Some Place for Me

Myself, the World and Everything

Google Cloud backed Debian mirror

It's been some time that someone at Google told us that they had problems providing a stable mirror of Debian for use by their cloud platform. I wanted to give it a try and see what the platform can give us. At this time I was already responsible for the …

Network caps in cloud environments

Providing working network is not easy. Providing enough troughput is not easy either.

New blog featuring Pelican

For years I used a working blog setup using Zope, Plone and Quills. Quills was neglected for a long time and made me stuck at the aging Plone 4.2. There seems to be some work done in the last year, but I did not really care. Also this whole …

Setting up Ceph the hard way

Almost all existing documentation tells me how to setup Ceph with one or two layers of abstration. This entry shows how to set it up by hand without needing root permissions.

Components

Ceph consists of two main daemons. One is the monitoring daemon, which monitors the health of the cluster …

Using SECCOMP to filter sync operations

Linux includes a syscall filter since a long time. It was restricted to a pre-defined set of syscalls. Since some versions Linux got a more generic filter.

Linux can use a BPF-filter to define actions for syscalls. This allows a fine granular specification on which syscalls to act. Also it …

LDAP, Insignificant Space and Postfix

For some, LDAP, just like X.500, is black magic. I won't argue against. Sometimes it really shows surprising behavior. It always makes sense, if you think about what LDAP is built for. One surprising behavior is the handling of the "Insignificant Space"

LDAP supports syntax and comparator methods. The …

New software: LMTP to UUCP gateway

I use UUCP to get my mails. It works fine but lacks support for modern SMTP features like DSN. While it may be possible to bolt support into the the rmail part, both the sendmail interface used to submit mails and the Postfix pipe daemon used to extract mail are …

Relaying e-mail over unreliable connections

I still prefer to handle all my mails at home. I got backup set-up on my own and have anything in direct access. This network is connected to the internet via an end-user DSL connection without a static IP-address and without any useful SLA. However relaying mails over such an …

DDoS against DNS-Servers

Today I found out that the DNS-Server at home is used for a DDoS against a DNS-Server. The attackers send a small query, "ripe.net ANY" in this case, with a faked sender IP. The DNS-Server answers with a much larger packet to the (faked) sender.

Because the domain is …

Installing Wheezy on Thinkpad X130e

I installed a Lenovo Thinkpad X130e with Wheezy.

UEFI

The X130e does not want to boot via BIOS emulation. The Wheezy D-I installs only BIOS Grub. It does not provide the selection to use EFI at all. So the initial installation was BIOS only and EFI refused to boot it …