Recent blog entries

25 Sep 2015 caolan   » (Master)

crash testing and coverity, conference report

Slides for this morning's Crash Testing and Coverity numbers presentation. Summary, all ok, numbers ~0. If I'm analysing this right, then the highest quality is achieved at the height of the holiday season.

Syndicated 2015-09-25 09:04:00 (Updated 2015-09-25 09:04:38) from Caolán McNamara

24 Sep 2015 mikal   » (Journeyer)

How we got to test_init_instance_retries_reboot_pending_soft_became_hard

I've been asked some questions about a recent change to nova that I am responsible for, and I thought it would be easier to address those in this format than trying to explain what's happening in IRC. That way whenever someone compliments me on possibly the longest unit test name ever written, I can point them here.

Let's start with some definitions. What is the difference between a soft reboot and a hard reboot in Nova? The short answer is that a soft reboot gives the operating system running in the instance an opportunity to respond to an ACPI power event gracefully before the rug is pulled out from under the instance, whereas a hard reboot just punches the instance in the face immediately.

There is a bit more complexity than that of course, because this is OpenStack. A hard reboot also re-fetches image meta-data, and rebuilds the XML description of the instance that we hand to libvirt. It also re-populates any missing backing files. Finally it ensures that the networking is configured correctly and boots the instance again. In other words, a hard reboot is kind of like an initial instance boot, in that it makes fewer assumptions about how much you can trust the current state of the instance on the hypervisor node. Finally, a soft reboot which fails (probably because the instance operation system didn't respond to the ACPI event in a timely manner) is turned into a hard reboot after libvirt.wait_soft_reboot_seconds. So, we already perform hard reboots when a user asked for a soft reboot in certain error cases.

Its important to note that the actual reboot mechanism is similar though -- its just how patient we are and what side effects we create that change -- in libvirt they both end up as a shutdown of the virtual machine and then a startup.

Bug 1072751 reported an interesting edge case with a soft reboot though. If nova-compute crashes after shutting down the virtual machine, but before the virtual machine is started again, then the instance is left in an inconsistent state. We can demonstrate this with a devstack installation:

    Setup the right version of nova cd /opt/stack/nova git checkout dc6942c1218279097cda98bb5ebe4f273720115d Patch nova so it crashes on a soft reboot cat - > /tmp/patch <<EOF > diff --git a/nova/virt/libvirt/ b/nova/virt/libvirt/ > index ce19f22..6c565be 100644 > --- a/nova/virt/libvirt/ > +++ b/nova/virt/libvirt/ > @@ -34,6 +34,7 @@ import itertools > import mmap > import operator > import os > +import sys > import shutil > import tempfile > import time > @@ -2082,6 +2083,10 @@ class LibvirtDriver(driver.ComputeDriver): > # is already shutdown. > if state == power_state.RUNNING: > dom.shutdown() > + > + # NOTE(mikal): temporarily crash > + sys.exit(1) > + > # NOTE(vish): This actually could take slightly longer than the > # FLAG defines depending on how long the get_info > # call takes to return. > EOF patch -p1 restart nova-compute inside devstack to make sure you're running the patched version... Boot a victim instance cd ~/devstack source openrc admin glance image-list nova boot --image=cirros-0.3.4-x86_64-uec --flavor=1 foo Soft reboot, and verify its gone nova list nova reboot cacf99de-117d-4ab7-bd12-32cc2265e906 sudo virsh list ...virsh list should now show no virtual machines running as nova-compute crashed before it could start the instance again. However, nova-api knows that the instance should be rebooting... $ nova list +--------------------------------------+------+---------+----------------+-------------+------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+------+---------+----------------+-------------+------------------+ | cacf99de-117d-4ab7-bd12-32cc2265e906 | foo | REBOOT | reboot_started | Running | private= | +--------------------------------------+------+---------+----------------+-------------+------------------+ start nova-compute again, nova-compute detects the missing instance on boot, and tries to start it up again... sg libvirtd '/usr/local/bin/nova-compute --config-file /etc/nova/nova.conf' \ > & echo $! >/opt/stack/status/stack/; fg || \ > echo "n-cpu failed to start" | tee "/opt/stack/status/stack/n-cpu.failure" [...snip...] Traceback (most recent call last): File "/opt/stack/nova/nova/conductor/", line 444, in _object_dispatch return getattr(target, method)(*args, **kwargs) File "/usr/local/lib/python2.7/dist-packages/oslo_versionedobjects/", line 213, in wrapper return fn(self, *args, **kwargs) File "/opt/stack/nova/nova/objects/", line 728, in save columns_to_join=_expected_cols(expected_attrs)) File "/opt/stack/nova/nova/db/", line 764, in instance_update_and_get_original expected=expected) File "/opt/stack/nova/nova/db/sqlalchemy/", line 216, in wrapper return f(*args, **kwargs) File "/usr/local/lib/python2.7/dist-packages/oslo_db/", line 146, in wrapper ectxt.value = e.inner_exc File "/usr/local/lib/python2.7/dist-packages/oslo_utils/", line 195, in __exit__ six.reraise(self.type_, self.value, self.tb) File "/usr/local/lib/python2.7/dist-packages/oslo_db/", line 136, in wrapper return f(*args, **kwargs) File "/opt/stack/nova/nova/db/sqlalchemy/", line 2464, in instance_update_and_get_original expected, original=instance_ref)) File "/opt/stack/nova/nova/db/sqlalchemy/", line 2602, in _instance_update raise exc(**exc_props) UnexpectedTaskStateError: Conflict updating instance cacf99de-117d-4ab7-bd12-32cc2265e906. Expected: {'task_state': [u'rebooting_hard', u'reboot_pending_hard', u'reboot_started_hard']}. Actual: {'task_state': u'reboot_started'}

So what happened here? This is a bit confusing because we asked for a soft reboot of the instance, but the error we are seeing here is that a hard reboot was attempted -- specifically, we're trying to update an instance object but all the task states we expect the instance to be in are related to a hard reboot, but the task state we're actually in is for a soft reboot.

We need to take a tour of the compute manager code to understand what happened here. nova-compute is implemented at nova/compute/ in the nova code base. Specifically, ComputeVirtAPI.init_host() sets up the service to start handling compute requests for a specific hypervisor node. As part of startup, this method calls ComputeVirtAPI._init_instance() once per instance on the hypervisor node. This method tries to do some sanity checking for each instance that nova thinks should be on the hypervisor:

  • Detecting if the instance was part of a failed evacuation.
  • Detecting instances that are soft deleted, deleting, or in an error state and ignoring them apart from a log message.
  • Detecting instances which we think are fully deleted but aren't in fact gone.
  • Moving instances we thought were booting, but which never completed into an error state. This happens if nova-compute crashes during the instance startup process.
  • Similarly, instances which were rebuilding are moved to an error state as well.
  • Clearing the task state for uncompleted tasks like snapshots or preparing for resize.
  • Finishes deleting instances which were partially deleted last time we saw them.
  • And finally, if the instance should be running but isn't, tries to reboot the instance to get it running.

It is this final state which is relevant in this case -- we think the instance should be running and its not, so we're going to reboot it. We do that by calling ComputeVirtAPI.reboot_instance(). The code which does this work looks like this:

    try_reboot, reboot_type = self._retry_reboot(context, instance) current_power_state = self._get_power_state(context, instance) if try_reboot: LOG.debug("Instance in transitional state (%(task_state)s) at " "start-up and power state is (%(power_state)s), " "triggering reboot", {'task_state': instance.task_state, 'power_state': current_power_state}, instance=instance) self.reboot_instance(context, instance, block_device_info=None, reboot_type=reboot_type) return [...snip...] def _retry_reboot(self, context, instance): current_power_state = self._get_power_state(context, instance) current_task_state = instance.task_state retry_reboot = False reboot_type = compute_utils.get_reboot_type(current_task_state, current_power_state) pending_soft = (current_task_state == task_states.REBOOT_PENDING and instance.vm_state in vm_states.ALLOW_SOFT_REBOOT) pending_hard = (current_task_state == task_states.REBOOT_PENDING_HARD and instance.vm_state in vm_states.ALLOW_HARD_REBOOT) started_not_running = (current_task_state in [task_states.REBOOT_STARTED, task_states.REBOOT_STARTED_HARD] and current_power_state != power_state.RUNNING) if pending_soft or pending_hard or started_not_running: retry_reboot = True return retry_reboot, reboot_type

So, we ask ComputeVirtAPI._retry_reboot() if a reboot is required, and if so what type. ComputeVirtAPI._retry_reboot() just uses nova.compute.utils.get_reboot_type() (aliased as compute_utils.get_reboot_type) to determine what type of reboot to use. This is the crux of the matter. Read on for a surprising discovery!

nova.compute.utils.get_reboot_type() looks like this:

    def get_reboot_type(task_state, current_power_state): """Checks if the current instance state requires a HARD reboot.""" if current_power_state != power_state.RUNNING: return 'HARD' soft_types = [task_states.REBOOT_STARTED, task_states.REBOOT_PENDING, task_states.REBOOTING] reboot_type = 'SOFT' if task_state in soft_types else 'HARD' return reboot_type

So, after all that it comes down to this. If the instance isn't running, then its a hard reboot. In our case, we shutdown the instance but haven't started it yet, so its not running. This will therefore be a hard reboot. This is where our problem lies -- we chose a hard reboot. The code doesn't blow up until later though -- when we try to do the reboot itself.

