A thousand years that never happened

I had seen many times discussions that mention a shift of our calendar before my visit to India in 2015, that the dates were intentionally advanced to make the history seem longer, likely some time in the 19th century. The thought originates from seeing dates from the 18th and 17th centuries that are written with an “i” – rather “i765” than “1765”, for example. Of course, one starts guessing that “i” is not the “thousand” but simply a mention of the calendar style – “from the birth of Jesus (Iehovah)” to distinguish it from other calendar styles (like, e.g. “from the making of peace” that is 5000 years earlier).

The idea itself is interesting but it is difficult to believe that this kind of atrocity is possible. And how can you be sure about the events that happened long time ago and how those dates were supposed to be written and all that. So you are left with doubts but never with surety. And suddenly all my doubts were blown away at once.

I was in Chennai, India, on a business trip. They have a beautiful church there: St. Thomas Cathedral Basilica. The white stone building, magnificent outside and tastefully decorated with wood inside, is definitely worth a visit. According to the Wikipedia, it exists from 1523.

Walking around inside the church, I suddenly came across several tomb stones mounted into the floor. This kind of thing is often seen in the older catholic churches, so that was not surprising. What was surprising were the dates that can be read quite clearly. This one in the picture is dated as J793, which is absolutely and without doubt 793 from the birth of Jesus, known nowadays more commonly as AD (Anno Domini). Here, instead of “i”, you can definitely read a clear “J”, so that there is no doubt whatsoever left regarding the date.

And so it appears that all our historical dates were reinterpreted at a certain point to give them an extra millennium. And the 2015 is not really 2015 but merely 1015. That is, if it’s the only change and there isn’t more. We also heard about the period of European history known as “dark ages” because we know so very little about. Well, that period never happened. It’s a thousand years sparsely populated with artificially moved around events to make an appearance of a longer history and cover up a hole.

Permanent link to this article →

Xerox Phaser 3052 against Debian Linux – shell wins, admin loses

Installing a printer in Linux should not be a challenge nowadays… It shouldn’t, should it? Shoot it, it shouldn’t.

I have this wonderful Xerox Phaser 3052 that works beautifully and I had to get it working with my new Linux notebook. I vaguely remembered that when I was installing it for my old notebook the procedure was not very despicable, so I was full of high hopes and thought I would be printing away in a few minutes. It works for the old one, right? Well, whaddayaknow, two days later I have a simple install procedure that works and a desire to strangle a few Xerox and Debian developers.

The necessary filters and all that (driver package) are available at Xerox Driver download for Phaser 3052 and that is wonderful. Simply download that and then load also the Debian package for the Phaser 3010-3040 driver.

Unpack the second one and marvel at the i386 architecture .deb package. Now, of course, we are running a 64 bit architecture, so we will have to add the i386 to be able to use that. Fortunately, that is simple:

dpkg --add-architecture i386
apt-get update
apt-get install libcups2:i386
apt-get install ./xerox-phaser-3010-3040_1.0-28_i386.deb

It should all work like a charm. Now we have to install the filters. Unpack the first package and change into the “uld” directory. If you now try to run install-printer.sh, you will be not surprised that it doesn’t work.

# ./install-printer.sh 
**** Running install ...
**** Press 'Enter' to continue or 'q' and then 'Enter' to quit. : 
./noarch/package_install.sh: 57: local: 3052/uld/noarch/.version-printer: bad variable name
**** Install finished.

Spending a long evening trying to figure out what is wrong with the script did not help. Fortunately, in the morning I was a little brighter and suddenly decided to check what shell the scripts are running with. And, damn, it isn’t bash.

