2007 October : Bob Plankers, The Lone Sysadmin

Archive for October, 2007

Weinberg’s Second Law »

By Bob Plankers on Oct 31, 2007 in Featured, Quotes | 4 Comments

“If builders built houses the way programmers built programs, the first woodpecker to come along would destroy civilization.”

Unfriendly URLs Are Bad »

By Bob Plankers on Oct 30, 2007 in Featured, System Administration | 0 Comments

I was reading Raj Dash’s post “41 Reasons Why Your Blog Probably Sucks.” Reason number 30 sticks out to me: Unfriendly URLs.

He’s talking about blogs, specifically, but this is a battle I fight every day with web applications.

When we build new services and deploy new applications we have a choice. Do we make the users remember some awful URL, or do we use DNS and web redirects & aliases to simplify things?

Here’s an example from my life. Someone in my organization thinks it’s okay to make people remember this URL in order to do their time reporting:

https://barney.company.com:9001/OA_HTML/US/ICXINDEX.htm

If I’m on a machine where I don’t have that URL bookmarked I won’t be able to find it. I have to ask someone, look in documentation, or call a Help Desk, all of which makes me feel like an idiot. Like most others, I don’t like feeling like an idiot. Why couldn’t they have registered something easy to remember, like:

https://timesheet.company.com/

as a virtual host and redirected me to the right place?

This also goes for http:// vs. https://, too. If you want your service to use SSL then make it friendly for those people who just type time.company.com in their browser (which will always assume http://). Redirect them to the SSL side, rather than going nowhere or giving them an error.

How to Install a tftp Server on Red Hat Enterprise Linux »

By Bob Plankers on Oct 29, 2007 in Featured, How To | 2 Comments

I install a tftp server about once every three years. As such I never remember what needs to happen, and this time a Google search didn’t have a nice answer for me. So, as my latest contribution to the world of HOWTOs, I present the non-idiot’s concise guide to installing and configuring a tftp server.

As always if you have suggestions or corrections just add them as comments, and I’ll update the text here.

This will give you the default /tftpboot directory. I assume that if you need a filesystem there you can handle adding one there on your own. :-) If you want to change the filesystem you can do that in /etc/xinetd.d/tftp, in the server_args field. Don’t forget to reload xinetd after you change it.

1. Install the tftp server software and enable it:

/usr/bin/up2date tftp-server /sbin/chkconfig tftp on

3. Because it runs via xinetd reload that to pick up the configuration file change:

/sbin/service xinetd reload

4. Edit /etc/sysconfig/iptables-config and edit the IPTABLES_MODULES line to read:

IPTABLES_MODULES="ip_conntrack_tftp"

If you already have something in that line just add the new module with a space as a delimiter, like:

IPTABLES_MODULES="ip_conntrack_ftp ip_conntrack_tftp"

5. Add firewall rules to /etc/sysconfig/iptables. You probably only need UDP, though I always add the TCP rules, too (they’re both listed in /etc/services for port 69):

-A RH-Firewall-1-INPUT -s 10.1.0.0/16 -m tcp -p tcp --dport 69 -j ACCEPT -A RH-Firewall-1-INPUT -s 10.1.0.0/16 -m udp -p udp --dport 69 -j ACCEPT

(two lines here if it’s wrapping)

6. Restart iptables to pick up the changes from steps 4 and 5:

/sbin/service iptables restart

7. Add the proper lines to /etc/hosts.allow:

in.tftpd: 10.1.

8. Put something in /tftpboot to retrieve with a client, for testing.

9. Use a client from an allowed IP range to test:

$ tftp my.tftp.server.com tftp> get filename.bin

9. If you get an error check /var/log/secure and /var/log/messages on the server, and start eliminating potential problems one at a time (disable iptables, put ALL in hosts.allow, etc.) until you find the problem.

Have fun!

Mental Shutdown Alert: Living Document »

By Bob Plankers on Oct 29, 2007 in Featured, Outright Rant | 0 Comments

Term that causes mental shutdowns: living document

Rationale: Some glossaries state that “in a living document a topic is covered more completely over time” but I don’t see how that doesn’t apply to all documents. Aren’t all documents editable, with varying degrees of work required to edit them? It seems that the term “living document” is mainly used by people who want others to think print is dead. It just takes more time for the revisions to be published for printed material.

When a document updates itself it can be dubbed “living” but until then it’s a mechanical turk, with me as the part that’s alive.

Watch words: organic, ecosystems.

What won’t make my head explode: refer to it as “updating the document.”

links for 2007-10-29 »

By Bob Plankers on Oct 29, 2007 in del.icio.us | 0 Comments

Seth’s Blog: Permeability
jwz - your money is full of lies!
Interpreting Apple - Vox

It’s interesting that within most organizations the world-changing things start out as a single suggestion from a single individual, often in a team far away from the actual product team. Apple appears no different.
SPACE.com — Lunar Lander Challenge Ends in Fire, Disappoinment

Bad news for John Carmack’s Armadillo Aerospace.
Staph infection here to stay

It’s the overuse of antibacterial cleaning products and antibiotics that created this problem. Oh, and while we’re at it I’d like to see the Intelligent Design folks explain how this isn’t evolution. Was the bacteria just waiting until now to strike back?
HouseFront | Your Real Estate Search and Valuation Tool

Cool - text an address to ‘HOUSE’ on your phone (46873) and it’ll give you stats and a valuation.