Ferry Boender

Programmer, DevOpper, Open Source enthusiast.


Category: sysadmin

Root your Docker host in 10 seconds for fun and profit

Disclaimer: There is no actual profit. That was just one of those clickbaity things everybody seems to like so much these days. Also, it's not really fun. Alright, on with the show! A common practice is to add users that need to run Docker containers on your host to the docker group. For example, an […]

sshbg: Change terminal background when SSHing (for Tilix and Xterm)

This is gonna be a short post. I wrote a tool to change the background color of my terminal when I ssh to a machine. It works on Tilix and Xterm, but not most other terminals because they don't support the ANSI escape sequence for changing the background color. It works by combining SSH's LocalCommand […]

Enable dnsmasq DNS query caching on Ubuntu 16.04

It appears that by default, DNS query caching is disabled in dnsmasq on Ubuntu 16.04. At least it is for my Xubuntu desktop. You can check if it's disabled for you with the dig command: $ dig @ ubuntu.com $ dig @ ubuntu.com Yes, run it twice. Once to add the entry to the cache, […]

Why the EasyList DMCA takedown notice is perfectly valid (and fair)

There's a story going around about a DMCA takedown notice filed against the adblocking list EasyList, causing them to remove a domain from one of their filters. As usual, lots of indignation and pitchfork-mobbing followed. It seems though, that few people understand what exactly is going on here. Here's a brief history of ad blocking […]

Understanding Python's logging module

I'm slightly embarrassed to say that after almost two decades of programming Python, I still didn't understand its logging module. Sure, I could get it to work, and reasonably well, but I'd often end up with unexplained situations such as double log lines or logging that I didn't want. >>> requests.get('https://www.electricmonk.nl') DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection […]

Criticize grsecurity? Get sued.

Thinking about using the grsecurity linux kernel hardening patches? Better check with your legal team. Not only are they likely violating the GPLv2 with their patch-set, but if you point out that, in your opinion, they are violating the GPLv2, they'll sue you. And not only you, but anybody that is even remotely involved in […]

Two-factor authentication via SMS is worse than no two-factor authentication at all

Another case of online theft whereby the attacker takes over a victim's phone and performs an account reset through SMS has just hit the web. This is the sixth case I've read about, but undoubtedly there are many many more. In this case, the victim only lost $200. In other cases, victims have lost thousands […]

ScriptForm v1.3: Webserver that automatically generates forms to serve as frontends to scripts

I've just released v1.3 of Scriptform. ScriptForm is a stand-alone webserver that automatically generates forms from JSON to serve as frontends to scripts. It takes a JSON file which contains form definitions, constructs web forms from this JSON and serves these to users over HTTP. The user can select a form and fill it out. When […]

How to solve RPMs created by Alien having file conflicts

I generate release packages for my software with Alien, which amongst other things converts .deb packages to .rpm. On Fedora 24 however, the generated RPMs cause a small problem when installed with Yum: Transaction check error: file / from install of cfgtrack-1.0-2.noarch conflicts with file from package filesystem-3.2-20.el7.x86_64 file /usr/bin from install of cfgtrack-1.0-2.noarch conflicts […]

Reliable message delivery with Mosquitto (MQTT)

I was looking for a message queue that could reliably handle messages in such a way that I was guaranteed never to miss one, even if the consumer is offline or crashes. Mosquitto (MQTT) comes very close to that goal. However, it wasn't directly obvious how to configure it to be as reliable as possible So this […]

The text of all posts on this blog, unless specificly mentioned otherwise, are licensed under this license.