null blog

I recently installed Xubuntu 12.04 LTS. Being a long time command line user I do work a lot with terminals. Xubuntu comes with xfce-terminal by default, which is quite memory hungry. It’s started via the exo wrappers, which enable you to configure different programs than the default ones. You do that via the Preferred Applications dialog menu in Settings Manager.

Rxvt is a lightweight terminal which can run in client-server mode, meaning that you start a server and every new terminal connects to it through a socket. Apart from taking up little memory, this approach further reduces the memory footprint of additional terminals. There is a downside to this – if the server process crashes, all your clients crash with it. So it goes. Urxvt is a fork of rxvt with unicode support and some other goodies. The urxvtcd program starts a server process and subsequent client processes. Below you have a comparision of the memory used by xfce-terminal, a single rxvt process and a urxvtd server process with two client terminals.

USER   PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
1000  3187  0.3  0.7 285928 14604 pts/5    Sl+  18:00   0:00 xfce4-terminal
1000  3177  0.1  0.1  40500  2724 pts/5    S+   17:59   0:00 rxvt
1000  2311  0.0  0.1  41604  3484 ?        S    17:05   0:00 urxvtd -q -f

The trouble is that the Preferred Aplications dialog doesn’t let run the command with arguments. I don’t know if this is a bug or a feature, but you have to resort to a bit of command line magic in order to run urxvtcd with the desired options. The first step is to set urxvtcd as the preferred terminal application and then edit the following file with your favourite editor and alter the X-XFCE-Commands line to run the program with the desired parameters:

$ vim ~/.local/share/xfce4/helpers/custom-TerminalEmulator.desktop
#
X-XFCE-CommandsWithParameter=urxvtcd -bg black -fg white -fn fixed +sb -tn rxvt -e "%s"
X-XFCE-Commands=urxvtcd -bg black -fg white -fn fixed +sb -tn rxvt

Voilà. Now you can happily run your lightweight terminal every time you click on the Terminal emulator icons in the context menu or on the panel. Of course, this tutorial assumes that you have already installed the rxvt-unicode or the rxvt-unicode-lite package.

Arnie Gundersen of Fairewinds Associates has indicated a flaw in the BWR Mk I nuclear reactor containment design, pointing to a pressure test conducted at the Brunswick NPP in North Carolina 40 years ago. It involves the lid of the containment lifting up at pressures of around 100 psi (6.9 bar), allowing gasses to escape. This might have caused at least some of the hydrogen explosions that occurred at the Fukushima Daiichi NPP.

FreeBSD 9.0 has been released. A lot of  important new features were added, such as FFS softupdates journaling, ZFS v28, HAST framework, Capsicum kernel sandboxing, user-level DTrace, TCP/IP congestion control framework, NFSv4, High Performance SSH, LLVM compiler infrastructure and clang, Sony PS3 support for the powerpc branch, and this new installer called bsdinstall.

The release announcement is available here.

Looks like Bill Gates trying to partner up with China in order to test the TerraPower TWR. We’ve been wondering about this design, namely about the heat transfer medium, nuclear waste management and reactor decommissioning. There’s no information about these issues on the TerraPower website and we all know the devil is in the details. Then we found out about a guy named Kirk Sorensen criticising the concept. He addressed exactly the last two points while providing a hint about the first. It turns out the heat transfer medium to be used by the TWR is liquid metal. Probably sodium. TerraPower’s idea of decommissioning and nuclear waste management is burying the whole thing once the nuclear fuel has been used up. Sorensen thinks it’s a bad idea to simply bury a 60 year old container with sodium and plutonium in it and any sane person would fully agree with him. Why? Well, probably because sodium is flamable and will explode in contact with water, while plutonium is radioactive and accumulates in the human body. In the end you essentialy have a big dirty bomb buried underground.

Looking at the footnote about Sorensen’s criticism we’ve found this video. It’s mainly a description of the LFTR and how this techology differs from current designs. Really interesting.

