Caliban – Opinion and Righteous Anger

OK, so who spiked my Diet Pepsi with LSD?

The rise and fall of the .coms is truly a fascinating experience in which to partake.

The coming week is going to be very interesting. Keywords: Linuxcare, Turbo Linux and a few other expletives I can think of.

Few diary entries penned by me of late could lead you to conclude that I’ve been extremely busy over the last month. You would be absolutely right.

Pretty much all of our servers are now located in the Digital Island facility in San Jose. No more poorly installed and configured hardware and software, hanging by a thread in some poor excuse of a facility.

Major highlights for me personally have been:

• The installation of a new VPN server running Linux 2.4.3, plus FreeS/WAN 1.9 and the X.509 certificate patch. This box is performing very nicely and it’s great to finally have an iptables box fulfilling a critical role in the infrastructure.
• An upgrade of the LDAP server to OpenLDAP 2.x and deployment of a couple of slave servers. I had to register a Private Enterprise Number with IANA and write a schema for backwards compatibility with the attributes used by our intranet, greatly increasing my knowledge of nss_ldap in the process.
• Installing a new mail server. The new one runs postfix 20010329 and has an NFS mounted mail spool. Some people swear that you should never do this, but I’ve used it before and I’d use it again. If done properly, there needn’t be any issues. The new box has been very elegantly put together, even if I do say so myself. LDAP is the key here. There are no local users in /etc/passwd, but every user can log in using ssh and read his e-mail at the prompt. Similarly, there are no local alias files. All aliases are looked up in the LDAP directory, where the corresponding maildrop is found. Local mail is then deposited. There are still a couple of minor problems to troubleshoot (for example, LDAP look-ups sometimes inexplicably fail), but in general, I’m very happy with the new box. The anti-UCE measures in postfix are second to none.

LDAP is the thing that interests me the most right now. The more I learn about it and the more I integrate it into the company’s IT infrastructure, the more possibilities I see for it.

All of our servers now authenticate users and groups over LDAP, rather than from flat files or NIS. CVS repository access, for example, takes place by checking groups over LDAP. All ssh access now takes place over LDAP. As outlined above, local mail delivery and POP3 & IMAP pick-up authenticate over LDAP.

LDAP is single-handedly reducing the workload of the company MIS department and empowering the users to manage themselves. For example, employees can now add, delete and edit their own e-mail aliases by editing their employee record on the company intranet. And when an employee joins or leaves the company, HR adds or removes a record and e-mail magically starts or ceases to work.

These are the kind of elegant solutions that can make it really satisfying to work in IT. Thanks to Matt and pompeiisneaks for helping me make it all happen.

On a personal level, life is good. Sarah and I will be going to England for two weeks in July, which I’m very much looking forward to. Hopefully, we’ll steal a weekend away somewhere before then, too.

Thought for the day:

Q: What should you do upon realising that you are a drowning man?

A: Hang on to something other than another drowning man.

So much time and so little to do. No, wait a minute; something’s wrong there.

So, Amsterdam was a hectic time for all involved. My ex-girlfriend is no longer speaking to me and all of my stuff is currently en route on a boat somewhere between Rotterdam and San Francisco. It should be here by the end of the month.

My work visa came through just in time for the acquisition of Linuxcare by Turbo Linux. It’s an interesting time at work right now. No-one really knows how a lot of things will pan out in the long run. It’s a very exciting time to be involved and I’ll be facing some major challenges in my job as we plan for the technical integration of the two companies’ infrastructure.

Sarah and I are off to New York for four days next week, and I’ll be going to a Sharks game with Tony tomorrow evening, so the seven days ahead are looking like a lot of fun indeed.

I’ve now experienced the joys of getting a social security number and standing in line at the DMV in order to obtain a California State ID, since people keep looking at me funnily when I present them with a Dutch driving licence.

I had my Koga Miyata Randonneur freighted over by the KLM and remounted the pedals in preparation for having a shop do a major overhaul on the bike, since I haven’t found time to ride it in recent years. I’m looking forward to making some good road trips on my trusty steed. It’s funny that having it sent by air freight cost only about 100 guilders more than having it shipped would have, and I got it within a matter of days.

I went to the American Consulate this morning. Jesus, they’ve got some serious security down there. You could understand it if we were in the Middle East, but in the sleepy Dutch capital? Seems a bit much to me.

On the way there, I was stunned to see a fast collision between a van and a cycling running a red light. The cyclist was bounced up the bonnet of the van, the impact smashing its windscreen in the process.

The van braked hard, the force of which threw the cyclist off, slamming him down hard into the road. I thought he was dead as I rushed over to him, but he was still conscious, suffering from a lot of pain.

I, myself, had a close call last week in San Francisco. I’d already decided not to run any more red lights, but what I witnessed today was the ultimate disincentive. I have a lot to live for, and I don’t intend to die in such a stupid fashion, involuntarily. I have a few things to do yet before I decide to return to base.

[Time passes]

Tomorrow will see me down at the lock-up, sorting through my crap and packing it into boxes that I obtained from AA Verhuizers. They’re the ones who are going to handle the shipping of all of my stuff to San Francisco.