Sunday, September 02, 2007
Junior Year
On the work side of things, I've quit using, or trying to use Cisco's VPN client on Linux. It was not very well maintained to begin with, and I couldn't even get it to compile against the kernel in Fedora 7. Now I'm using an opensource program for Cisco VPNs now called vpnc, and I really like it. It's 100% open, doesn't require a kernel module, runs as a daemon instead of an active program, and certainly feels faster. I had a great summer doing full time work and look forward to continuing part time for the rest of the year.
Speaking of Linux, my laptop has a Intel 3945ABG wireless card inside it, and Fedora 7 shipped with the new iwl3945 driver for this card. It is my understanding that the license is more open than the usual ipw3945 driver, and though the iwl3945 driver was new and kind of buggy, the Fedora devs had to decide to either bundle this one or none at all. I wasn't able to get the original iwl3945 driver on the CD to work, but when I updated to 2.6.22.4-65.fc7 I tried it again and it seems work well with both open and WPA networks.
Last Friday was the first "Programming Tonight" session I've attended (they started when I was in VA). It was a neat place, I had a good time, and learned something new about OpenLDAP - I didn't realize the registration dates were stored for each user! Pretty useful.
Thursday, May 10, 2007
Done with school forever
A few weeks ago my new Netgear router started acting up. I did a cold factory reset (holding the pin in the back while powering it on) but when it booted up all the lights stayed solid green. The device was inaccessible, and subsequent resets and reboots yielded no change. Thankfully the thing was still under warranty, so I sent it back to Netgear and just received the replacement in the mail this week. I had purchased a WGR614v6 International Version from newegg.com, but Netgear sent me back a brand new WGR614v7 North America Version! This version seems to have fixed the authentication bug I noticed in the v6. I also got to keep the old ethernet cable :) So even though I had to pay a few dollars to ship the old one out, I'm still satisfied with Netgear's quick response and their better-than-the-original replacement device. I'm using it now as I type this with no problems :)
Lastly, we've finally rolled out our LDAP creation tool on chicagolug.org. Sign up, or update your account info. This means our wiki is open to all who register!
Friday, April 20, 2007
ktdreyer.com
Wednesday, April 18, 2007
New wireless device
I just got a Netgear WGR614 from NewEgg for $36.42 (including shipping). It's going to replace my aging Linksys BEFSW11S4, which I'll give to my sister to use at home. I haven't got a chance to test out the wireless capabilities of the Netgear since I don't have my new laptop yet, but the firmware options available on the WGR614 are much more advanced than the Linksys hardware I've used (the BEFSR41 and BEFSW11S4... but that's understandable since those devices are several years old :)
The only issue I have with WGR614's configuration is that they try to oversimplify things with their "Smart Setup Wizard". For example, if you go to the default page at http://192.168.1.1/
, the WGR614 will automatically redirect your browser to http://www.routerlogin.com/welcome.htm
, which is a 404 error. To get around this redirection, I took a look at the source of the redirect page on the firmware itself and noticed it had a string in a line of Javascript, "start.htm". I tried http://192.168.1.1/start.htm
and it brought up the configuration page without the hassle of the "Setup Wizard". All is well... though it appears that this method bypasses whatever authentication method the WGR614 is supposed to have. Oh well. At least it tracks my IP so that only one IP can be "logged in" to the manager web app simultaneously. It's sufficient for my needs here, and maybe I haven't found the right setting in the config, but I think this is pretty insecure if it works this way out of the box.
In other news, I just found out that Dryer 2 Skip Day is going to be the same day that Mom and Grace are coming to visit! Another reason I can't wait till Thursday :)
Monday, April 02, 2007
New laptop on the way
Friday, March 30, 2007
chicagolug.org progress
Monday, March 26, 2007
Back from Spring Break
Friday, March 02, 2007
new chicagolug.org server
We've got a new chicagolug.org server! Thanks Tristan for donating this one until the main machine arrives. It's hostname? "rebirth" :)
Tuesday, February 20, 2007
Message to Laodicea
I read an interesting example in my Hermaneutics textbook this afternoon. In Revelation 3:14-22, John records a message to the church at Laodicea. He writes:
14"To the angel of the church in Laodicea write: The Amen, the faithful and true Witness, the Beginning of the creation of God, says this:
15'I know your deeds, that you are neither cold nor hot; I wish that you were cold or hot.
16'So because you are lukewarm, and neither hot nor cold, I will spit you out of My mouth.
This Laodicean church is useless; it is not like hot water (for taking a bath) or like cold water (for a refreshing drink). We must interpret the "hot" and "cold" water in light of the archaeological background. Laodicea was located close to the hot springs by Hierapolis and a cold stream by Colossae. Both hot water and cold water are desirable and useful. But the spiritual condition of Laodicea is neither. It is tepid and lukewarm. We have to guard against quick misinterpretations: Jesus is not saying that active opposition to him is better than being a lukewarm Christian.