Running a rural based private network behind not one, but two NAT gateways and the impending IPv4 address exhaustion have led me tinkering with IPv6. We need outside access to at least one machine on that network. I’ve have been experimenting with Hurricane Electric tunnels and 6to4. So far both seem to work fine over one NAT but we had some problems with the he.net tunnels over two NAT gateways and I’m currently giving 6to4 a try. It’s trivial to set up. Here’s a nice article explaining how to do it on Debian based Linux systems. Yes, that includes Ubuntu. If you’re behind NAT, specify your private IPv4 address as the local endpoint.

Update: 6to4 works fine over one NAT but seemingly not over two of them. The he.net tunnel sometimes works, but most of the time it doesn’t, so I applied for a SixXS account to try out AYIYA. This approach tunnels IPv6 into layer 4 protocols such as UDP or TCP.

A couple of days ago, while browsing Tech Review we encountered an article about a new theory that suggests gravity emerges from quantum information. Wait! Wasn’t a version of this the central idea of the novel Definitely Maybe by the Strugatsky brothers? Indeed it was. In order to maximise entropy, the Universe is pulling tricks on us. According to Erik Verlinde’s theory, it does this by generating a force that redistributes matter. The mysterious force in the novel turns out to be gravity in Verlinde’s theory. Both ideas arise as a consequence to the second law of thermodynamics.

Sau cum să nu-ţi deranjezi vecinii atunci când asculţi muzică.

George Gabriel Stokes ne spune că atenuarea sunetului este direct proporţională cu pătratul frecvenţei. Aşadar frecvenţele joase vor fi mult mai slab atenuate, se vor propaga mult mai uşor prin pereţii despărţitori ai clădirii, ajungând în final la urechile (sau în stomacul) vecinilor voştri şi deranjându-i.

În concluzie, trebuie redusă în primul rând amplitudinea frecvenţelor joase, deci a başilor.

Allegedly, the OpenBSD crypto stack has backdoors carefuly placed in by FBI-sponsored open source developers ten years ago. If it’s true, this is very troubling news indeed. We do hope it’s only FUD.

Update: This is most probably BS. Here’s why. Supposedly, Bin Laden’s men are also involved. Right.

I have migrated two of my DNS servers from djbdns to NSD. The main issue with djbdns was the inability to handle BIND-style zone transfers properly which leads to interoperability problems with BIND and other nameservers. Otherwise it performs flawlessly as a stand-alone nameserver and DNS cache.

NSD is an authorative-only, high performance, simple and open-source name server. Like tinydns and unlike BIND it does not do recursion and caching, but then it doesn’t need to. Currently, three of the root-nameservers run NSD. If it’s good enough to run on a root-ns, then it’s good enough for me and you. It has most of the relevant features of modern DNS servers.

NSD uses BIND-syle zone files, so there’s no need to convert anything if you are migrating from BIND. Since I was migrating from djbdns I needed to convert the data back to BIND-speech. The easiest way to accomplish this is to replicate the zone data from the master using AXFR. Well for some reason or another when I attempted to use nsd-xfer(8) do this, it failed. As I checked the axfrdns logs it turned out to be a bogus query. Then I tried to accomplish the same with dig(1) which worked fine but it doubled the SOA records for some obscure reason. NSD itself transfers the zones just fine. So far it works like a charm, regardless if it’s in master or  slave configuration.

For the DNS cache I am still using dnscache. NLnet Labs also has an alternative called Unbound.

It’s been a while since we haven’t had any BSD related posts.

I have recently modified this script to generate a PF ruleset from the Spamhaus DROP list in order to keep evil packets out of your network. The DROP list is a tiny subset of the SBL containing netblocks controlled entirely by spammers. The modified script you can get here. To use it, put it somewhere in your PATH and run it once a day via cron. The ruleset is loaded via an anchor. In order to load it at boot time, put the following lines in your pf.conf above the usual rules:

# anchor for Spamhaus DROP list
anchor droplist
load anchor droplist from "/etc/pf.drop"

Enjoy.