Category Archives: Beware of Leopard

This is the catch-all category.

28 May 2020

By | | , ,
Comments Off on 28 May 2020

Rather Closer to the End

Well, the beginning was a good long time ago. And one thing I can always take away from the Drake Equation is that a primary reason that we’re alone is because civilizations just don’t last long enough to get past the deeply stupid stage that follows the enlightenment. Whether we do it to ourselves, or Giant Asteroid ’20 does the job for us, the bell is tolling.

I know, I’m a cheery sort of bloke, eh? You look at the news. I’ll go back to the small shit that I have control over. Like …

The garden is alive. Almost two weeks and nothing’s dead yet. On Saturday I’ll take off the bird netting, weed out the beds, and set the tomato plant cages. Yay!

SSH Agent Persistence vs CSH/TCSH

Y’all can skip this part if you want. It’s here as much for me to find it again if I ever need it as for anyone in Greater OutThereLandia.

The problem is “simple”. I have a group of systems I’m responsible for. The developers have a whole suite of scripts and processes based on the fact that they use the modern incarnation of the C shell, tcsh. I’m migrating them to newer platforms, and newer code repositories, remote code repositories. Access to these repositories requires SSH access. SSH key pairs are the answer to the problem, but the private key requires a passphrase to meet our security requirements.

Persistence across multiple login sessions is the key for the developers. Once they have an active login session on the platform, they want to leverage their SSH authentication without re-entering the passphrase each time it’s needed, or even each time they login (simulateous sessions) on the system.

All the tools I have laying about for managing persistent SSH keys across multiple sessions are pretty much Bourne shell based, and mostly I use a tool called keychain, written a while back by Daniel Robbins of Gentoo fame. I needed to find out how other people are solving this problem for csh/tcsh users.

What I learned is that not very many people are using csh/tcsh anymore. BUT. But, I found Mark A. Hershberger, who many moons ago wrote a page about managing SSH Agent via scripts, with a link to a sub-page with solutions for alternate shells (like tcsh/csh) – http://mah.everybody.org/docs/ssh-agent-startup … yes, that’s a plain HTTP link, no SSL, and your browser will hate it. Don’t worry, you’re not logging in or doing any banking there.

This was an awesome find for someone like me that spends little or no time in tcsh, but knows that it’s a bit of a janky environment for scripting things. I read, understood, and implemented the script as written. It didn’t work. Sigh. After a couple of hours complete with gnashing of teeth and pulling of hair, it turns out I was getting clobbered by a default feature of the environment called noclobber, which effectively prevented me from overwriting a file that already exists via redirection. So, if noclobber is set (which is part of the environment for these devs), then this code won’t work, if the target file, /tmp/blue.txt, already exists:

echo "I\'ve got the blues!" > /tmp/blue.txt

Once I learned about noclobber, and determined that I could not unset it and leave it unset because of user expectations, I found that I could force the overwrite with the judicious application of a ‘!’ character to decorate the redirection. This works, whether or not /tmp/blue.txt exists:

echo "I\'ve got the blues!" >! /tmp/blue.txt

With that problem out of the way, I was able to get the code to run at login. Then I started piecing together the logic I wanted to actually apply for these development users. For login, look for a file that defines an existing SSH Agent session. If that file doesn’t exist, or if it contains information about a defunct session, it will start a new SSH Agent session. IF there’s a running SSH Agent session, it’ll check to ensure the key is loaded, and prompt to load it if needed. So, this code goes into the users .login file in their home directory:

set sshAgent=/usr/bin/ssh-agent
set sshAgentArgs="-c"
set tmpFile=~/.ssh/ssh-agent-info
#
Check for existing ssh-agent process
#
if ( -s $tmpFile ) source $tmpFile
  echo $SSH_AGENT_PID
  if (! $?SSH_AGENT_PID ) then
    # echo "No $tmpFile, starting new agent…"
    $sshAgent $sshAgentArgs | head -2 >! $tmpFile
    source $tmpFile
    echo "ssh agent started [${SSH_AGENT_PID}]"
    ssh-add
else
  # the tmpfile was present with data, check it…
  # echo "Found $tmpFile, check data"
  set this=`ps -elf | grep ${SSH_AGENT_PID} | grep ssh-agent`
  # start ssh-agent if status is nonzero
  if (( $? != 0 ) && ( -x "$sshAgent" )) then
    # tmpFile exists, but stale data
    $sshAgent $sshAgentArgs | head -2 >! $tmpFile
    source $tmpFile
    echo "ssh agent started [${SSH_AGENT_PID}]"
    ssh-add
  else
    # Agent running, ensure a key is present
    set sa_data=`ssh-add -l`
    if ( $? != 0 ) then
      # need to add key
      ssh-add
    endif
  endif
endif