Friday, February 16, 2007
Culby vs Dryer
Thursday night a rumor floated around that a bunch of Culby guys were going to storm our floor with snow. A lot of Dryer 2 guys prepared to counter the attack by filling up tons of trash cans with water. After several false alarms, a number of Culby guys did rush up to the building. They stayed outside and threw snowballs at the lounge windows. Eventually people from all three Dryer floors went outside for a snowfight. Both sides had trashcans for heaving snow and several people got a lot of water and snow in the face!
This morning right after chapel started in Torrey-Gray Auditorium, some Dryer 3 guys hiding in the choir loft quickly pulled back a curtain to reveal a banner they had made. It had the names of all three Dryer floors and read:
"The next day, when Dryer searched the battlefield, they found Culby dead on Dryer Lawn. They cut off Culby's head and stripped off his armor. Then they spread the good news all through MBI country and among the Moodies. They displayed his armor in the shrine of Torrey. They nailed his corpse to the wall of Gray. 1 Samuel 31:8, Dryer Abridged Version"
Whoever made the banner had also collected a bunch of clothes which the Culby guys had dropped during the fight, and fashioned them into a headless dummy which hung from a rope next to the banner in front of the whole school during the whole of chapel!
Saturday, February 10, 2007
What Happens After You Die
I preach at a retirement home for my PCM, and when I get back from Spring Break, I'm going to be preaching a series on "What Happens After You Die." I'm pretty excited about it. I'm planning to read over Spurgeon's sermons on the subject, and if you can think of any other good sources good information, please reply :)
Tuesday, February 06, 2007
Back in business
Audrey and I had a great time last Saturday. We went out to the Grand Lux Cafe on Michigan Avenue for dinner. It was nice to sit and talk with her. This week we are busy walking back and forth to Moody Church for MBI's Founder's Week. The weather is bitterly cold and we got about 4 inches of snow today. In these single-digit temperatures, I'm very thankful for the new scarf mom sent in the mail.
I finally got Cisco's Linux VPN client to connect and route the traffic appropriately. The firewall admin here at Moody had to open TCP port 3322 (and fix some kind of routing/subnet issue). Also, I got an 80GB IDE hard drive from a friend to put into ethne, and I'm backing up my home folder from kappa onto it. The ethernet jack has been flaky, but hopefully that wireless firmware holds out long enough to transfer everything over. I'm just excited to have everything more or less back in order. I'm thankful to God that I had another computer to use when kappa died!
Friday, February 02, 2007
ethne with FC6
I've wiped ethne and installed Fedora Core 6 and Xfce 4.4. After a long hassle, I'm basically back to where I was with kappa, desktop environment-wise. Setting up my HP 1020 wasn't hard with foo2zjs drivers. The biggest challenge was the Cisco VPN client.
After installing kernel-devel, I downloaded vpnclient-linux-4.8.00.0490-k9.tar.gz and ran the vpn_install bash script. The script complained about some problems with the kernel source. After hunting around online I found a blog describing the necessary fixes to make the client compile with Fedora Core 6. After the client compiled and installed correctly, I started the service. The script in /etc/init.d complained that the kernel module wasn't valid. After more hunting around I read on FedoraForum.org that this was a result of the infamous FC6 kernel bug (FC6's anaconda installs the kernel for i586 when it should install i686). Once I replaced the kernel with the correct architecture I was good to go. I set up the profile to get into the VPN server in Reston, and... "Connection timed out". At that moment I remember noticing that Moody's network had gone down and all the dhcp leases were wiped out. This means ethne now has a new IP address, but Moody's firewall rule is presumably still using the old one. I rushed over to Crowell to see if someone in IS could change it, but the main engineers had already left for the weekend. What a bummer. But God is good to me. And hopefully this will be resolved soon so I can get back to work! :)
Oh, and it's Audrey's birthday today. We're going out to celebrate Saturday night :)
Friday, January 26, 2007
ethne with X
Well, I cannot determine the problem with kappa, though I don't think it is just static electricity. It's getting harder and harder to get it to boot, so I'm going to put it away for now and try to get working later. I went ahead and installed X on ethne, though I'm really feeling the drop from Fedora Core 6 to CentOS 4.4. CentOS is wonderful for servers, but I'm going to need a number of things that aren't available for RHEL yet. I'm using Xfce 4.2 (yikes!) because RHEL is still at GTK+ 2.4.x... OpenOffice is still at version 1... etc. So things are kind of old here. I'm probably going to try to install FC6 later next week to get things up to speed, though I'll need to borrow a CD burner from someone...
In the meantime, I need to write my sermon for Sunday :)
Wednesday, January 24, 2007
Laptop troubles
Today after I finished about five hours of work, kappa (my laptop) froze. Thankfully my work was screen'd away on ethne (my server here at Moody) so I wasn't too concerned about losing all that work - I could just reboot and reattach the screen session. Rebooting... that turned out to be a bigger issue than I planned.
Kappa has had some trouble recently coming out of hibernation - the light would come on but nothing would appear on the screen and I'd have to hard shut-down. I thought it was just a Windows problem, but it is a warning sign of deeper problems under the hood. Tonight, kappa was freezing up continually in Windows and I was having trouble even booting the machine. It looked like a bad RAM problem, as I couldn't even get the BIOS to show up, but I tried switching out both DIMMs (I have two 512s) and no noticeable results. Thankfully the problem is still intermittent and I was finally able to boot to Fedora.
One of the reasons I prefer Linux is that it actually tells you what's going on in your computer. When the freezes happened in Windows, there was no error message at all to give me a clue. When I first booted Fedora, there was an error about my ipw2200 firmware and then an error "psmouse.c: bad data from KBC - timeout bad parity". That must be it. On every subsequent keypress, the this psmouse.c error would appear on the commandline.
To Google we must go. About 300 hits for this error message, and one of the most informative is on the Linux kernel bugzilla. Several people have had this message and were probably referred here. They have common symptoms - laptops with intermittent freezes in both Windows and Linux. A few people debate whether it is a hardware or software problem, but I'm sure the intermittent nature of the problem and the fact that it exists in both Windows and Linux points to a hardware issue. One post in the bug report caught my attention: the idea that it is the result of an ESD - Electrostatic Discharge. Maybe this is it! I have definitely felt more static around me recently. That, combined with the particular clothes I'm normally wearing here in Chicago (my new coat, my scarf) may have contributed to the problem.
I'll let you know how things turn out. In the meantime I'm going to make sure to back up my school folders to ethne. If Kappa dies completely I can always install X on ethne and use it as a desktop in a pinch. "There are levels of survival we are prepared to accept."
Tuesday, January 23, 2007
Brilliance Bordering on Irrationality
I've been thinking about this a lot, particularly since the class is still new to me. I think I'm finally beginning to understand that Dr. McDuffee's primary objective in class is not to transfer the course material into our brains; rather, it is to get us to think. This is his goal. CWC is merely a context. I suppose all of Moody is merely a context. Maybe I can learn more from him than I originally thought.
Another issue that this has brought to my mind is the issue of learning styles. If I am a linear thinker, I may have the propensity to leave the part of my audience behind - the part that more readily understands Dr. McDuffee's lectures than Dr. Litfins. I can't be all things to all people, but it did get me thinking: who do I isolate when I say such and such?
When I'm out of Moody, which of these teachers will I remember?
Kappa
Xfce 4.4.0 final was released Sunday. I installed it on kappa (my laptop) yesterday and it went smoothly. I've been following the development of this project with some interest over the past year, so I've been testing out each development release and I've learned a lot about managing a project. I like Xfce's minimalist philosophy and the "snappiness" feeling of the environment. Thunar is a neat file manager that has plenty of convenient options like mouse gestures. Windows explorer even feels slower than Thunar. Speaking of which...
Over the past few months, my Windows XP Home install on kappa has been getting slower and slower lately. Boot time is getting longer and longer, and loading apps takes much more time. I have no idea what the problem is, as my Fedora Core 6 install has not slowed down at all. I'm planning on wiping the whole drive and reinstalling both OSes, but that will have to wait till I'm home again. Maybe Fedora Core 7 will be out by then :)
ChicagoLUG.org single sign-on
Services:
- Mediawiki
- phpBB
- mailinglist?
The user logs in to a customized form. Upon proper authentication with the LDAP database, the web application sets the login cookie(s?) for the various services. Clicking "Logout" on any one of the services logs the user out of all services.
Possible complications:
- Mediawiki uses user id numbers as well as usernames. phpBB may do this as well.
- phpBB (or others) may also need to set session ids in a database - potentially a problem if this expires based on user activity - can we remove this?
- Mediawiki's database structure for user profile options is a minor headache
- Where does the mailinglist store user information?
Possible implementations:
- Create an application to set the proper cookies for each service (more complicated; not a very elegant solution)
- Hack the existing services to handle a single "logged on" cookie. (more elegant, but potentially less secure. If there is a security flaw in our implementation this might render other services vulnerable. Also if there is any future upstream security vulnerabilities in one service it might affect other services.)
- Note: Either of these will require carefully analyzing the implementations of the authentication mechanisms for each service. If we need to upgrade a service, we will have to carefully track what changes are made so that they can be "patched" into future versions. (Example: Let's say that we install version X of Mediawiki. If version X is later found to have a cross-site scripting vulnerability, we will need to upgrade to version Y, but we also need to make sure our customizations fit into version Y.)
Questions:
To what degree should the individual services' profile databases be merged into the LDAP database? One of the cool parts of this will be the ability to sync email address changes, etc. but is this going to be viable with every service, everywhere? Will we need to create a "single profile editor" in addition to the single-sign on? It'd be cool, just more work :) Basically we need to decide whether the LDAP will handle authentication only (just username/password) or an email address, or even other profile information.
Things to store in LDAP
- Username
- Password
Possible things to store in LDAP:
- Email (confirmed?)
- Group membership for each service (Admin, Moderator, etc.)
- phpBB variables (id number?, signature, avatar, website, etc)
- mediawiki variables (watchlist, etc.)
- mailinglist variables (subscriptions, active/inactive, digest, etc.)
I don't have much experience with LDAP; in fact I've only briefly played around with PHP's LDAP functions. I guess I'll learn more if this project ever gets off the ground :)