    @wrap_exception() @reverts_task_state @wrap_instance_event @wrap_instance_fault def reboot_instance(self, context, instance, block_device_info, reboot_type): """Reboot an instance on this host.""" # acknowledge the request made it to the manager if reboot_type == "SOFT": instance.task_state = task_states.REBOOT_PENDING expected_states = (task_states.REBOOTING, task_states.REBOOT_PENDING, task_states.REBOOT_STARTED) else: instance.task_state = task_states.REBOOT_PENDING_HARD expected_states = (task_states.REBOOTING_HARD, task_states.REBOOT_PENDING_HARD, task_states.REBOOT_STARTED_HARD) context = context.elevated()"Rebooting instance"), context=context, instance=instance) block_device_info = self._get_instance_block_device_info(context, instance) network_info = self.network_api.get_instance_nw_info(context, instance) self._notify_about_instance_usage(context, instance, "reboot.start") instance.power_state = self._get_power_state(context, instance) [...snip...]

And there's our problem. We have a reboot_type of HARD, which means we set the expected_states to those matching a hard reboot. However, the state the instance is actually in will be one correlating to a soft reboot, because that's what the user requested. We therefore experience an exception when we try to save our changes to the instance. This is the exception we saw above.

The fix in my patch is simply to change the current task state for an instance in this situation to one matching a hard reboot. It all just works then.

So why do we decide to use a hard reboot if the current power state is not RUNNING? This code was introduced in this patch and there isn't much discussion in the review comments as to why a hard reboot is the right choice here. That said, we already fall back to a hard reboot in error cases of a soft reboot inside the libvirt driver, and a hard reboot requires less trust of the surrounding state for the instance (block device mappings, networks and all those side effects mentioned at the very beginning), so I think it is the right call.

In conclusion, we use a hard reboot for soft reboots that fail, and a nova-compute crash during a soft reboot counts as one of those failure cases. So, when nova-compute detects a failed soft reboot, it converts it to a hard reboot and trys again.

Tags for this post: openstack reboot nova nova-compute
Related posts: One week of Nova Kilo specifications; Specs for Kilo; Juno nova mid-cycle meetup summary: nova-network to Neutron migration; Juno Nova PTL Candidacy; Juno nova mid-cycle meetup summary: scheduler; Juno nova mid-cycle meetup summary: ironic


Syndicated 2015-09-23 23:30:00 from : Mikal, a geek from Canberra living in Silicon Valley (no blather posts)

24 Sep 2015 mjg59   » (Master)

Filling in the holes in Linux boot chain measurement, and the TPM measurement log

When I wrote about TPM attestation via 2FA, I mentioned that you needed a bootloader that actually performed measurement. I've now written some patches for Shim and Grub that do so.

The Shim code does a couple of things. The obvious one is to measure the second-stage bootloader into PCR 9. The perhaps less expected one is to measure the contents of the MokList and MokSBState UEFI variables into PCR 14. This means that if you're happy simply running a system with your own set of signing keys and just want to ensure that your secure boot configuration hasn't been compromised, you can simply seal to PCR 7 (which will contain the UEFI Secure Boot state as defined by the UEFI spec) and PCR 14 (which will contain the additional state used by Shim) and ignore all the others.

The grub code is a little more complicated because there's more ways to get it to execute code. Right now I've gone for a fairly extreme implementation. On BIOS systems, the grub stage 1 and 2 will be measured into PCR 9[1]. That's the only BIOS-specific part of things. From then on, any grub modules that are loaded will also be measured into PCR 9. The full kernel image will be measured into PCR10, and the full initramfs will be measured into PCR11. The command line passed to the kernel is in PCR12. Finally, each command executed by grub (including those in the config file) is measured into PCR 13.

That's quite a lot of measurement, and there are probably fairly reasonable circumstances under which you won't want to pay attention to all of those PCRs. But you've probably also noticed that several different things may be measured into the same PCR, and that makes it more difficult to figure out what's going on. Thankfully, the spec designers have a solution to this in the form of the TPM measurement log.

