An annoying and non-obvious rpmbuild “feature enhancement”

Specifically, under certain circumstances, it can dump debuginfo files into /usr/lib/debug and /usr/src/debug under your buildroot, neglect to build the corresponding -debuginfo package, and then have the gall to complain about the unpackaged files it dumped there. I have a confession to make: I’m anal-retentive enough about the systems I administer where I need to build RPM packages for everything so they can be easily updated, but I’m lazy enough where I usually just grab source RPMs out of the most recent Fedora repositories and modify the specfiles until they work on CentOS 5. This can lead to some interesting … Continue Reading →

Linux vs. Solaris packaging: it’s a philosophical thing

I thought this was a post worth making because this was the hangup that kept me, as an eight-year Linux user, from really getting Solaris. One of the biggest questions I see repeated all across the Internet is, “why can’t Solaris’s package management be more like Linux?” Criticisms abound both of Solaris’s SysV packaging format and the way that Solaris packages have to be installed. Solaris’s opponents claim that the Linux packaging system is far superior, Solaris’s is stuck in the 20th century, and Solaris has to adapt or survive. OpenSolaris introduced the Image Packaging System (IPS), designed by Ian … Continue Reading →

Linux fails to escape screensaver malware

Screensavers, smiley packs, little animated desktop companions and their ilk have, for a very long time, been a big part of the Windows malware ecosystem, because they’re the kind of thing that specifically appeals to the type of user who doesn’t know any better. For awhile, Linux has managed to avoid this, but a screensaver on gnome-look.org has been found to do very bad things: Malware has been found hidden inside an innocuous ‘waterfall’ screensaver .deb file made available on popular artwork sharing site Gnome-Look.org. The .deb file installs a script with elevated privileges designed to perform a DDoS attack as well … Continue Reading →

Recording disk statistics with sysstat on RHEL/CentOS

Unlike on Debian-like systems, the default configuration for sysstat’s sa1 collector on RHEL/CentOS does not include disk statistics (like you would get from iostat) in the sa collection output. This is due to a missing flag in the cron.d fragment that calls sa1. The “-A” flag to sa1 defies reasonable assumption about its function, and does not include disk statistics, so we have to specify “-d” manually. To enable disk statistics collection/trending, edit /etc/cron.d/sysstat and change the following: */10 * * * * root /usr/lib64/sa/sa1 1 1 to this: */10 * * * * root /usr/lib64/sa/sa1 -d 1 1 (Obviously, … Continue Reading →

Fedora 12 allows users to install signed packages…

Update: According to a post on lwn that I can’t find at the moment, they’ve already reverted this decision with a subsequent update. It should be resolved soon. …without root privileges, without authenticating. Yeah, you read that right. SANS has the writeup: A “bug” created back in November against the latest Fedora release (12) indicates that, through the GUI, desktop users of the Fedora system are able to install signed packages without root privileges or root authentication.  Yes, you just read that correctly.  (I’ll give you a second re-read that sentence so I don’t have to retype it.)  Yes, “it’s … Continue Reading →

More on CentOS 5.3 to 5.4

So, here’s a humbling, humiliating and slightly funny follow-up to my last blog post: I’ve always done my due diligence in making sure upgrades go smoothly. As a result, I have a habit of tirelessly poring over release notes and the “known issues” section therein. However, I got burned this week when I failed to read all of the release notes. CentOS has a documentation page for the 5.0 series. And as of this writing, the documentation page links to a document called Release Notes. It does not, however, link to a completely different document that also is called Release … Continue Reading →

CentOS 5.3 to 5.4 upgrade woes

I’ve been pushing out CentOS 5.4 on a number of test systems this week, and I came upon a very interesting, very insidious, and very annoying problem. When running the upgrade, yum upgrade seems to run without a hitch, and returns completely successfully with no errors or warnings. However, what actually happens in the background is that the cleanup process breaks silently, and the package manager gets completely filled up with entries for duplicate packages that shouldn’t be allowed to coexist. I was alerted to the problem by rkhunter, which notified me during its post-reboot run that several files were … Continue Reading →

awesome WM Appreciation Post

Multiple workspaces always made me kind of sloppy as a user when they were supposed to make me more organized. I would open up dozens of tabbed terminals and lose track of some of them. Eventually I spent enough time looking for windows I should have had right in front of me, and closing windows that shouldn’t be closed, that I figured there had to be a more productive way out there. I’ve flirted with tiling window managers before. Ion, wmii and xmonad always left a bad taste in my mouth. They were inflexible and annoying and difficult to use … Continue Reading →