The original script for exiting the session would kill the SSH Agent outright. This is not so useful if you still have other login sessions running. So I wrote a few lines to attempt to ensure that only when the last running login was being exited, would the SSH Agent be reaped. This code goes in the user’s .logout file in their home directory:

set tmpFile=~/.ssh/ssh-agent-info
set sessCount=`w | grep $user | wc -l`
if ( $sessCount == 1 ) then
  # last user, clear out the ssh-agent
  eval `ssh-agent -c -k`
  /bin/rm $tmpFile
endif

And the solution works. The developers are minimally unhappy about the increased security wrapped around access to the code base, because they know I worked to make it as painless as possible while meeting policy requirements. It could always be more robust, but I tried to get all the common failure cases, and mostly the resolution to something I didn’t catch is for the user to log out of all of their sessions, then log back in again to reset.

Winding Down

Our condolences to the family and friends of 1st Lt. Trevarius Ravon Bowman, 25, from Spartanburg, South Carolina, who died on May 19, 2020, in Bagram Air Force Base, Afghanistan, from a non-combat-related incident.

Our hearts go out the families who have lost loved ones to COVID-19. Y’all, socially distance, wear a mask when you need to (indoors around other people for sure), and WASH YOUR DAMNED HANDS way more often.

Please don’t be one of the people who want to go into retail (or any other) businesses without a mask. Don’t be one of the people trying to up your chances of being DEAD by the time the General Election rolls around. Even if you don’t care for yourself, do you want to get ill, pass it on to an elderly parent (or a young child) and have them DIE because you’re behaving like a petulant child yourself? No, no, I understand that your role model in this case does indeed behave much like a petulant child. Don’t follow that particular lemming off the cliff. Stop. Think. Listen to medical professionals and keep safe.

I love you ALL.

17 May 2020

By | | , , , , ,
1 Comment

Spring, huh?

So, since we last were here together, we had several more overnight freezes. Sadly, at least one of them was a surprise. So one night I didn’t tarp the garden beds, and everything died. Yup, all of it. So I started over. Rototilled again, raked it all out flat again, bought new plants again, and got ready to put them in the ground, again:

Two garden beds ready for planting... again. Tomatoes and peppers in ready for transplanting into the soil.
Two garden beds ready for planting… again.

We’re not due for anything below 48F in the next ten days, so I expect that we’re actually done with overnight frosts. (Famous last words). But the plants look good, and since I did that work yesterday, everything is still alive:

Plants in the ground
Plants in the ground

Right now I’ve just got a variety of tomatoes and peppers, since those are what I want most. I’ll probably pick up some herbs and some beans to go in, in the next few days.

Lexi the mutt at my office window (Lexi TV)
Lexi at my office window (Lexi TV)

While it remains spring-ish, Lexi likes watching “Lexi TV”, quivering and growling at the vicious bushy-tailed rats (squirrels) invading her back yard.

Winding Down

Our condolences to the family and friends of Sgt. Christopher Wesley Curry, 23, from Terre Haute, Indiana, who died on May 4, 2020 in Erbil, Iraq, from a non-combat-related incident.

Marcia has been baking up a storm, and, well, I love it. I’m ordering some double doors to install in all the door frames, and getting pricing information on the necessary permits…. but it’s all delicious!

We continue, reasonably healthy, mostly home-bound, wondering what the idiots are going to say next.

The bright spot is that our state, in the process of putting off the primary, did so to ensure that this was a vote-by-mail election. We received our ballots, and our instructions in Spanish, completed and mailed them. Yesterday, the instructions in English arrived. Ah, well. We were able to figure it out. Pleased that unlike some Republican-led states, ours was sane enough to ensure that people didn’t have to stand in close proximity to each other to exercise their constitutional right to vote. Yay, Maryland!

Be safe, stay home as much as possible, mask and socially distance when you must be out. Please. If not for yourself, then for the people who love you and will miss you when you die of covid-19, with complications of politics and lack of sanity.

3 May 2020

By | |
Comments Off on 3 May 2020

Nothing to Report

Seriously. Boring is great, by comparison with the many things that could be going wrong. The garden is alive. We’re alive. Life is (distantly) okay. That’s good enough, right? Be well.

22 March 2020

By | |
Comments Off on 22 March 2020

#WFH

First, we’re healthy at this time.

Yup. Most folks I know hereabouts are working from home (WFH). Me, too, but for one day a week when I’m the only one in my department to go into the office for required onsite work requiring physical interaction – tape backups rotating offsite.

I actually put in about 4 hours this weekend, too, on regularly scheduled patching activities that I would have done from home on a Sunday, anyway.

Saturday was yardwork, roasting coffee, and some other chores.

By next weekend, it’ll be time to make a brief run to the store for groceries, etc.

Give yourselves space, time, and forgiveness. Do the best you can to protect yourselves and those around you.

15 March 2020

By | | , ,
Comments Off on 15 March 2020

Ides of March

Happy Birthday, Alex!

What’s new?

The good news is that we already practice social distancing a lot. Hope y’all can manage that, too! Wash your hands a lot, keep the people around you healthy by keeping yourself as isolated as is reasonable and possible.

We’re both healthy at this time, and we’ll do our best to keep it that way!

I did get the shopping done today, which took a while, since there were lines. I also roasted coffee.

Lexi

Relaxing:

Lexi the mutt relaxing on her back, on the sofa.
Lexi relaxing…

Winding Down

Our condolences to the families and friends of these fallen warriors:

  • Gunnery Sgt. Diego D. Pongo, 34, of Simi Valley, California died on March 8, 2020 while supporting Iraqi Security Forces in north central Iraq.
  • Capt. Moises A. Navas, 34, of Germantown, Maryland died on March 8, 2020 while supporting Iraqi Security Forces in north central Iraq.
  • Army Spc. Juan Miguel Mendez Covarrubias, 27, of Hanford, California died March 11, 2020, when his unit was engaged by enemy indirect fire at Camp Taji, Iraq.
  • Air Force Staff Sgt. Marshal D. Roberts, 28, of Owasso, Oklahoma, when his unit was engaged by enemy indirect fire at Camp Taji, Iraq.

23 February 2020

By | |
Comments Off on 23 February 2020

A Lovely Spring Day

And it was – nearly 60F today. Stuff is blooming and budding and … I have yard work to do. Oh, wait … IT’S STILL WINTER!!! I did none of that this weekend, however. We relaxed in advance of Marcia’s cataract surgery this coming week. We hope that goes well for all the usual reasons, and at least one unusual one – we’re going to see Zoe Keating next weekend! Huzzah!

On the professional side of things, I’m working on refreshing my Red Hat training in advance of re-certifying for my RHCE, sooner than later. Frankly, not a lot of stuff has changed, and I think that their certification cycle is a bit rapacious. But that’s probably just me.

Winding Down

There’s naught else to report. Lexi barked at the pizza man, but that’s unremarkable. Have a good week, y’all!

5 February 2020

By | | , , ,
Comments Off on 5 February 2020

Winding Up

So, we’ve had a week that was somewhere between t-shirt and sweatshirt weather. Very weird for late January into early February. This is normally the core of snow season here just south of the Mason-Dixon line. But we’ve only been graced with a pittance of the white fluffy stuff so far this year. Upside – no shoveling yet. Downside – I might have to start doing outside spring work much, much earlier than I expected.

Entertainment

I’ve been reading … mostly Clarkesworld Magazine, and Neil’s related project, Forever Magazine. (Yes, yes … not HTTPS, I have to get on Neil’s case about that.) I changed how I support these projects by dropping the AMZN subs, and picking them up on Patreon. The wonderful original works in Clarkesworld are a joy. I’ve especially appreciated my broadened horizons, courtesy of the big push into translated speculative fiction that the magazine has made over the last couple of years.

On the visual side, we’ve added the CBS All Access streaming service to our repertoire for a while. And while we let a few of those tasty new Picard episodes pile up, we binged out the first season of Star Trek: Discovery. It’s awesome!

Lick-spittles and Cockroaches

It’s been a ▋▋▋▋▋▋▋▋ ▋▋▋▋▋▋ and ▋▋▋▋▋ with ▋▋▋ ▋▋▋▋▋▋▋ ▋▋ ▋▋▋▋▋ in the Senate! If only those ▋▋▋▋▋▋▋▋▋▋ ▋▋ ▋▋▋▋▋▋ ▋▋▋▋ ▋▋▋▋▋ while ▋▋▋▋ ▋▋▋▋▋▋ ▋▋▋▋▋▋ ▋▋▋▋▋▋▋▋▋▋▋ ▋▋▋▋ in the eyesockets. Furthermore, ▋▋▋▋▋▋▋▋▋▋ ▋▋▋▋ ▋▋▋▋▋ ▋ ▋▋▋▋ ▋▋▋▋▋▋▋▋▋▋▋▋▋▋. You get my drift.

Winding Down

Our condolences to the families and friends of these fallen warriors:

  • Spc. Antonio I. Moore, 22, from Wilmington, N.C., died on January 24, 2020 in Deir ez Zor Province, Syria, during a rollover accident while conducting route clearing operations.
  • Lt. Col. Paul K. Voss, 46, of Yigo, Guam, died on January 27 in the crash of a Bombardier E-11A aircraft in Ghazni Province, Afghanistan.
  • Capt. Ryan S. Phaneuf, 30, of Hudson, New Hampshire, died on January 27 in the crash of a Bombardier E-11A aircraft in Ghazni Province, Afghanistan.

1 January 2020

By | |
Comments Off on 1 January 2020

The News

New year. New Decade. What to do this year?

Check your voter registration starting at the National Association of Secretaries of State website. Check regularly, to ensure your registration is valid as we approach caucuses, primaries, and and general elections.

If you need to register, you can, starting at Vote.gov. Get registered, then see step one. Check your registration to ensure that it is current and valid, when you need it most!

When you can vote, at the local, state, and national levels, GO VOTE! It’s important. It’s your democracy, so VOTE.

This is the most important post of the year. See you soon.

22 December 2019

By | | , , , ,
Comments Off on 22 December 2019

Beginnings and Endings

We find ourselves a day into Winter, thus Beginnings. We’ve had mornings in the teens (Fahrenheit) fairly often for the last couple of weeks, so sliding formally into Winter seems the merest formality. More fun, we had guests up from Atlanta, and, well, it’s properly cold here, for them. But they’re driving further north, more power to them. It was a joy to have some time with Jen and Chris, though. And Lexi got lots of attention from them, too. Linda was over for supper, too. We enjoyed a properly garlic-y chicken supper, a holiday film from Mel Brooks, and some pressies were exchanged to much fun and excitement.

On the other side of the scale, the decade is about done. Sometimes Endings are good. I’ve always said that the problem is politicians, of whatever stripe. But I think we’ve had a properly shitty few years, and maybe it’s because the root cause isn’t really a politician, after all (not this time). One hopes for hope in the coming year, we’ll see how that works out. Personally, as awful as some things have been, we’ve had a pretty decent 10 years. It’ll be interesting to see how things pan out, going forward.

Work has been work, and I’ve been really, really busy. Tired, frankly, and that’s not looking to end, as a trend, for the next short while, but we have plans to remediate that soon. Marcia finished up a collection of memorial quilts which have made their way out into the world, so she’s looking forward to doing some of her own quilt projects that have gotten backed up.

Winding Down

DoD announced no new casualties in the last couple of weeks. That’s good.

Be good to each other, enjoy your families and your holidays, however you celebrate. Merry Whatever!

8 December 2019

By | |
Comments Off on 8 December 2019

Holiday Season

The holiday season is well upon us. No post last weekend because of food coma, caused primarily by the small, 14 pound bird we roasted for the two of us … Lexi got only little bits. We just finished eating off of that bird today, with the last two servings of soup. We had a few days of straight leftovers, a pot of soup, and an abundance of turkey tetrazzini (extra turkey, no ‘shrooms or almonds).

We *did* manage to get the tree up and decorated, and topped in a fitting Doctor Who style:

Weeping Angel tree topper

Yup, who doesn’t love a Weeping Angel to send you back to the good old days? Seasonally appropriate, especially these days. The trick is, keep the tree lit!

Reading

I’ve been reading the Liaden Universe series from the fertile minds of Sharon Lee and Steve Miller, via Baen Books. I’d read some of the books, out of any reasonable order, years ago. Recently I re-read Agent of Change, and found myself wondering why I’d never just sought out all of the books, and read them through in some reasonable order.

Some reasonable order, for me, turns out to correspond well to the timeline chart found on the version of the Wikipedia page for the series. That is, I read in this order:

  • Crystal Soldier
  • Crystal Dragon
  • Balance of Trade
  • Trade Secret
  • Local Custom
  • Scout’s Progress
  • Mouse & Dragon
  • Conflict of Honors
  • Agent of Change
  • Carpe Diem
  • Plan B
  • I Dare
  • Fledgling
  • Saltation <<— I’m reading this, now.
  • Ghost Ship
  • Necessity’s Child
  • Dragon Ship
  • Dragon in Exile
  • Alliance of Equals
  • The Gathering Edge
  • Neogenesis
  • Accepting the Lance (New release, 12/03/2019)

There are also several collections of short stories, the Constellations, then there are the Adventures books. There’s certain to be overlap between those, and the stories, some of them may have made their way into the novels. I’m not sure yet. But there’s plenty yet to read. I like the characters, the plotting, the writing … I like it all. Highly recommended.

Winding Down

DoD announced no new casualties in the last two weeks. That’s good. Many other things happening in this world: Not Good. We seek balance.