Rather than merely extending a PCR with a new hash, software can extend the measurement log at the same time. This is stored outside the TPM and so isn't directly cryptographically protected. In the simplest form, it contains a hash and some form of description of the event associated with that hash. If you replay those hashes you should end up with the same value that's in the TPM, so for attestation purposes you can perform that verification and then merely check that specific log values you care about are correct. This makes it possible to have a system perform an attestation to a remote server that contains a full list of the grub commands that it ran and for that server to make its attestation decision based on a subset of those.

No promises as yet about PCR allocation being final or these patches ever going anywhere in their current form, but it seems reasonable to get them out there so people can play. Let me know if you end up using them!

[1] The code for this is derived from the old Trusted Grub patchset, by way of Sirrix AG's Trusted Grub 2 tree.

comment count unavailable comments

Syndicated 2015-09-24 01:21:04 from Matthew Garrett

23 Sep 2015 jas   » (Master)

Cosmos – A Simple Configuration Management System

Back in early 2012 I had been helping with system administration of a number of Debian/Ubuntu-based machines, and the odd Solaris machine, for a couple of years at $DAYJOB. We had a combination of hand-written scripts, documentation notes that we cut’n’paste’d from during installation, and some locally maintained Debian packages for pulling in dependencies and providing some configuration files. As the number of people and machines involved grew, I realized that I wasn’t happy with how these machines were being administrated. If one of these machines would disappear in flames, it would take time (and more importantly, non-trivial manual labor) to get its services up and running again. I wanted a system that could automate the complete configuration of any Unix-like machine. It should require minimal human interaction. I wanted the configuration files to be version controlled. I wanted good security properties. I did not want to rely on a centralized server that would be a single point of failure. It had to be portable and be easy to get to work on new (and very old) platforms. It should be easy to modify a configuration file and get it deployed. I wanted it to be easy to start to use on an existing server. I wanted it to allow for incremental adoption. Surely this must exist, I thought.

During January 2012 I evaluated the existing configuration management systems around, like CFEngine, Chef, and Puppet. I don’t recall my reasons for rejecting each individual project, but needless to say I did not find what I was looking for. The reasons for rejecting the projects I looked at ranged from centralization concerns (single-point-of-failure central servers), bad security (no OpenPGP signing integration), to the feeling that the projects were too complex and hence fragile. I’m sure there were other reasons too.

In February I started going back to my original needs and tried to see if I could abstract something from the knowledge that was in all these notes, script snippets and local dpkg packages. I realized that the essence of what I wanted was one shell script per machine, OpenPGP signed, in a Git repository. I could check out that Git repository on every new machine that I wanted to configure, verify the OpenPGP signature of the shell script, and invoke the script. The script would do everything needed to get the machine up into an operational stage again, including package installation and configuration file changes. Since I would usually want to modify configuration files on a system even after its initial installation (hey not everyone is perfect), it was natural to extend this idea to a cron job that did ‘git pull’, verified the OpenPGP signature, and ran the script. The script would then have to be a bit more clever and not redo everything every time.

Since we had many machines, it was obvious that there would be huge code duplication between scripts. It felt natural to think of splitting up the shell script into a directory with many smaller shell scripts, and invoke each shell script in turn. Think of the /etc/init.d/ hierarchy and how it worked with System V initd. This would allow re-use of useful snippets across several machines. The next realization was that large parts of the shell script would be to create configuration files, such as /etc/network/interfaces. It would be easier to modify the content of those files if they were stored as files in a separate directory, an “overlay” stored in a sub-directory overlay/, and copied into the file system’s hierarchy with rsync. The final realization was that it made some sense to run one set of scripts before rsync’ing in the configuration files (to be able to install packages or set things up for the configuration files to make sense), and one set of scripts after the rsync (to perform tasks that require some package to be installed and configured). These set of scripts were called the “pre-tasks” and “post-tasks” respectively, and stored in sub-directories called pre-tasks.d/ and post-tasks.d/.

I started putting what would become Cosmos together during February 2012. Incidentally, I had been using etckeeper on our machines, and I had been reading its source code, and it greatly inspired the internal design of Cosmos. The git history shows well how the ideas evolved — even that Cosmos was initially called Eve but in retrospect I didn’t like the religious connotations — and there were a couple of rewrites on the way, but on the 28th of February I pushed out version 1.0. It was in total 778 lines of code, with at least 200 of those lines being the license boiler plate at the top of each file. Version 1.0 had a debian/ directory and I built the dpkg file and started to deploy on it some machines. There were a couple of small fixes in the next few days, but development stopped on March 5th 2012. We started to use Cosmos, and converted more and more machines to it, and I quickly also converted all of my home servers to use it. And even my laptops. It took until September 2014 to discover the first bug (the fix is a one-liner). Since then there haven’t been any real changes to the source code. It is in daily use today.

The README that comes with Cosmos gives a more hands-on approach on using it, which I hope will serve as a starting point if the above introduction sparked some interest. I hope to cover more about how to use Cosmos in a later blog post. Since Cosmos does so little on its own, to make sense of how to use it, you want to see a Git repository with machine models. If you want to see how the Git repository for my own machines looks you can see the sjd-cosmos repository. Don’t miss its README at the bottom. In particular, its global/ sub-directory contains some of the foundation, such as OpenPGP key trust handling.

Syndicated 2015-09-23 22:38:35 from Simon Josefsson's blog

23 Sep 2015 wingo   » (Master)

amores prohibidos

It was with anxious trepidation that today, after having been officially resident in Spain for 10 years, working and paying taxes all that time, I went to file a request for Spanish nationality.

See, being a non-European resident in Europe is a precarious thing. If ever something happens "back home" with your family or to those that you love and you need to go help out, you might not be able to come back. Sure, if you keep your official residence in Europe maybe you can make it fly under the radar, but officially to keep your right of residence you need to reside, continually. It doesn't matter that you have all your life in Spain, or France, or wheresoever: if you have to leave for a year, you start over at day 1, if you are able to get back in.

In my case I moved away from the US when I was 22. I worked in Namibia for a couple years after college teaching in a middle school, and moved directly from there to Barcelona when a company started up around a free software project I had been working on. It was a more extreme version of the established practice of American diaspora: you go to college far away from home to be away from your parents, then upon graduation your first job takes you far away again, and as the years go by you have nothing left to go back to. Your parents move into a smaller house, perhaps in a different town, your town changes, everyone moved away anyway, and where is home? What makes a home? What am I doing here and if I stopped, is there somewhere to go back to, or is it an ever-removing onward?

I am 35 now. While it's true that there will always be something in my soul that pines for the smell of a mountain stream bubbling down an Appalachian hollow, there's another part of my heart that is twined to Europe: where I spent the all of my working life up to now, where I lived and found love and ultimately married. I say Europe and not specifically Barcelona because... well. My now-wife was living in Paris when we got together. I made many, many journeys on the overnight Talgo train in those days. She moved down to Barcelona with me for a couple years, and when her studies as an interpreter from Spanish and French moved her back to France, I went with her.

That move was a couple years ago. Since we didn't actually know how much time would be required there or if we would be in Switzerland or France I kept my official residence in Spain, and kept on as a Spanish salaried worker. I was terrified of the French paperwork to set up as a freelancer, even though with the "long-term residency-EU" permit it would at least be possible to make that transition. We lived a precarious life in Geneva for a while before finally settling in France.

A note about that. We put 12 months of rent (!!!) in an escrow account, as a guarantee that allowed us to be able to rent our house. In France this is illegal: a landlord is only allowed to ask for a couple months or so. However in France you usually have a co-signer on a lease, and usually it's against your parent's house. So even if you are 45, you often have your parents signing off on your lease. We wouldn't have been able to find anything if we weren't willing to do this -- one of many instances of the informal but very real immigrant tax.

All this time I was a salaried Spanish worker. This made it pretty weird for me in France. I had to pretend I was there on holiday to get covered by health care, and although there is a European health card, it's harder to get if you are an immigrant: the web page seems to succeed but then they email you an error and don't tell why. The solution is to actually pass by the office with your residence permit, something that nationals don't need. And anyway this doesn't cover having a family doctor, despite the fact that I was paying for it in Spain.

This is one instance of the general pattern of immigrants using the health care system less than nationals. If you are British, say, then you know your rights and you know how the NHS works and you make it work for you. If you are an immigrant, maybe English is your second language, probably you're poor, you're ignorant of the system, you don't have family members or a big support system to tell you how the system works, you might not speak or write the language well, and probably all your time is spent working anyway because that's why you're there.

In my case I broke my arm a couple years ago while snowboarding in France. (Sounds posh but it's not really.) If all my papers were in order and I understood the system I would probably have probably walked out without paying anything. As it was I paid some thousands of euros out of my pocket, and that is my sole interaction with health care over the course of the last 5 years I think. I still have to get the plate taken out of my arm; should have done that a year ago. It hurts sometimes.