# l /bin/sh
lrwxrwxrwx 1 root root 4 Jan 24  2017 /bin/sh -> dash*

There is a little what’s it in the fact that all scripts are written for bash and the Debian developers decided that switching to dash would be a bright idea. No, really? Ok, now the fix is obvious and simple:

# cd /bin/
# rm sh
# ln -s bash sh

And suddenly, like if by magic, it all works…

# ./install-printer.sh 
**** Running install ...
**** Press 'Enter' to continue or 'q' and then 'Enter' to quit. : 
**** Are you going to use network devices ? If yes, it is recommended to configure your firewall.
**** If you want to configure firewall automatically, enter 'y' or just press 'Enter'. To skip, enter 'n'. : 
**** Registering CUPS backend ...
**** CUPS restart OK.
**** Print driver has been installed successfully.
**** Install finished.

The rest is simple, just follow any guide into setting up CUPS. Go to the http://localhost:631/printers/ and add the printer. I use the lpd connection with a static IP address but it pretty well auto-identifies a couple of other connections that can be used with a dynamic address, so this is all straightforward.

Permanent link to this article →

Harry Potter And The Methods Of Rationality

A wonderful, wonderful book. I only wish I could read it earlier. This is likely one of the very best books I ever read. The “Harry Potter And The Methods Of Rationality” is very loosely based around the original characters and environments set by J.K.Rowling but really is a completely different book. And, at that, a much better book it is. Of course, this book would be hardly suitable or understood in full by the children before they at least have a solid understanding of logic and a little of various sciences. For adults, this is a feast. I will not go into any detail of the plot and characters, they are all amazing and the book is full of surprises. It’s best if you discover it yourselves. I will simply highly recommend you do discover it indeed.

The book is available here: https://www.fanfiction.net/s/5782108. Go read it if you did not yet, you will not be disappointed.

A local copy in PDF is available. A local copy in EPUB is available.

Permanent link to this article →

Debian 8 to Debian 9 “stretch”

Debian 9 “stretch” turned out to be a stretch indeed. A stretch of my patience and imagination it is. I finally got around to upgrading my desktop and servers to the latest stable and I am not amused. Oh, being on Debian for nearly 20 years I did plenty of upgrades and none of them were painless. Most of the time I actually ended up scrapping the system and installing fresh copies of servers to make sure things work. Recently it was getting better though and I did not see too many angry shouts about the upgrade so I decided to give it a go. I marked up this weekend for the upgrade because experience taught me I was going to need time to fix things before the work starts on Monday.

Well, all right, so on the desktop many applications were simply uninstalled. Fine, when I need something and I notice it missing I install the tool again. That’s annoying but no big deal really. The upgrade itself failed, predictably, but with a little push from our friend ‘apt-get install -f’ the upgrade worked its way through and actually completed, which was a pleasant surprise overall. On the servers though things are not looking good at all.

The update went fairly quickly and without errors so I was amazed with the smooth action. I did feel a little suspicious but after reading through the apt-listchanges did not see anything Earth shattering and felt reassured. Little did I know of what the next hours would bring… The mail server went quietly away and would not start giving me weird errors. I was certain I read about postfix updates in the apt-listchanges but this did not look like anything described there.

After a while I realized that I am looking at some strange errors and configuration of MariaDB instead of the MySQL. Oh, my! That was not mentioned anywhere during the upgrade, was it? No, really! Debian has quietly yanked the MySQL out of my server and installed MariaDB instead. Moreover, it pretended to port my DB to MariaDB, meaning they were now not compatible with MySQL!

Fantastic. So I headed to the MySQL sites where folks of Oracle actually give a fair warning that, yes, Debian will silently replace the database on upgrade. And Debian did not mention it except to note triumphantly that they provide now a much better and transparently compatible database in a press release.

Well, I tell you what. The MariaDB is not transparently compatible. It breaks things that rely on MySQL. This must be mentioned in the upgrade notes! In fact, this is the kind of change I should see before the upgrade in large letter across the screen:

WE WILL CHANGE THE DB! IT WILL BREAK THE SYSTEM!

That was a major problem and took me some time to fix – removing MariaDB, cleaning data directories, installing community edition MySQL, recovering the database and finally, the mail server agreed to start up and operate. Users would not have been amused, I tell you.

