with
a generic wired Ethernet interface, convenient when WiFi
reception is not good.Configuring XScreenSaver for HiDpi2020-05-15T19:40:00Z2020-05-15T19:40:00Zhttp://www.sabi.co.uk/blog/200515To configure XScreenSaver on HiDPI
displays one must use X resources, and an example is given.Some simple data on filesystem type allocators2021-02-13T14:00:00Z2021-02-13T14:00:00Zhttp://www.sabi.co.uk/blog/210213Some simple data on how fragmented
files are after a simple tree copy with various Linux
filesystem types, and a bit about write rates.Linux and BSD extensions should be UNIXy2021-04-17T12:20:03Z2021-04-17T12:20:03Zhttp://www.sabi.co.uk/blog/210417Linux and BSD are non-proprietary and no-cost
alternatives to MS-Windows, but they are also UNIX, and UNIX was
popular when it was proprietary and had a cost because it was
"better". When designing Linux or BSD extensions that should
continue to be the case, MS-Windows like functionality should not
just be copied.Cloud VMs with long term leasing compared to colocation2019-11-09T11:10:01Z2019-11-09T11:10:01Zhttp://www.sabi.co.uk/blog/191109AWS introduced new pricing for leasing a VM
for 1-3 years and that can be compared to buying a server and
putting it in colocation for same period, and it turns out that
colocation at AWS is quite expensive.Multiple passwords and SSH2020-07-18T09:45:01Z2020-07-18T09:45:01Zhttp://www.sabi.co.uk/blog/200718A good idea would be to have multiple passwords
for the same user in UNIX because using different passwords in
different contexts makes password revocation a lot cheaper.Good USB3/SSD storage speeds2020-09-30T21:50:01Z2020-09-30T21:50:01Zhttp://www.sabi.co.uk/blog/200930Impressive sequential transfer rates with SSDs
over NVME, SATA3 and USB3 buses.Rough sizes of main Linux filesystem modules end of 20202021-01-23T23:50:01Z2021-01-23T23:50:01Zhttp://www.sabi.co.uk/blog/210123An update to a previous survey of kernel
filesystem module code sizes as a rough indication of their
complexity.'runit' versus 'systemd'2021-04-16T13:30:02Z2021-04-16T13:30:02Zhttp://www.sabi.co.uk/blog/210416While they work-ish, both 'runit' and
especially 'systemd' are unsatisfactory, because 'runit' is simple
and elegant in part because it does not solve some difficult issues,
and while 'systemd' (and D-Bus) attempts to solve them, the result
is incomplete, complex and fragile.A simplified history of UNIX 'init'2021-04-15T23:10:03Z2021-04-15T23:10:03Zhttp://www.sabi.co.uk/blog/210415A brief analysis of Edition 7 'init' and that of
System V 'init' with the original and 'init.d/' schemesExtension snaps and packages2021-03-06T11:50:01Z2021-03-06T11:50:01Zhttp://www.sabi.co.uk/blog/210306What is the point of 'snap' style bundles if
they behave like big packages because they have dependencies?Public shareable area via multiple protocols2018-12-12T22:00:00Z2018-12-12T22:00:00Zhttp://www.sabi.co.uk/blog/181212How to setup a public filetree for similar
access via 4 file transfer methods (FTP, HTTP. WebDAV, RSYNC) and
3 file sharing methods (AFP, NFSv3, NFSV4, SMB/CIFS).Hardly visible window borders2018-11-25T20:20:00Z2018-11-25T20:20:00Zhttp://www.sabi.co.uk/blog/181125Recent cool GNU/Linux GUIs have nearly
invisible borders for windows, just like Mac OS X.Partitioning for flexibility2018-11-11T17:20:00Z2018-11-11T17:20:00Zhttp://www.sabi.co.uk/blog/181111For later flexibility it is good to reserve a
small legacy BIOS and EFI BIOS boot partitions even if they remain
unused.Limitations of the MS-Windows 10 installer2018-11-10T09:40:00Z2018-11-10T09:40:00Zhttp://www.sabi.co.uk/blog/181110Amazingly the native MS-Windows installer
cannot install to GPT labeled storage, but can after-the-fact
convert them to GPT.Organizing configuration management programs2018-10-21T17:50:00Z2018-10-21T17:50:00Zhttp://www.sabi.co.uk/blog/181021Software defined configuration requires
often writing a lot of software, and that is often quite complex
and subtle, and therefore it often starts or becomes unmaintainable
unless disciplined software engineering practices and principles are
used, which happens rarely.Features that I disable in 'ext4'2018-10-13T11:20:00Z2018-10-13T11:20:00Zhttp://www.sabi.co.uk/blog/181013With 'ext4' I routinely disable the options
'64bit', 'dir_index' and 'metadata_csum' for various reasons.Creating a valid but unbootable root partition2018-10-10T21:10:00Z2018-10-10T21:15:00Zhttp://www.sabi.co.uk/blog/181010In newer GNU/Linux distribution 'ext4'
filesystems default to 64 bit block addresses which may not be
fully supported by GRUB2.Sort order and physical directory order can surprise2018-07-04T20:45:00Z2018-07-04T20:45:00Zhttp://www.sabi.co.uk/blog/180704Both physical and alphabetic ordering of
the names of directory entries in recent UNIX/Linux systems can
be surprising.Which nVidia proprietary driver packages for Ubuntu?2018-07-01T09:35:00Z2018-07-01T09:35:00Zhttp://www.sabi.co.uk/blog/180701There are many possible sources and ways to
install the proprietary nVidia drivers for Ubuntu, but using the
CUDA packages online repo (with pinning) is probably the most
convenient.A small example of the UNIX way and other ways2018-06-09T10:10:00Z2018-06-09T10:10:00Zhttp://www.sabi.co.uk/blog/180609A few shell command lines to SIGSTOP a set of
processes, some are more UNIXy than others.Economies of scale are economies of inflexibility2018-06-02T17:00:00Z2018-06-02T17:00:00Zhttp://www.sabi.co.uk/blog/180602Economies of scale are almost never from scale
itself, but from specialization, that is from higher inflexibility.
IT equipment is already manufactured, because of market standards,
in enormous quantities using very specialized processes, so any
economies arising from that are already available to all for even
relatively small order sizes. Conversely because of the same market
standards and large volumes the products are extremely generic,
which does not allow easily for economies of inflexibility in its
deployments.With UTF-8 'grep -i' is very expensive2018-03-31T11:20:00Z2018-03-31T11:20:00Zhttp://www.sabi.co.uk/blog/180331When 'LC_CTYPE' indicates a UTF character set
'grep -i' becomes 20 times slower in CPU time.Chromium adds extended attributes to downloaded files2018-03-30T20:40:00Z2018-03-30T20:40:00Zhttp://www.sabi.co.uk/blog/180330Without documenting this the Chromium browser
adds to the extended attributes of a downloaded file its URL and its
referring URL. This can be useful or a privacy issue."The true cost of hosting in the cloud"2018-03-13T22:10:00Z2018-03-13T22:10:00Zhttp://www.sabi.co.uk/blog/180313A Kubernetes supporter compares the cost of
running infrastructures of various sizes as physical colocated
systems and networks, and virtual systems rented from a cloud
provider. Their conclusion is that virtual infrastructures up to 100
medium sized servers are cheaper rented from the cloud, if they run
workloads for which Kubernetes works well. My comments is that
colocation is usually better, and for very small or larger
infrastructures private data centers work even better. except for
Kubernetes-friendly workloads that resemble a public-content
distribution network.Another view of overloading and infix overloading in Rust2018-03-12T18:30:00Z2018-03-12T18:30:00Zhttp://www.sabi.co.uk/blog/180312Another blogger has written a useful but messy
post of overloading in Rust, and some more details on the weird
rules on infix function calls options.Overloading in Rust is possible but weirdly complicated2018-03-11T11:20:00Z2018-03-11T11:20:00Zhttp://www.sabi.co.uk/blog/180311In Rust it is possible but weirdly complicated
to overload a function, via traits and templates. It seems that the
designers of Rust assumed that overloading arises from genericity
instead of viceversa.The disposable computing situation2018-03-08T12:50:00Z2018-03-08T12:50:00Zhttp://www.sabi.co.uk/blog/180308A lot of consumer level computing products seem
designed to be disposable: no user serviceable parts inside, whether
hardware or software, and when the developers tire to service the
product, the user is supposed to just dispose of it, and get a new
one. This is also becoming a common attitude for business computing,
usually implicitly. The problem is that computing products involve