There is a popular idea about immigrants scrounging on benefits, and as a regular BBC radio 1 listener I hear that phrase in the voice of their news presenters inciting their listeners to ignorant resentment of immigrants with their racist implications that we are somehow "here" for "their" things. Beyond being implausible that an immigrant would actually receive benefits at all, it's unlikely that they would be able to continue to do so, given that residence is predicated on work.

In the US where there are no benefits the phrase is usually reduced to "immigrants are stealing our jobs", a belief encouraged by the class of people that employ immigrants: the owners. If you encourage a general sentiment of "immigrants are bad, let's make immigrants' life difficult", you will have cheaper, more docile workers. The extreme form of this is the American H1B visa, in which if you quit your job, for whatever reason, even if your boss was sexually harrassing you, you have only one week to find another job or you're deported back to your "home". Whatever "home" means.

And besides, owners only hire workers if they produce surplus value. If the worker doesn't pay off, you fire them. Wealth transfer from workers to owners is in general from immigrants to nationals, because if you are national, maybe you inherited your house and could spend your money starting your business. Maybe you know how to get the right grants. You speak the language and have the contacts. Maybe you inherited the business itself.

I go through all this detail because when you were born in a place and grew up in a place and have never had to deal with what it is like being an immigrant, you don't know. You hear a certain discourse, almost always of the form "the horde is coming", but you don't know. And those that are affected the most have no say in the matter.

Of course, it would be nice to pass over to the other side, to have EU citizenship. Spanish would do, but any other Schengen citizenship would at least take away that threat of deportation or, what is equivalent, denial of re-entry. So I assembled all the documentation: my birth certificate from the US, with its apostille, and the legal Spanish translation. My criminal record check in the US, with its apostille, and the legal translation. The certificates that I had been continually resident, my social security payments, my payslips, the documents accrediting me as a co-owner of my company, et cetera.

All prepared, all checked, I go to the records department to file it, and after a pleasantly short half-hour wait I give the documents to the official.

Who asks if I have an appointment -- but I thought the papers could be presented and then they'd give me an appointment for the interview?

No matter, she could give me an appointment -- for May.


And then some months later there would be a home visit by the police.

And then they'd assess my answers on a test to determine that I had sufficient "cultural integration", but because it was a new measure they didn't have any details on what that meant yet.

And then they'd give me a number some 6 months later.

And then maybe they would decide after some months.

So, 2018? 2019, perhaps?

This morning the streets of Barcelona were packed with electoral publicity, almost all of it urging a vote for independence. After the shock and the sadness of the nationality paperwork things wore off, I have been riding the rest of the day on a burning anger. I've never, never been able to vote in a local election, and there is no near prospect of my ever being able to do so.

As kids we are sold on a story of a fictional first-person-plural, the "we" of state, and we look forward to coming of age as if told by some benevolent patriarch, arm outstretched, "Some day, this will all be yours." Today was the day that this was replaced in my mind by the slogan pasted all around Barcelona a few years ago, "no vas a tener una casa en la puta vida" (you'll never own a house in your fucking life). It's profoundly sad. My wife and I will probably be between the two countries for many years, but being probably forever third-class non-citizens: "in no day will you ever belong to a place."

I should note before finishing that I don't want to hear "it could be worse" or anything else from non-immigrants. We have much less political power than you do and I doubt that you understand what it is like. What needs to happen is a revaluing of the nature of citizenship: countries are for the people that are in them, not for some white-pride myth of national identity or only for those that were born there or even for people who identify with the country but don't live there. Anything else is inhuman. 10+ years to simply *be* is simply wrong.

As it is, I need to reduce the precarious aspect of my life so I will probably finally change my domicile to France. It's a loss to me: I lose the Spanish nationality process, all my familiarity with the Spanish system, the easy life of being a salaried employee. I know my worth and it's a loss to Spain too. Probably I'll end up cutting all ties there; too bad. And I count myself lucky to be able to do this, due to the strange "long term-EU" residency permit I got a few years ago. But I'm trading a less precarious life for having to set up a business, figure out social security, all in French -- and the nationality clock starts over again.

At least I won't have to swear allegiance to a king.

Syndicated 2015-09-23 22:12:53 from wingolog

23 Sep 2015 marnanel   » (Journeyer)


Every new word makes someone complain. Here’s how “humbug” was received in the 1750s.