Now a few other smaller things and annoyances that I came across and how to fix them.

Postfix log lines look different, so you’ll have to rewrite your rules for logcheck to ignore the normal operational messages. That’s okay, we are used to this, just shrug and get moving.

Vim has become a nightmare suddenly, I could not just Unix style select and paste with the mouse, it kept switching to this idiotic visual mode. It turns out that vim now loads defaults from defaults.vim and those defaults override the defaults you set in your vim.local. How cool is that?

Add lines

"switch off the visual mode
set mouse-=a
" and stop overriding my config
let g:skip_defaults_vim = 1

to /etc/vim/vimrc.local to make vim behave more normal.

faill2ban has received a seemingly innocent rewrite of the options but your jail.local file will not work. Best to install the fail2ban from scratch and add your customizations to a fail in jail.d/ directory as advised. Mind you that if you enable any of the jails for the email – the default configuration will try to use a service “imap3” that does not exist, of course, breaking things for you again, kudos to the maintainer. Use the port line for each such block:

port = smtp,465,submission,imap,imaps,pop3,pop3s

Interestingly the mail filter clamav did not upgrade well and kept recommending me to head over to their website and read all about upgrading like if it was still running an old and outdated version or something. Purging it completely and reinstalling was the solution to clamav mail filtering.

If you decide to upgrade and you have MySQL on your server, make sure you do something sensible about it before the upgrade. Either set up a community edition or dump the data and uninstall. I think it is better to install your DB and populate from scratch than to try to migrate it, frankly.

Permanent link to this article →

Popular knife steel guide condensed

Ultra premium

  • CPM S110V Edge retention: 10 Corrosion resistance: 6 Ease of sharpening: 1
  • CPM S90V Edge retention: 9 Corrosion resistance: 5 Ease of sharpening: 1
  • M390 Edge retention: 9 Corrosion resistance: 7 Ease of sharpening: 2
  • ZDP-189 Edge retention: 8 Corrosion resistance: 4 Ease of sharpening: 1
  • Elmax Edge retention: 8 Corrosion resistance: 5 Ease of sharpening: 3
  • CPM-20CV Edge retention: 9 Corrosion resistance: 7 Ease of sharpening: 2

Premium

  • CTS-XHP Edge retention: 8 Corrosion resistance: 6 Ease of sharpening: 5
  • CPM M4 Edge retention: 9 Corrosion resistance: 2 Ease of sharpening: 2
  • CPM S35VN Edge retention: 7 Corrosion resistance: 7 Ease of sharpening: 5
  • CPM S30V Edge retention: 7 Corrosion resistance: 7 Ease of sharpening: 5

High end

  • 154CM Edge retention: 6 Corrosion resistance: 6 Ease of sharpening: 5
  • ATS-34 Edge retention: 6 Corrosion resistance: 6 Ease of sharpening: 5
  • D2 Edge retention: 8 Corrosion resistance: 2 Ease of sharpening: 3
  • VG-10 Edge retention: 6 Corrosion resistance: 7 Ease of sharpening: 6
  • H1 Edge retention: 2 Corrosion resistance: 9 Ease of sharpening: 8
  • N680 Edge retention: 5 Corrosion resistance: 8 Ease of sharpening: 6

Upper mid-range

  • 440C Edge retention: 4 Corrosion resistance: 4 Ease of sharpening: 6
  • AUS-8 Edge retention: 3 Corrosion resistance: 4 Ease of sharpening: 8
  • CTS-BD1 Edge retention: 4 Corrosion resistance: 6 Ease of sharpening: 6
  • 8Cr13MoV Edge retention: 3 Corrosion resistance: 3 Ease of sharpening: 8
  • 14C28N Edge retention: 4 Corrosion resistance: 6 Ease of sharpening: 6

