JDPFu.com 2025

The last few weeks, we’ve been using Ubuntu 12.04 Server for internal testing as a VM host running KVM. The VMs have been a mix of 12.04, 10.04. and 8.04 systems. It has been stable with zero issues on that front. Below are the other changes recently made that you may find interesting.

Sitting at my desk this afternoon and the power went out for the entire house.

The power here is really good, barely a flicker even during the worst thunderstorms, so I sat for about 15 seconds staring at 2 blank monitors before deciding that something needed to be done. I wasn’t worried about any computers. All have a UPS or they are laptops with a built-in UPS. No immediate worries.

Since the entire house was out of power, I thought it could be the circuit breaker and walked to the garage to check it. Oops. No lights. I need to find a flashlight. Found one, checked all the breakers – none were thrown. Is that good news or bad?

The entire time, a 1500VA UPS has been diligently beeping. It has been 3 minutes and the power doesn’t appear to be coming back. I should start shutting down systems. Remember that power issue last month – I still haven’t found a replacement UPS for the right price, so a switch and router aren’t on any UPS. That means the laptop screen that I’d planned to use to cleanly shutdown all the virtual machines and hosts wasn’t going to work wihtout some power reconfiguration. The best laid schemes of ….

Just as I was considering the next steps to be taken, pulling connectors out of the laptop to take it to another location where it could be opened and typed on, the power came back on …. and stayed on. After pressing the display button on the UPS, it said 10 minutes of power left. Bullet dodged. Life is good.

I really need to get another UPS. I really do.

Just saw that MySQL and MariaDB have a root authentication bypass issue

A remote attacker can gain the root login to MySQL and MariaDB RDBMS by trying any password 200-500 times

Basically account password protection is as good as nonexistent.

Said the security researcher.

Think of all the content that is only protected by MySQL tables around the world. Many very popular releases are vulnerable. Fortunately, Debian, RHEL, CentOS are not, but most other distros including Ubuntu, Arch, Fedora, and OpenSUSE are.

Time to rethink your webhost OS?

It is definitely time to lock down network SQL access to only the specific clients that require it. Of course, patched versions will be available shortly. An out of cycle patch could be a good idea this week.

I’m like many of you. I use a few websites for convenience. About 3 yrs ago, I had 10 reused passwords, based on the importance of the service. Social sites got shorter passwords, more important sites like banks got longer, more complex, unique passwords. At that time, it made sense, and I had all these documented inside a plain text file that I kept ZIPed with a password.

Then I started using KeePassX, my password manager of choice. 20 or 60 character passwords didn’t matter. I was never going to enter them anyway. Complexity was handled by the built-in random generator and having a different password for every login became easy to do. That’s how I do it now.

I’m lazy. I didn’t go back and change every one of the old passwords to be more secure. Seriously, how important is a LinkedIn password?

Sometimes you have the solution and don’t realize it. I’ve been using ccextractor for years – at least 4, probably longer, to pull Closed Captions from recorded TV and convert them into SRT files before including them in MKV containers. For years, I knew how to get CC1 and CC2 out – the ccextractor help was clear on that. However, there was no mention of CC3 or CC4 – which is where the English captions are placed by a popular Spanish language TV network.

I love how software is very interconnected these days – NOT.

This morning I needed some information about yard tonics that I know is here and discovered that the sidebar for the blog wasn’t working correctly. There was an error message, so no RSS, search, topics, categories, etc… I haven’t changed anything in the setup for months. Normal fixing steps:

• restart typo – no joy.
• restart the VM – no joy.
• check the logs for an easy answer – nothing.
• log into the admin interface and play around with the sidebar a little – that simply showed that all but the “static” plugin was broken AND that the drag-n-drop interface to manage sidebars was broken too.
• switch to a different browser and see all the same issues.
  Ok, so I think it is some remote javascript library causing the problems. I open the source for a page and see that only local javascript is used – I remember now, I didn’t like that remote code would run on my site, so I made a local copy. That’s why the first time you visit here, the page loads slow. Regardless, that’s not the issue.

Google – nobody else is reporting this problem since 2006 under IE6. I am definitely not running IE6 here.

There is a newer version of the code. With all the local tweaks, installing a new version can be a hassle. I’ve been meaning to move this VM to a different 12.04 host anyway … now is as good a time as any – plus it rained today.

In a few hours, this blog should be running on a new physical box, under a different hypervisor, the first VM in my long planned migration. I’d hoped to switch from KVM to LXC for this VM to use fewer system resources, but I’m not prepared for that today.

Wish me luck!

I still need to find that tonic recipe too. Got it, thanks to google again.

Over the last few days we had an outage here. A UPS used by the network infrastructure failed and nobody could physically get to it until sometime yesterday. Actually, nobody could trouble shoot the problem to know what actually caused the lack of connectivity.

Around here, we don’t have many failures and certainly not many failures that impact public-facing services for more than a few minutes. Sometimes the blog software is a little flaky and crashes, but since we are running a few instances behind a load balancer, the service shouldn’t be completely unavailable and should auto-restart if all instances fail. Overnight when we take backups, it is just easier to take down all instances of the blog for a few minutes, do the backup, then bring them back up. It takes just a few minutes – not a big deal in the middle of the night. Yes, there are other ways to do this in a non-impacting way.

Remember, this is a non-income-generating blog – like a front door to a small business. It is expected, but doesn’t make any money.

Perhaps a few readers would like to know more details?

Every few days or weeks, I look at the logs for this blog. It is out of interest only, since there aren’t any ads here and I don’t get paid to run the site or make the content. At the beginning of a new month, the referrer list can be interesting. Often those links are from UbuntuForums or Lifehacker or other websites where I’ve left relevant links back here. A few friendly websites also link back like My Linux Rig and even Wikipedia and WikiBooks.

I try to avoid ranting here and post articles when I’ve found a solution, not just a place to complain.

Today I need a timer/alarm app. These are common on Maemo, Android and I suspect other portable devices. I need finer control than a minute, so a calendar or cron entry aren’t viable solutions.

This seems like a very common need for users – get my attention in 2 or 12 or 55.3 minutes. That’s what I need too. It needs to be second accurate and should be built-into the clock app in a dock.

• cooking timers
• phone call reminder – suppose you want to be exactly on-time for a job phone interview?
• switch task reminder

You get the idea.

I prefer LTS Ubuntu releases because they come with 5 years of support – patches. They are usually a little more stable as well. The downside is that after about 18 months, developers usually stop developing for the older LTS release so new programs do not work on these older releases. For most desktop users, that is a huge negative and they will migrate to a non-LTS release. That’s find if you have 1 or 2 machines to maintain. That does not work when you have 10 or 2000 machines to maintain.

I’m excited about Ubuntu 12.04. My 8.04 and 10.04 servers AND desktops are feeling a little old, out of date, even with the weekly patching. 8.04 server is still supported and receives patches from Canonical. Most of the servers running here are still running 8.04 Ubuntu LTS which will be under support for another year.

It is time to migrate from 8.04 to 12.04. Thankfully, I have some time, about a year to make it happen. When it comes to servers, caution is best. Unplanned downtime is the enemy.

Below are my first impressions of a test install using VirtualBox. I do this just to become familiar with any changes to the installer and to check out the new install options. This install will probably last a week.

Ok, let’s get started.