There is a word very much in vogue with the people of taste and fashion, which though it has not even the ‘penumbra’ of a meaning, yet makes up the sum total of the wit, sense and judgement of the aforesaid people of taste and fashion! I will venture to affirm that this ‘Humbug’ is neither an English word, nor a derivative from any other language. It is indeed a blackguard sound, made use of by most people of distinction! It is a fine make-weight in conversation, and some great men deceive themselves so egregiously as to think they mean something by it! – “The Student; or the Oxford and Cambridge monthly miscellany”, 1750

…odious, horrible, detestable, shocking, Humbug. This last new-coined expression, which is only to be found in the nonsensical vocabulary, sounds absurd and disagreeable, whenever it is pronounced. – “The Connoisseur”, 1754, issue 14

Our pretenders to wit is not still more barbarous. When they talk of Humbug, &c. they seem to be jabbering in the uncouth dialect of the Huns. – “The Connoisseur”, 1754, issue 42

[image: “Mint humbugs” by Ka Faraq Gatri. Licensed under CC BY-SA 3.0] This entry was originally posted at Please comment there using OpenID.

Syndicated 2015-09-23 20:28:03 (Updated 2015-09-23 20:31:13) from Monument

23 Sep 2015 badvogato   » (Master)

Cray-4 supercomputer processor sold on Auction for $37,500.

1st ASIC bitcoin computer by is for $399 pre-order on Amazon.

Will you spent $399 to find out if its promise of giving digital consumer a tool so they might become not only a mere consumer but more productive and thoughtful designer for other digital products that better serve all under-served sectors of our interconnected human life? What other product/place that your current budget of $399 may be better spent?

23 Sep 2015 mikal   » (Journeyer)

First trail run

So, now I trail run apparently. This was a test run for a hydration vest (thanks Steven Hanley for the loaner!). It was fun, but running up hills is evil.

Interactive map for this route.

Tags for this post: blog canberra trail run
Related posts: Chicken run; Update on the chickens; Boston; Random learning for the day


Syndicated 2015-09-22 17:26:00 from : Mikal, a geek from Canberra living in Silicon Valley (no blather posts)

22 Sep 2015 mikal   » (Journeyer)

Camp Cottermouth

I spent the weekend at a Scout camp at Camp Cottermouth. The light on the hills here in the mornings is magic.


Interactive map for this route.

Tags for this post: blog pictures 20150920 photo canberra bushwalk
Related posts: Goodwin trig; Big Monks; Geocaching; Confessions of a middle aged orienteering marker; A quick walk through Curtin; Narrabundah trig and 16 geocaches


Syndicated 2015-09-21 18:21:00 from : Mikal, a geek from Canberra living in Silicon Valley (no blather posts)

20 Sep 2015 mjg59   » (Master)

The Internet of Incompatible Things

I have an Amazon Echo. I also have a LIFX Smart Bulb. The Echo can integrate with Philips Hue devices, letting you control your lights by voice. It has no integration with LIFX. Worse, the Echo developer program is fairly limited - while the device's built in code supports communicating with devices on your local network, the third party developer interface only allows you to make calls to remote sites[1]. It seemed like I was going to have to put up with either controlling my bedroom light by phone or actually getting out of bed to hit the switch.

Then I found this article describing the implementation of a bridge between the Echo and Belkin Wemo switches, cunningly called Fauxmo. The Echo already supports controlling Wemo switches, and the code in question simply implements enough of the Wemo API to convince the Echo that there's a bunch of Wemo switches on your network. When the Echo sends a command to them asking them to turn on or off, the code executes an arbitrary callback that integrates with whatever API you want.

This seemed like a good starting point. There's a free implementation of the LIFX bulb API called Lazylights, and with a quick bit of hacking I could use the Echo to turn my bulb on or off. But the Echo's Hue support also allows dimming of lights, and that seemed like a nice feature to have. Tcpdump showed that asking the Echo to look for Hue devices resulted in similar UPnP discovery requests to it looking for Wemo devices, so extending the Fauxmo code seemed plausible. I signed up for the Philips developer program and then discovered that the terms and conditions explicitly forbade using any information on their site to implement any kind of Hue-compatible endpoint. So that was out. Thankfully enough people have written their own Hue code at various points that I could figure out enough of the protocol by searching Github instead, and now I have a branch of Fauxmo that supports searching for LIFX bulbs and presenting them as Hues[2].

Running this on a machine on my local network is enough to keep the Echo happy, and I can now dim my bedroom light in addition to turning it on or off. But it demonstrates a somewhat awkward situation. Right now vendors have no real incentive to offer any kind of compatibility with each other. Instead they're all trying to define their own ecosystems with their own incompatible protocols with the aim of forcing users to continue buying from them. Worse, they attempt to restrict developers from implementing any kind of compatibility layers. The inevitable outcome is going to be either stacks of discarded devices speaking abandoned protocols or a cottage industry of developers writing bridge code and trying to avoid DMCA takedowns.

