Debian 8 to Debian 9 “stretch”

Debian 9 “stretch” turned out to be a stretch indeed. A stretch of my patience and imagination it is. I finally got around to upgrading my desktop and servers to the latest stable and I am not amused. Oh, being on Debian for nearly 20 years I did plenty of upgrades and none of them were painless. Most of the time I actually ended up scrapping the system and installing fresh copies of servers to make sure things work. Recently it was getting better though and I did not see too many angry shouts about the upgrade so I decided to give it a go. I marked up this weekend for the upgrade because experience taught me I was going to need time to fix things before the work starts on Monday.

Well, all right, so on the desktop many applications were simply uninstalled. Fine, when I need something and I notice it missing I install the tool again. That’s annoying but no big deal really. The upgrade itself failed, predictably, but with a little push from our friend ‘apt-get install -f’ the upgrade worked its way through and actually completed, which was a pleasant surprise overall. On the servers though things are not looking good at all.

The update went fairly quickly and without errors so I was amazed with the smooth action. I did feel a little suspicious but after reading through the apt-listchanges did not see anything Earth shattering and felt reassured. Little did I know of what the next hours would bring… The mail server went quietly away and would not start giving me weird errors. I was certain I read about postfix updates in the apt-listchanges but this did not look like anything described there.

After a while I realized that I am looking at some strange errors and configuration of MariaDB instead of the MySQL. Oh, my! That was not mentioned anywhere during the upgrade, was it? No, really! Debian has quietly yanked the MySQL out of my server and installed MariaDB instead. Moreover, it pretended to port my DB to MariaDB, meaning they were now not compatible with MySQL!

Fantastic. So I headed to the MySQL sites where folks of Oracle actually give a fair warning that, yes, Debian will silently replace the database on upgrade. And Debian did not mention it except to note triumphantly that they provide now a much better and transparently compatible database in a press release.

Well, I tell you what. The MariaDB is not transparently compatible. It breaks things that rely on MySQL. This must be mentioned in the upgrade notes! In fact, this is the kind of change I should see before the upgrade in large letter across the screen:


That was a major problem and took me some time to fix – removing MariaDB, cleaning data directories, installing community edition MySQL, recovering the database and finally, the mail server agreed to start up and operate. Users would not have been amused, I tell you.

Now a few other smaller things and annoyances that I came across and how to fix them.

Postfix log lines look different, so you’ll have to rewrite your rules for logcheck to ignore the normal operational messages. That’s okay, we are used to this, just shrug and get moving.

Vim has become a nightmare suddenly, I could not just Unix style select and paste with the mouse, it kept switching to this idiotic visual mode. It turns out that vim now loads defaults from defaults.vim and those defaults override the defaults you set in your vim.local. How cool is that?

Add lines

"switch off the visual mode
set mouse-=a
" and stop overriding my config
let g:skip_defaults_vim = 1

to /etc/vim/vimrc.local to make vim behave more normal.

faill2ban has received a seemingly innocent rewrite of the options but your jail.local file will not work. Best to install the fail2ban from scratch and add your customizations to a fail in jail.d/ directory as advised. Mind you that if you enable any of the jails for the email – the default configuration will try to use a service “imap3” that does not exist, of course, breaking things for you again, kudos to the maintainer. Use the port line for each such block:

port = smtp,465,submission,imap,imaps,pop3,pop3s

Interestingly the mail filter clamav did not upgrade well and kept recommending me to head over to their website and read all about upgrading like if it was still running an old and outdated version or something. Purging it completely and reinstalling was the solution to clamav mail filtering.

If you decide to upgrade and you have MySQL on your server, make sure you do something sensible about it before the upgrade. Either set up a community edition or dump the data and uninstall. I think it is better to install your DB and populate from scratch than to try to migrate it, frankly.

Permanent link to this article →

Popular knife steel guide condensed

Ultra premium

  • CPM S110V Edge retention: 10 Corrosion resistance: 6 Ease of sharpening: 1
  • CPM S90V Edge retention: 9 Corrosion resistance: 5 Ease of sharpening: 1
  • M390 Edge retention: 9 Corrosion resistance: 7 Ease of sharpening: 2
  • ZDP-189 Edge retention: 8 Corrosion resistance: 4 Ease of sharpening: 1
  • Elmax Edge retention: 8 Corrosion resistance: 5 Ease of sharpening: 3
  • CPM-20CV Edge retention: 9 Corrosion resistance: 7 Ease of sharpening: 2


  • CTS-XHP Edge retention: 8 Corrosion resistance: 6 Ease of sharpening: 5
  • CPM M4 Edge retention: 9 Corrosion resistance: 2 Ease of sharpening: 2
  • CPM S35VN Edge retention: 7 Corrosion resistance: 7 Ease of sharpening: 5
  • CPM S30V Edge retention: 7 Corrosion resistance: 7 Ease of sharpening: 5

High end

  • 154CM Edge retention: 6 Corrosion resistance: 6 Ease of sharpening: 5
  • ATS-34 Edge retention: 6 Corrosion resistance: 6 Ease of sharpening: 5
  • D2 Edge retention: 8 Corrosion resistance: 2 Ease of sharpening: 3
  • VG-10 Edge retention: 6 Corrosion resistance: 7 Ease of sharpening: 6
  • H1 Edge retention: 2 Corrosion resistance: 9 Ease of sharpening: 8
  • N680 Edge retention: 5 Corrosion resistance: 8 Ease of sharpening: 6

Upper mid-range

  • 440C Edge retention: 4 Corrosion resistance: 4 Ease of sharpening: 6
  • AUS-8 Edge retention: 3 Corrosion resistance: 4 Ease of sharpening: 8
  • CTS-BD1 Edge retention: 4 Corrosion resistance: 6 Ease of sharpening: 6
  • 8Cr13MoV Edge retention: 3 Corrosion resistance: 3 Ease of sharpening: 8
  • 14C28N Edge retention: 4 Corrosion resistance: 6 Ease of sharpening: 6

Lower mid-range

  • 440A Edge retention: 3 Corrosion resistance: 5 Ease of sharpening: 9
  • 420HC Edge retention: 3 Corrosion resistance: 8 Ease of sharpening: 9
  • 13C26 Edge retention: 3 Corrosion resistance: 4 Ease of sharpening: 7
  • 1095 Edge retention: 3 Corrosion resistance: 2 Ease of sharpening: 8

Low end

  • 420J Edge retention: 2 Corrosion resistance: 8 Ease of sharpening: 9
  • AUS-6 Edge retention: 3 Corrosion resistance: 5 Ease of sharpening: 9


Permanent link to this article →

Rotating videos with ffmpeg

Often, a video taken with a mobile phone will be rotated in a different way than you expect. It may be taken vertically or upside-down. So you may want to correct that and get yourself a properly rotated video for viewing on computer.

ffmpeg-logoAll right, on Linux we use ffmpeg and there is no problem with it. The ffmpeg will happily rotate the video. What you do not expect is that the rotation information will remain in the media and then the player will try to rotate it again. What you get is a mess and you will be cursing away trying to understand why your video ends up upside down all the time although you enter the parameters to rotate it correctly.

So, the first thing you want to do is to remove the meta-information about rotation from the video. Like this:

ffmpeg -i 20160225_211430.mp4 -metadata:s:v rotate="0" -codec copy 20160225_211430_2.mp4

Once the meta-information is gone, we can check the actual rotation of the video stream and finally correct it with the ffmpeg:

ffmpeg -i 20160225_211430_2.mp4 -vf "transpose=1" 20160225_211430_3.mp4

Interestingly, the meta-information is used by some players and not used by others, so the results are unpredictable if you leave the video rotated. I prefer it to be “physically” rotated to the right direction and remove the original rotation angle – then you get reliable view on all devices. More or less :)

Permanent link to this article →

Containers gone wrong: lxc vs. xen

I run a few websites myself and I was always keen on making my life easier looking after them. So virtual servers and services are not something that I ignore if you catch my drift. I have been running xen for quite a long while and I have to say it is bothersome to upgrade all of those linux machines running this and that, isn’t it?

So I did try some other virtualization approaches before and I quite liked the idea of the OS level virtualization, that is similar to the regular BSD jails, but on linux and it worked nicely.The virtual machine was not that well isolated, I was a bit cautious to use it in production but the idea stuck – mainly because of the ease of maintaining the server, where you upgrade the OS only once and all VMs get the updates automatically, since they simply run from the root FS of the main machine, basically.

So when people started to come across with the lxc and docker, calling them “mature” and “OS level virtual machines”, I was rather excited to try them on. I thought they would provide the same idea – secure virtualization of the running processes environment while keeping the FS in sync with the main host, allowing for an easy maintenance.

container-ship-crashesOh, boy, was I into a major disappointment! First, the whole thing of lxc is based on downloading virtual machines over the Internet from an insecure repository. Okay, we do that with Debian, but Debian has been around for many a decade, so we kinda trust them, all right? Why should I want to run my production services on a VM that has been installed by someone else and offered for me as a download? What a silly idea indeed.

But, secondly, it is no better than hardware-emulating hypervisor-based virtualization in terms of maintenance. Once you get this VM downloaded and installed, it behaves completely separately. You have to go to each VM and update it manually! Except that you share the kernel and you may have a compatibility problem there, oops. What sort of nonsense is that? Why would anyone want to move from xen to lxc if the maintenance is the same but security and quality is down the drain, eh? For some mythical changes in performance or what else?

So, to summarize: I say lxc and everything based on top of it sucks. It serves no real purpose, it is an over-complicated exercise in engineering that solves a non-existing problem (if any at all).

What we really need is something similar to jails on linux. A system where your VM will completely reuse all of the software from the host so that there is no maintenance problem for services that require isolation but run on such similar configuration as doesn’t matter. For everything else we have xen already (and plenty of other hypervisor based systems).

Permanent link to this article →

International marriage and living abroad

An interesting article from a lady living in an international marriage has prompted me thinking about her ideas and advice but I quickly realized that she is making false assumptions and leads us to wrong conclusions in general. So I will jot down my ideas here lest I forget them.

You see, her starting point seems to be that we need to discuss where to live and how to organize our life together if we are from different countries and cultures. On the surface, it seems like a really reasonable idea and then all the other things follow naturally: pick a safe country, make sure you get enough money to afford a good living standard, bla-bla-bla.

No. This is all wrong because it places us, men, squarely on the playing ground of women. Those are their values, their interests: comfort, safety, sufficient supplies to grow children and so on. All of those things do not matter if I come to ask the question that matters: I am a man and I have a purpose in life, would I sell my soul for more money, better climate or safer environment? Quite often, nowadays, men tend to answer “yes” to that question and in doing so they seize to be men proper and become surrogate women. And this is wrong.

A man, a proper grown up man, usually has ideas that are bigger than the minutiae of the current situation and living conditions. The man wants to conquer the world, create something monumental, change something grandiose in its momentum. The scale may be different depending on the man and his environment, but the ideas are always such that they surpass all this trivia of “where do we live and what will we eat tomorrow”.

Over the years, I myself have moved several times quite monumentally, changing countries and continents, disposing of everything I had collected and built. It was never to move where “the grass is greener” but always is to where my work and my interests take me. And I am sure that any man worth his salt will certainly want to do the same. Perhaps not all will act on it, but want they will.

So, the only thing I can tell to all of you girls out there who consider a marriage in general and an international marriage in particular: if you find a real man, your man will go wherever his passion takes him. You, sweet creations, will have to follow your men. Whether it is to the better or to the worse, you must be prepared to follow him and make the best out of whatever conditions you will find when you arrive. And nothing else matters.


Permanent link to this article →

The Good and The Evil

I was sitting on my dragon hovering near our wall thinking “they found me, somehow they did”. Dragons and other flying creatures were popping into the space around me, most carrying warriors on their back. They were quite a distance away yet but they will be closing in soon. I wondered how long our defense shield would contain them … It will… For a while it will but the battle is unavoidable.

“Blow them”,- said the voice of our great wizard in my head. It sounded a lot like the voice of Dumbledore from “Harry Potter” or Gandalf from “Hobbit”, I thought. “The more you manage to blow up now, the less we will have to fight later”. And I thought that was a pretty good idea. And it may also slow them down a bit and give our guys more time to gather, perhaps.

I thought all that in a split second and did exactly like the voice suggested. An explosion of magic light rippled the surface of the wall and rushed out, destroying and blowing away everything in its path.

And our dragons arrived popping out of the wall, both them and warriors on their backs sparkling bright in the cool light of the morning. We rushed all together down the wall to the foot of the mountain where the battle was starting.

I watched in amazement how every our warrior was matched by an equal warrior on the dark side. How they battled and hanged in balance and I realized something deeply that I thought about before but never felt on such a profound level.

Fight Dragon On Air Fantasy 2809037 800x500

We are bound to a balance. We cannot destroy the dark and the evil. If we were to do that, what would that make us? We would not be good anymore. At least not all of us. The destroying part would be then the dark side, our friends would become the evil ones, the light would be subverted. We were bound to keep a balance, a precarious balance with the dark side forever if we wanted to keep the light of good in the world.

The evil does not have such qualms. They would destroy us and not think twice about it. In fact, if they destroyed the good, the lesser evil would become the good, you know. The evil would split into really evil and less evil, creating this surrogate good somehow.

I walked up the city wall on the hill, watched the battle and wept at this realization. And then I realized also that this, what I just imagined, might have already happened. We may just be the lesser evil. The thought horrified me.

And I woke up.

Almost immediately I understood that the voice I heard at the beginning, the voice that told me to blow up our defenses, it wasn’t mine, it was not from one of our wizards, it was the voice of evil. They got into my mind and planted ideas that I did not notice. So I blew up our defense and forced the beginning of the battle instead of waiting it out behind our almost impenetrable shields. The battle of the mind and soul makes one win or lose the battle on the field.

And there is not any point in thinking about the balance and getting all mushy about it. There is no point in being good or evil. We just are. I am good and they are evil. And we fight. And we destroy the evil if we can. That’s all there is.

Permanent link to this article →