Lower mid-range

  • 440A Edge retention: 3 Corrosion resistance: 5 Ease of sharpening: 9
  • 420HC Edge retention: 3 Corrosion resistance: 8 Ease of sharpening: 9
  • 13C26 Edge retention: 3 Corrosion resistance: 4 Ease of sharpening: 7
  • 1095 Edge retention: 3 Corrosion resistance: 2 Ease of sharpening: 8

Low end

  • 420J Edge retention: 2 Corrosion resistance: 8 Ease of sharpening: 9
  • AUS-6 Edge retention: 3 Corrosion resistance: 5 Ease of sharpening: 9

Source: http://bestpocketknifetoday.com/discovering-the-best-knife-steel/

Permanent link to this article →

Rotating videos with ffmpeg

Often, a video taken with a mobile phone will be rotated in a different way than you expect. It may be taken vertically or upside-down. So you may want to correct that and get yourself a properly rotated video for viewing on computer.

ffmpeg-logoAll right, on Linux we use ffmpeg and there is no problem with it. The ffmpeg will happily rotate the video. What you do not expect is that the rotation information will remain in the media and then the player will try to rotate it again. What you get is a mess and you will be cursing away trying to understand why your video ends up upside down all the time although you enter the parameters to rotate it correctly.

So, the first thing you want to do is to remove the meta-information about rotation from the video. Like this:

ffmpeg -i 20160225_211430.mp4 -metadata:s:v rotate="0" -codec copy 20160225_211430_2.mp4

Once the meta-information is gone, we can check the actual rotation of the video stream and finally correct it with the ffmpeg:

ffmpeg -i 20160225_211430_2.mp4 -vf "transpose=1" 20160225_211430_3.mp4

Interestingly, the meta-information is used by some players and not used by others, so the results are unpredictable if you leave the video rotated. I prefer it to be “physically” rotated to the right direction and remove the original rotation angle – then you get reliable view on all devices. More or less :)

Permanent link to this article →

Containers gone wrong: lxc vs. xen

I run a few websites myself and I was always keen on making my life easier looking after them. So virtual servers and services are not something that I ignore if you catch my drift. I have been running xen for quite a long while and I have to say it is bothersome to upgrade all of those linux machines running this and that, isn’t it?

So I did try some other virtualization approaches before and I quite liked the idea of the OS level virtualization, that is similar to the regular BSD jails, but on linux and it worked nicely.The virtual machine was not that well isolated, I was a bit cautious to use it in production but the idea stuck – mainly because of the ease of maintaining the server, where you upgrade the OS only once and all VMs get the updates automatically, since they simply run from the root FS of the main machine, basically.

So when people started to come across with the lxc and docker, calling them “mature” and “OS level virtual machines”, I was rather excited to try them on. I thought they would provide the same idea – secure virtualization of the running processes environment while keeping the FS in sync with the main host, allowing for an easy maintenance.

container-ship-crashesOh, boy, was I into a major disappointment! First, the whole thing of lxc is based on downloading virtual machines over the Internet from an insecure repository. Okay, we do that with Debian, but Debian has been around for many a decade, so we kinda trust them, all right? Why should I want to run my production services on a VM that has been installed by someone else and offered for me as a download? What a silly idea indeed.

But, secondly, it is no better than hardware-emulating hypervisor-based virtualization in terms of maintenance. Once you get this VM downloaded and installed, it behaves completely separately. You have to go to each VM and update it manually! Except that you share the kernel and you may have a compatibility problem there, oops. What sort of nonsense is that? Why would anyone want to move from xen to lxc if the maintenance is the same but security and quality is down the drain, eh? For some mythical changes in performance or what else?

So, to summarize: I say lxc and everything based on top of it sucks. It serves no real purpose, it is an over-complicated exercise in engineering that solves a non-existing problem (if any at all).

What we really need is something similar to jails on linux. A system where your VM will completely reuse all of the software from the host so that there is no maintenance problem for services that require isolation but run on such similar configuration as doesn’t matter. For everything else we have xen already (and plenty of other hypervisor based systems).

Permanent link to this article →