The dystopian future we're heading towards isn't Gibsonian giant megacorporations engaging in physical warfare, it's one where buying a new toaster means replacing all your lightbulbs or discovering that the code making your home alarm system work is now considered a copyright infringement. Is there a market where I can invest in IP lawyers?

[1] It also requires an additional phrase at the beginning of a request to indicate which third party app you want your query to go to, so it's much more clumsy to make those requests compared to using a built-in app.
[2] I only have one bulb, so as yet I haven't added any support for groups.

comment count unavailable comments

Syndicated 2015-09-20 21:22:20 from Matthew Garrett

20 Sep 2015 fzort   » (Journeyer)

sye: thanks for the link to "A Can of Worms". (Reminded me a bit of a small book I have...)

19 Sep 2015 sye   » (Journeyer)

wow great translation work there!

1. The hedgehog 刺猬
What do you mean, I'm too much of an individualist? Why don't you make more of an effort to get me to join in ?

2. The snail 蜗牛
Bourgeois? Moi? That's a good one. I suppose you think it's fun carrying a house around on your back?

19 Sep 2015 badvogato   » (Master)

FP on advogato is statically linked to two lousy authorship now? I don't believe it. Have we reached THE end of diverse content?


Here's my re-interpretation in English:

Whence SHIT comes from one hole, all is saved.
Whence SHIT comes from one hole and one mouth, hands are still good.
Whence SHIT comes from one hole, one mouth and two hands, one can still run away with his feet.
Whence SHIT comes from one hole, one mouth, two hands and three legs, all is doomed.

And of course, such foul language needs to be cleaned up with some compensation in another comparative reading.

盧梅坡〈雪梅〉:「梅雪爭春未肯降,騷人擱筆費評章。梅須遜雪三分白, 雪卻輸梅一段香。」這首詩從雪與梅之異同處出發,指出物各有其特色。 冬天的梅與雪,在春天隱而不見,因此引起了騷人墨客的歎惋。然也因此, 顯出梅的精神、雪的特殊。梅與雪同是冬景之一,然不同處則是梅有暗香, 雪有皚皚的白,各有各的特色,難以分出高下。這就如同每個人各有特色, 他人是替代不得的。

My rendition in English:

Ume blossoms on snow covered branches
yearn to be favored by the coming and going season
Idling scholars put away their pens
meditating on the life and death of winter blossoms

Ume ought not to subject itself to harsh winter snow
Yet snow is totally crushed by Ume's fleeting scent.

19 Sep 2015 olea   » (Master)

How after an upgrade my /etc/sysconfig/docker-storage got me mad

I have a running docker service in a Fedora 21 sustem for a while. Recently I got some disgusting erros preventing restart docker:

device-mapper: table: 253:7: thin: Couldn't open thin
internal device 

I am a docker newbie so I lost a lot of time thinking if my thin device got corrupt or whatever. Indeed I openened an issue (#16341) to the docker project to report it. But now I conclude is not an upstream error but a Fedora's packaging one.

The problem was caused in this regular update:

which did this:
+DOCKER_STORAGE_OPTIONS=--storage-driver devicemapper --storage-opt
-dm.fs=xfs --storage-opt dm.thinpooldev=/dev/mapper/vg_patxuko-docker--pool

And after the next system reboot the docker service was unable to restart. Removing the DOCKER_STORAGE_OPTIONS value returned system to service.

More details at this comment.

Hope it helps


Syndicated 2015-09-19 09:34:00 from Ismael Olea

18 Sep 2015 amits   » (Journeyer)

30 Years of GNU and Software Freedom Day

It’s 30 years of GNU — 30 years of freedom and 30 years of owning one’s computers. I can’t imagine a life where I don’t have control over the software I run. I’m going to be eternally thankful to RMS and Linus for starting the mass movements that have not only transformed an entire industry, but also shaped my thinking and my career.

A few Red Hatters (including yours truly) have shared stories of their first brush with free software here — give it a read, it’s a good trip down the memory lane, as well as some inspiring anecdotes from people who have been involved with free software for a really long time.

Here’s wishing everyone a liberating Software Freedom Day (Sep 19th), and many more years of freedom to everyone!

Syndicated 2015-09-18 17:48:45 from Think. Debate. Innovate.

18 Sep 2015 bagder   » (Master)

daniel weekly 41, now in markdown

Episode 41, just out: