Month: April 2009

EeePC: Surviving liquid spills

Posted by – 30/04/2009

Last few months since I got my EeePC have been a lot of fun. Playing and tweaking the little bastard is a joy in the end of a busy day. Besides, since I loaded it with the most useful SysAdmin tools, it became a powerful device in my “tool belt”.

Unfortunately, I’ve been stupid enough to drink a glass of orange juice while messing with it. I know, I know! Silly thing to do. I should know better! But life is like that… I spilled a few drops over it. Of course, the web is pouring off information on what to do in cases like this, so I’ll just summarize what I did:

  1. Imediatelly, without thinking or questioning, I turned it upside down and removed the battery. It was a clumsy thing to do… I ended up spilling the rest of my orange juice on the floor while worrying about the EeePC. Concearns about filesystem corruption (or whatever) crossed my mind, but I can always deal with that later… First things first!
  2. I went online in another computer and found out how to disassemble it. For me it was easy, since I got other two computers at home… but if I needed to leave it there while looking for information, I would! If it’s upside down and has no power whatsoever (the battery was removed), it’s safe, I think. The information was easily found. I decided I didn’t need to disassemble all of it, but having those information at hand was pretty useful.
  3. I began by removing the keyboard. It’s tricky but not difficult. The secret relies on the spring-mounted tabs near the screen. I checked for spills under it and cleaned with a cotton swab.
  4. I was not very confortable to open the case, but I decided that turning it back on without checking the electronic parts first was too risky. So I said “goodbye” to my warranty and unscrewed the 6 screws from the bottom and the 9 from the silver casing under the keyboard.
  5. There I found some little drops! Good decision to open it up! I dried it using cotton swabs again.
  6. Before putting it all together, I decided to leave it open until the next day. I was pretty sure everything was dry again, but “better safe than sorry”. The next day I successfully assembled it and turned it on. Great! Everything worked fine.

Now… that was just what worked for me. My EeePC is back, fully restored but, of course, the warranty is void 🙁 So I cannot recommend you to do the same. Best advice I can tell you: Keep liquids away your EeePC!

Shakespeare 2009: The Pirate Bay case

Posted by – 18/04/2009

What’s Montague? it is nor hand, nor foot, nor arm, nor face, nor any other part belonging to a man. O, be some other name! What’s in a name? that which we call a rose by any other name would smell as sweet (Juliet. In: Romeo and Juliet by William Shakespeare – The Balcony Scene)

As The Pirate Bay (TPB) defendees themselves knew, they lost their case. It’s hard to believe in the reasoning their case’s judge gave to convict them, though. And I cannot stop thinking that they’d lost their case because of their website name. Yes… They’re not called The Politically Correct Bay… they’re called Pirate.

Publishers often refer to copying they don’t approve of as “piracy.” In this way, they imply that it is ethically equivalent to attacking ships on the high seas, kidnapping and murdering the people on them. Based on such propaganda, they have procured laws in most of the world to forbid copying in most (or sometimes all) circumstances. (They are still pressuring to make these prohibitions more complete.). […] Some of us might even prefer to use a positive term such as “sharing information with your neighbor.” (Richard M. Stallman – Some Confusing or Loaded Words and Phrases to Avoid)

That TPB would loose this trial was predicted by RMS. What is taking place is the expansion of the laws he told us about. I don’ t know Sweden laws, but let’s talk in general, shall we? So, copying and/or distributing a copyrighted material, for which you have no authorization to do so, is unlawful. It’s as unlawful as killing, or selling drugs (OK, OK… maybe not so serious… but unlawful still). That’s why, in the first place, we arrest murderers and drug dealers, right? In the same direction, convicting TPB guys is the same as convicting gun and pharmaceutical factories owners for assisting murderers and drug dealers, isn’t it? (Actually it’s even worse, since TPB guys were not even making something… they’re just the “middle-man” [and were not dealing with goods, but rather “maps to the goods”, as torrent-files can be understood]… anyway, let’s go on…)

Yes… but they’re not called “The Pirate Gun Factory” (although, somehow, some guns they made ended up in the hands of real pirates – those that “attack ships on the high seas”), or “The Pirate Pharmaceutical Factory” (although, somehow, some drugs they made ended up being sold by drug dealers), so they must be Good Guys™, right?

Come on… Aiming at TPB is just in order to enforce the concepts needed to push for more restrictive copyright laws… Laws that preserve the way of life of a “few”, despite the whole lot of “others”. So, when TPB’s Peter Sunde said this trial “is just a theater for the media”, he was damned right!

Why not aiming at Google? It has much more indexed torrents than TPB (as of now, TPB claims to index 1.782.023 torrents, Google has 2.310.000). Oh, right… They’re not called “The Pirate Google”… Now I see…

Also, how did TPB’s judge jump to the conclusion that the defendees assisted a crime? They clearly stated they don’t know user King Kong, and the prosecutor failed, IMHO, to prove they knew him/her 🙂 Much as Google doesn’t know who downloaded Wolverine torrent, or as “The Politically Correct Gun Factory” doesn’t know how those (real) pirates got their guns, or as “The Politically Correct Pharmaceutical Factory” doesn’t know how their product ended up in the streets.

The “67 Chevy argument” from David Sugar essay applies here equally to digital media as applied by himself to software. It’s hard to deal with intangibility, I know… but while the rest of the world learn how to do it, please, let’s try not to kill the innovators… And the “pirates”, as Matt Mason likes to say, are innovators! (They could just have chosen a different name, to avoid the Shakespearean dilemma 😉 ).

rsync logs with restricted ssh

Posted by – 15/04/2009

SSH is really the Swiss Army pocket knife of sysadmin tools. When I needed to periodically synchronize log files from an old server (old as in customer-would-never-update-it-or-install-anything-new), I built a simple and secure solution using rsync and ssh. This is what I did:

(I will call “remote” the system where the logs I want to retrieve are, and “local” system where I want them to be copied to) First I created an account with a restricted shell (ideally this should be a system account, but we’ll get there!):

remote# adduser --ingroup nogroup --shell /bin/rbash rlogs

Then locally, I created a new, password-less ssh key pair, copying it to my remote system:

local$ ssh-keygen
>>> When asked where to save it, I chose a different name, like .ssh/rlogs
local$ ssh-copy-id -i .ssh/rlogs.pub rlogs@remote
...
>>> You can delete the password of user rlogs, so it, effectively,
>>> cannot log-in with it (almost like a system user).
remote# passwd -d rlogs

Now you should be able to run password-less rsync already (note that I use -e option to point to a different key):

local$ mkdir logs
local$ rsync -av -e "ssh -i $HOME/.ssh/rlogs" rlogs@remote:"logs/" logs/
receiving file list ... done
./
file1
file2
...
fileN

But even with a restricted shell, I wanted even less possible things to happen. That’s what command= directive is for… It will only allow that command to be run in a session started by that key. Since rsync translates a lot of its command-line options, I run it again with a dirty ps-in-a-loop in the remote host, just to see what running rsync locally causes remotely:

remote$ while 1; do ps wp $(pgrep rsync); sleep 1; done
...
local$ rsync -av -e "ssh -i $HOME/.ssh/rlogs" rlogs@remote:"logs/" logs/
>>> in the remote loop you should be able to get the command:
  PID TTY      STAT   TIME COMMAND
 6183 ?        Ss     0:00 /usr/bin/rsync --server --sender -vlogDtpre.i . logs/

Here comes the authorized_keys magic. At the remote host I edited .ssh/authorized_keys to add a command= line with what I found out in my dirty loop. Also, I added a couple of directives to restrict it even further (they are pretty self-explanatory):

rlogs@remote$ cat .ssh/authorized_keys
command="rsync --server --sender -vlogDtpre.i . logs/",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa (...) myuser@local

Now everything is set. I just added the rsync command to the local crontab and it’s done.

Hummmmmm

Posted by – 08/04/2009

Resolvi oficializar o comentário mais repetido na Propus (e pelo visto, muito repetido na Internet), e criei o comentariobovino.com.

Sei que o site é só para diversão, mas revelou um problema que, em breve, deve ser resolvido: é muito difícil embutir qualquer mídia que não seja texto e imagem em páginas web. Sim, tive de recorrer à provável quase ubiquidade dos plugins Flash para embutir o som do “comentário”. Espero que o HTML5 resolva limitações como essa.

A propósito… a ASCII art é do pacote cowsay