persistent attachments like training and data, that cannot be
disposed of as easily as a product, and replaced with new pristine
training and data.Replacing a flash SSD because it has become old2018-03-04T21:30:00Z2018-03-04T21:30:00Zhttp://www.sabi.co.uk/blog/180304I have replaced a perfectly working 6 year old
flash SSD that had consumed just 6% of its "endurance" with a new
one costing 1/4 of the price I paid for the older one. I did this
simply just-in-case about old electronics.Optane enterprise SSD from intel2018-02-28T21:30:00Z2018-02-28T21:30:00Zhttp://www.sabi.co.uk/blog/180228Optane NVMe enterprise SSDs have become
available, at a cost of 6 times per GB that of similar flash
devices, with 2-3 the times the transfer rate and 9 times smaller
latency.The "whatever" approach to software configuration management2018-02-24T10:40:00Z2018-02-24T10:40:00Zhttp://www.sabi.co.uk/blog/180224Some articles debate the advantages of
language specific code delivery tools versus distribution packages,
and find them to involve much less "friction". But this is not due
to their superiority, but to radically simplified assumptions:
single language, the language is usually interpreted, applications
are single-environments, no maintenance is required. Distributions
cannot assume that.Consolidation of infrastructure and economies of scale or scope2018-02-23T22:00:00Z2018-02-23T22:00:00Zhttp://www.sabi.co.uk/blog/180223In some industries large expensive plant allows
reaping economies of scale, but beyond a low scale that does not
happen for computer or network infrastructure, and economies of
scope from sharing overhead costs don't apply either.Availability zones as a symptom2018-01-15T18:50:00Z2018-01-15T18:50:00Zhttp://www.sabi.co.uk/blog/180115Generic virtualized infrastructures require
workst-case assumptions about impact of failures, and "availability
zones" are a symptom of that, because only systems in distinct
zones need not be assumed to have correlated failures. This requires
a very coarse grained worst-case approach to redundancy, which
involves wholesale replication at both the virtualizing
infrastructure level and the virtualized system level. Regular
custom infrastructures allow easily design of highly available
systems taking advantage of the very different reliability profiles
of different equipment and applications.Great 8-CPU parallelism during compression2018-01-01T15:10:00Z2018-01-01T15:10:00Zhttp://www.sabi.co.uk/blog/180101Using 'pigz' instead of 'pbzip2', with
'aespipe', greatly speeds up backup while keeping busy 8 CPUs quyite
well.Skype containerization for Linux2018-02-13T18:10:00Z2018-02-13T18:10:00Zhttp://www.sabi.co.uk/blog/180213Skype developers are starting to distribute
their application with the Snap container-like packaging format, and
they give the usual reasons why they think system administration
by application vendors is a good idea.Experiences of being hacker'ed2018-01-27T15:00:00Z2018-01-27T15:00:00Zhttp://www.sabi.co.uk/blog/180127Systems that I use and work with have not been
hacker'ed in a long time, and probably the main reason is that they
are simply but diligently protected against low budget scattershot
attempts for banal uses as spam bots or similar, and the data they
have is not worth a high budget attempt. Regardless if a high budget
hacker has succeed I would probably not be able to detect that.Tidy cable storage and tagging2018-01-13T10:50:00Z2018-01-13T10:50:00Zhttp://www.sabi.co.uk/blog/180113System administrators need to keep inventories
of deployed and spare hardware and in particular of cables. My
practice is to keep the cables from tangling each other, and tagged
with something describing where whould should plug into, as this
makes for quicker and less error prone maintenance.The popular version control systems and Breezy2018-01-06T11:40:00Z2018-01-06T11:45:00Zhttp://www.sabi.co.uk/blog/180106Among distributed version control systems the
most popular are 'git' and Mercurial, but 'git' has an awkward
command line and Mercurial a storage structure that multiplies small
files. Bazaar has neither of these issues, is drop-in compatible
with 'git' repositories, and while developement has been slow in
recent years, it has now been forked into Breezy, that will be
converted to Python 3, and kept going.So far Firefox 57 "Quantum" is good2017-12-27T17:20:00Z2017-12-27T17:20:00Zhttp://www.sabi.co.uk/blog/171227Having used Firefox 57 "Quantum" for several
weeks, so far it is good, and even an improvement.The "mixin" and "flavors" problem for configuration2017-10-29T17:10:00Z2017-10-29T17:10:00Zhttp://www.sabi.co.uk/blog/171101Software-defined infrastructures are defined by
software, that is by programs or scripts. These programs are
expensive to write and expensive to maintain, even if they are in
theory more flexible than hardware infrastructure. However since
they rely on a fixed hardware infrastructure their actual
flexibility is bounded by that fixed hardware infrastructure, as to
performance at least. Software defined infrastructure work well when
their performance enveloped is rather bigger than that of any
workload they are meant to run, and the programs that deliver the
extra flexibility are written with maintainability in
mind.VM infrastructure skepticism is good for VM infrastructures2017-12-11T18:50:00Z2017-12-11T18:50:00Zhttp://www.sabi.co.uk/blog/171211VM infrastructures have significant tendency to
long term downsides related to complexity and overloading. Systems
engineers that are aware of that tendency are better suited to design
and maintain them because they are more likely to try to slow down
that tendency.Mobile phone network hacking and more on security2017-10-14T15:40:00Z2017-10-14T15:40:00Zhttp://www.sabi.co.uk/blog/171014Even mobile phone networks can be hacked to
work arond two-factor authentication, and even ordinary electrical
devices can be cheaply endowed with spying microdevices, and
large-budget "targeted operations" are difficult to defend
against. Being prudent about them helps, just as it helps to be a
low-value target.Some interesting tools2017-11-17T23:30:00Z2017-11-17T23:30:00Zhttp://www.sabi.co.uk/blog/171117I have recently noticed Greyhole and SnapRAID,
two unusual storage tools, and Singularity, a containerization
scheme.Misconfiguration of SATA chip made flash SSD look slower2017-12-01T23:40:00Z2017-12-01T23:40:00Zhttp://www.sabi.co.uk/blog/171201The halving of the transfer rate of a flash SSD
was not due to its getting older, but to its interface being
switched to SATA1 mode.Some recent news about "security"2017-11-18T12:15:00Z2017-11-18T12:15:00Zhttp://www.sabi.co.uk/blog/171118Various recent computer "hacking" news show
that it is pervasive, and can be profitable. It is important to
avoid being or appearing a profitable target.Switching to Firefox 57 Quantum2017-11-13T18:05:00Z2017-11-13T18:05:00Zhttp://www.sabi.co.uk/blog/171113Switching to Firefox 57 Quantum usually
requires some manual intervention to configure its confinement
sandbox, to preserve the sessions across the upgrade, to limit CPU
and memory consumption by greedy websites, and replace XUL add-ons
with WebExtension ones. The result can be a reasonable
improvement.Status of Btrfs2017-11-09T16:20:00Z2017-11-09T16:20:00Zhttp://www.sabi.co.uk/blog/171109There is now a page of notes dedicated to
Btrfs, with contents extracted from the Linux filesystes notes,
plus a list of Btrfs terms and a summary description of its status
and recommended usage.C vs. C++ and the cost of system level features2017-10-04T17:10:00Z2017-10-04T17:10:00Zhttp://www.sabi.co.uk/blog/171004In C every language feature has a simple and
low cost, while in C++ some features that look simple can have a
large cost. The same happens at the system level, for example with
Btrfs, where some features or combinations of features can have
surprisingly large costs.Trends in computing in the past 20 years2022-01-07T20:40:00Z2022-01-07T20:40:00Zhttp://www.sabi.co.uk/blog/220107A summary of some major and minor trends in computing.Changing DPI in X-Windows, 2022 edition2022-03-05T18:20:00Z2022-03-05T18:20:00Zhttp://www.sabi.co.uk/blog/220305A script to change DPI reported or rendered by
X Windows or major GUI libraries.