Like every year, my trusty Fonera 1 running OpenWrt Kamizake repeats the nearest signal to my Hotel room. Until now, my lovely Sol Bahia had an open WiFi access, which was trivially configured in OpenWrt, but this year, they changed their access point to a Zyxel Prestige 650HW-33 (don’t ask) which is “secured” (yeah, right) with WEP. Why am I writing an article about this? because I tend to never use WEP and forget how to configure it on my router everytime. Also, that protocol is so widely not recommended, that there’s almost no documentations on how to set it up properly, but as a matter of fact there are so many hotels and people still using that unsecure protocol that it’s worth writing a reminder.

I need vacations, I really do.

Yesterday night, I decided to upgrade my home’s Internet gateway from NetBSD 6.0 to 6.1. As I already had some success with jmmv’s sysupgrade, I simply ran

… on an i386 machine. That obviously lead to massive failure such as:

As I still had an SSH session opened on that server, my first thought was to use /rescue’s binaries, which are statically linked, but guess what, /rescue is also part of base.tgz, the first set installed by sysupgrade(8). Doomed? not yet. I remembered that my gateway mounts /usr/pkgsrc over NFS, from my NetBSD NAS. So I fetched i386’s base.tgz on the NFS server, extracted /rescue/sh and /rescue/tar, copied them to /usr/pkgsrc and made sh suid root so I could call tar with the -C / flag in order to replace amd64 binaries. For some reason, rescue’s tar would not gunzip base.tgz, I really was not brave enough to dig into this, so I gunzipped it on the NFS server.

I’m slowly migrating some parts of my personal Wiki to Github using their own markdown syntax. Before committing, I wanted to make sure the docs look like they should. Here’s a small Flask snippet I wrote in order to achieve this:

Python Markdown has an extension called fenced code blocks which supports Github’s tidle (```) syntax, thus making this small program’s output similar to what the doc will finally look like.

So last week I had that massive presentation to do and was already depressed to click on the Impress icon. So I took a couple of hours to dig into those various HTML5-enabled presentation systems and came across reveal.js. An impressive piece of software that somewhat changed my life forever: Never more am I to fight with misplaced bullets and erroneous indentation, reveal.js permits to create your slides using markdown. Yes, reveal.js is that cool. Using the external markdown capability, I simply edit a .md file which is rendered by the js engine. As I still (and probably for long) use ISO-8859-15 as my main charset, I also pushed a patch to the author which permits to specify included file charset (I learned that AJAX queries use UTF-8 by default).

At ${DAYWORK}, I am writing a simple Flask web frontend for our new information system. I wanted to have a simple authentication method and so I found the Flask-Login extention for Flask which takes care of user validation, session remembrance , and has a callback method in order to plug the authentication on whatever backend you’d like.

I came up with that little piece of code which makes Flask-Login check a user / password couple against a LDAP server, and validates a user regarding its user ID:

I’ve been learning and diving into SaltStack for about a month now, for both work and personal interest, that thing simply rocks. In the meantime, I’ve contributed a couple of modules, like bridging and Xen support, plus a couple of grains improvements for NetBSD.

But most of all, I’ve been preparing my ${DAYJOB} infrastructure for Salt, and I must say this has been much easier than I thought, thanks to this beautifully designed piece of code. One aspect I’d like to share is the simple way I found to make a minion dynamically configured, through custom-made grains.

I’ve been obsessed with SaltStack for over a week. This infrastructure management suite is exactly what I needed for both my personal and professional servers: simple but modular, written in python, not depending on a thousand unnecessary complex messaging stacks as it bundles zeromq, capable of both orchestration and configuration management, all this through comprehensive, well documented API and commands.

Only drawback was it had poor NetBSD support. Was :)

It’s been a long time since I’ve dug into python, so it took me a little bit of effort, but Salt now has full support of pkgin in its generic packaging functions, knows how to handle NetBSD services and is capable of dealing with NetBSD’s sysctl(8) and sysctl.conf.

I know about estd for a while, that daemon “dynamically sets the CPU-frequency on Enhanced SpeedStep, PowerNow, and APCI P-States-enabled CPUs depending on current cpu-utilization” (manpage excerpt). Thing is, I’ve never seen any CPU changing from its current speed while monitoring the machdep.powernow.frequency.current sysctl.

In order to understand what was happening, I started estd with the -o flag, which outputs the CPU-frequencies as they are set. I then realized that the “ligh watermark percentage” and “low watermark percentage” default values were way too high (respectively 40 and 80) and were never reached, so the CPU speed was never changed.

Update

As written on the comments: _ Colin Watson Says: May 17th, 2013 at 7:12 pm

I uploaded 6.2 packages to Debian a week or so after you posted this, so you can/should now just use those instead. I expect they should build fine on wheezy. _

As a matter of fact, the following is now deprecated

At ${DAYWORK}, we used to have our own OpenSSH debian package which included the famous OpenSSH LPK patch, which permits the use of an OpenLDAP server as an SSH public key provider.

Here’s a .vimrc excerpt which permits the use of Control + Arrows sequences to navigate through vim tabs inside the tmux terminal multiplexer: