Josh's Blog - Linux

nmh 1.3-RC1 is out

nospam@example.com (Josh Bressers) — Tue, 29 Apr 2008 23:32:42 +0000

So while I know there aren't many nmh users around, I figure I'll make some noise about it anyway. nmh-1.3-RC1 is out. I've updated the packages in Fedora 8 and 9, they should go live with the next package update.

I dare say the biggest change from nmh 1.2 (which was in 2005) is the inclusion of proper unicode character support. Now you can read all that unicode spam the way it was meant to be seen! There were also of course numerous bugs fixed as well.

New colo machine

nospam@example.com (Josh Bressers) — Mon, 29 Jan 2007 21:00:00 +0000

So I got a new colo machine today. I was previously using a service called unixshell#, which was based on xen. In general I've had mostly good experiences with unixshell#, but I noticed that they were directing people to their new offering running on virtuozzo, TekTonic, with a price that's hard to pass up. For $15 a month I get

256MB Dedicated RAM
10GB Disk Space
Dual Processors
1.0 Mbit Unmetered (equiv. 320GB)
1 IP Address

So far I'm pretty happy. I've already noticed that the virtuozzo setup caps the disk IO. Normally this would be a bad thing as my performance on IO heavy tasks isn't great, but it also means that other users on the same hardware can't destroy my performance by running find. The best part of the whole thing was my unixshell# machine was magically migrated to the virtuozzo host, which took zero time on my part for this migration to happen.

I figured I'd give TekTonic my praises and let anyone looking for a decent inexpensive shared hosting colo a place to look.

Using Xen to Segment Applications

nospam@example.com (Josh Bressers) — Thu, 06 Apr 2006 22:05:00 +0000

I've been toying with the idea of using a xen virtual machine to segment various at risk applications I run. Once I have some of the kinks worked out I may create a howto. The idea is to create a xen virtual machine that needs as little memory as possible, then run a single application within it. I've done my testing with firefox as the browser tends to be a glutton for punishment. I'm aware that is a bit paranoid, but anytime security is involved, being a little paranoid is good. Beyond the paranoia, if a security feature adds value without being a hinderance, it's a very good thing.

I've found that after installing FC5 and stripping out all services other than sshd, I can run firefox with little trouble in a xen domain allocated 64 MB of memory. It's not as snappy as it would be if I was running it on this desktop instance, but it's very usable. I imagine things would work better if I wasn't tunneling my X connection over ssh.

There are still a few issues I'm trying to work out.

- Sound. Right now I get no sound from things like flash. This is really only an issue when I'm wondering what Strong Bad is up to.

- Plugins and helper applications. I don't have any movie players configured (see my sound comment above). I also have the problems of viewing various documents. If I open a PDF viewer, my memory needs go up. Something like OpenOffice.org will raise them dramatically. With the price of memory, I can probably handle giving my xen instance 128 MB or 256 MB, but my goal is to be a memory miser.

- Downloads. If I download a file, it lives on my xen instance. This should be fairly easy to solve by enabling NFS.

I've also experimented with the idea of setting my / partition to read only via the xen configuration file. This would ensure that even if someone could become root and get past SELinux, they could only modify /home and /tmp. The other nifty thing with a read only / is that I can share that partition between two concurrent xen sessions without any ill effects (at least none I can see).

That leads into my plans to run firefox and gaim from their very own xen instances, but with a single shared /. That would mean I only have to run a yum update once, and update all my running instances, but there is much testing I still need to do regarding that.

Encrypted filesystems

nospam@example.com (Josh Bressers) — Sat, 25 Mar 2006 22:13:56 +0000

There is currently a thread on the fedora-maintainers mailing list about using encrypted filesystems. This thread has been ongoing for a few days, and I found it odd that nobody pointed out a really nice and easy to use fuse filesystem called EncFS

Some things it can do is encrypt a directory (and the things that live below it), along with letting me backup the encrypted data without having to jump through hoops.

I highly suggest taking a look. It's available in Fedora Extras as the fuse-encfs package.

National Free Tech Support Week

nospam@example.com (Josh Bressers) — Tue, 27 Dec 2005 02:54:27 +0000

I've spent a fair amount of time this week working on computer problems for my family. I often wonder how much free tech support happens during the holiday season. Sometimes I want to install a Linux distribution for my family members, but then I have nightmares about trying to explain why the $2 CD of 74,000 photo editing programs they bought won't work.

Hopefully as Windows becomes more obtuse, I become more unable to actually help as I don't own anything that runs Windows