I recently had to setup netconsole in order to diagnose some grsecurity-related suspend/resume problems. The idea is to have the broken machine send its kernel messages to a remote machine via the network.

As a prerequisite, the local machine (the one sending the console messages) must have the following kernel options turned on:

• CONFIGFS_FS
• NETCONSOLE
• NETCONSOLE_DYNAMIC

(The first and last ones are required in order to be able to configure netconsole after boot, through the configfs interface.)

Some weeks ago, I accidentally deleted half of my /usr/lib. I didn't lose anything important and was able to restore everything (thanks to my Ctrl+C'ing the process in time) but that user error did strike me as too easy to make (apparently, I'm not alone). So I started thinking about how I could prevent something like that from happening again.

Monkeytail is a neat little tool which allows web developers and sysadmins to easily watch new additions to their log files by tailing them (i.e. tail -f) and providing helpful vertical spacing after detecting pauses in the output.

What makes monkeytail so useful is its ability to easily tail multiple files together, even when it involves connecting to these machines over ssh and running sudo on them. For example, you could tail all of your load-balanced servers by doing:
mtail @webservers
where webservers is an alias defined in ~/.mtailrc:
<group webservers>
sudo yes
<file>
filename /var/log/apache2/error.log

Writing the software is only one component of a successful Free Software project. If you want to build a community around your pet project, there are a number of important things you need to do but which typically fall outside of the "coding" job. One of these tasks is choosing a license.

A license choice is very personal since it involves putting in writing the permissions and protections that you want to give with respect to your code. However, your choice of license will have a number of implications.
"A license can ruin a perfectly good piece of software"
- Jon StevensWhenever possible, try to avoid:

Laptops are easily lost or stolen and in order to protect your emails, web passwords, encryption keys, etc., you should really think about encrypting (at least) your home directory.

If you happen to have /home on a separate partition already (/dev/hda5 in this example), then it's a really easy process:

1. Copy your home directory to a temporary directory on a different partition:
   mkdir /homebackup
   cp -a /home/* /homebackup
2. Encrypt your home partition:
   umount /home
   cryptsetup -h sha256 -c aes-cbc-essiv:sha256 -s 256 luksFormat /dev/hda5
   cryptsetup luksOpen /dev/hda5 chome
   mkfs.ext3 -m 0 /dev/mapper/chome
3. Add this line to /etc/crypttab:
   
   Average: Select ratingPoorOkayGoodGreatAwesome

Andrew Caudwell's Logstalgia (aka ApachePong) has made it to Debian! It's a fun little Apache access log viewer which replays old logs (or streams live ones) as an OpenGL pong game.

So grab your favourite high-traffic access log and head over to the download page to check it out. There's also a youtube video if you can't find an interesting log file to use it with.

I've been using GMail ever since they decided to allow users to download their mail using POP. I was happy reading my email as usual in mutt. The only problem was that I had to log onto the website once in a while to clear out my spam folder and fish out the false positives.

I have created two separate RSS/Atom feeds that might be of interest to MythTV and Schedules Direct users:

• MythTV News Feed
• Schedules Direct News Feed

They are updated once a day by a small Perl script.

You can also subscribe to these feeds by email:

• Subscribe to MythTV News by email
• Subscribe to Schedules Direct News by email

Even with a fully encrypted system (root and swap partitions), your data is still vulnerable while your computer is on. That's why Bruce Schneier recommends a two-tier encryption strategy.

The idea is that infrequently used files are moved to a separate partition, encrypted with a different key. That way, the bulk of your data files is protected even if your laptop is hijacked or if an intruder manages to steal some files while your main partition is decrypted.

Mutt has a built-in feature for search the body of emails in the current mailbox (see ESC-b) but it's also possible to make this extremely fast by plugging-in external tools. Here's a quick description of my mairix setup.

After installing the package,
apt-get install mairixcreate a .mairixrc in your home directory containing something like:
base=/home/username/Mail
maildir=inbox:archives*:sent*
mbox=debian*:jokes
mfolder=search
database=/home/username/Mail/.mairix_database
(This assumes that you store your mail in ~/Mail and that you want the search results in a new ~/Mail/search maildir folder.)

Since mutt seems to be all the rage these days at work, I might as well document here a few things about my .muttrc that might be useful to others.

(I recommend that you start off with the Debian or Ubuntu package for mutt since a large chunk of necessary customization work has already been done by the Debian maintainers.)

Multi-threading can cause hard-to-diagnose problems and they are especially visible on multi-core CPUs (or multi-CPU systems) where threads actually run concurrently.

Here's a quick way to find out if the segfaults you are experiencing might be due to some concurrency/locking problem: force the application to run on a single CPU using schedtool (part of the schedtool package on Debian/Ubuntu).
schedtool -a 0 -e applicationnameThis is just one example of what you can do with the CPU Affinity controls on Linux.

Most people know that you can run commands "in the background" on UNIX by prefixing them with "nice":
nice run_long_script.shWhat that does of course is reduce the priority of the process so that the CPU scheduler only runs it when nothing else (of a higher priority) wants to run. What it doesn't do however is run the process without any impact whatsoever on your other tasks. The reason is that the background process can still ruin the performance of your computer by monopolizing the hard disk.

It turns out that Linux 2.6.13 or later (with the CFQ scheduler) support a tool called ionice which is a "nice" command for I/O operations (like disk accesses). It works like this: