Posts about technology (old posts, page 2)

civilfritz wiki renamed, moved

I’ve done a bit of cleanup with urls and names today. In particular, the civilfritz wiki is no more! Rather, it’s no longer known specifically as the “civilfritz wiki”. It’s just “civilfritz”, and I happen to be using ikiwiki as the CMS.

What does this mean for you?

First, becomes just This should be handled by your browser automagically as a 301 redirect, but update anything else that you wish.

Second, you should see the ikiwiki name of the site change from the generic “wiki” to the more specific “civilfritz.”

Thanks to Josh Ball for (unknowingly) pointing this need out to me.

zipfile | Python Batteries

Did you know that many modules in the Python standard library have __main__ sections? They’re included mainly as examples for using the standard library itself, but there’s some useful functionality in there.

You can run these examples on the command-line with python -m $module.

Today, the zipfile module:

Usage: -l        # Show listing of a zipfile -t        # Test if a zipfile is valid -e target # Extract zipfile into target dir -c src ... # Create zipfile from sources

Using nothing but the standard library, you can list, test, extract, and create “standard” zipfiles, just like this:

numfar:~ janderson$ python -m zipfile -l ZZT.ZIP
File Name                                             Modified             Size
TOWN.HI                                        1990-01-24 17:10:16         1590
TOWN.ZZT                                       1991-11-02 18:50:24        73959
CAVES.ZZT                                      1991-11-02 18:56:04        80376
DUNGEONS.ZZT                                   1991-11-02 18:56:58        71378
CITY.ZZT                                       1991-11-02 18:58:24        63943
DEMO.ZZT                                       1990-01-26 01:35:58        26465
TOUR.ZZT                                       1991-11-02 18:48:52        33941
ZZT.DAT                                        1992-01-10 16:59:24        35823
ZZT.CFG                                        1992-01-10 15:29:30           18
HELPME.EXE                                     1994-01-30 20:21:42         6288
ORDER.DOC                                      1997-09-26 15:56:28         5174
HELPME.DOC                                     1994-02-18 10:46:16         7884
PRINTME.BAT                                    1991-10-19 21:59:28          274
ZZT.EXE                                        1992-05-21 08:38:24        47764
LICENSE.DOC                                    1997-10-09 16:14:50        26112
license.txt                                    1997-10-09 16:10:30        14428
ORDER_UK.DOC                                   1997-09-26 16:43:46         4967

Ubuntu’s openldap SASL authentication mechanism

In preparation for the possibility of new users at civilfritz, I’ve been trying to set up openldap on slice1. 10.10 uses a cn=config tree to configure openldap, which I don’t have any experience with. That’s fine, but I have found it particularly difficult to find documentation about.

I eventually found OpenLDAP’s documentation on cn=config, and eventually understood that the ldif literally stored on the disk serves to define the configuration tree.

That left me still wondering how Ubuntu intends you to authenticate to the directory. It turns out that Ubuntu sets up an EXTERNAL authentication mechanism, and I found examples of its use.


It’s getting so much clearer now! I knew I wanted to learn about sasl.

It turns out that dn’s of the form uid=<username>,cn=<mechanism>,cn=auth or uid=<username>,cn=<realm>,cn=<mechanism>,cn=auth represent virtual identities that don’t actually exist in the directory. You usually set up a mapping between these virtual identities and entities stored in the directory, but the default ACL permits access explicitly to gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth. I can’t find explicit documentation about ldapi and cn=peercred,cn=external,cn=auth yet, but it appears that, when I do, it will basically just describe the virtual identity tree as an interface to access a user’s unix identity via an IPC socket.

Another update:

While it’s true that the ldif stored at /etc/ldap/slapd.d is the literal backend storage for the cn=config hierarchy, you’re not meant to modify it directly (because, for example, the server stores things that you might not specify, like a structuralObjectClass attribute). Once I figured out how to modify the directory as root, (sudo ldap${foo} -Y EXTERNAL -H ldapi:///) everything made sense.

Mumble is good code, easy to get running

In an effort to attract actual users to civilfritz (and, by extension, encourage some certain people to join me in some Pathfinder, I’ve set up a preliminary Mumble server at

Mumble’s server application, Murmur, was already included in the repositories for Ubuntu 10.10, and it basically installed ready-to-go. What’s more, the client application worked flawlessly on my Debian Squeeze netbook.

Memory use was even reasonable. An idle server consumed 3-4MB, with each additional user (up to my sample size of 2) using an additional 2-3MB. I think that’s reasonable, anyway. Per-user memory overhead will probably drop with more users, too.

gave up on b43

Much to my shame, I’ve given up on the open-source b43 driver for my hpmini’s wi-fi controller. I’ve got a bug report open with Debian on the DMA exception that continued to plague my system, but nothing has come of it yet. In the mean time, the binary-blob-laden wl driver is working fine for now.

usefulness of tools

It’s interesting to me how dependent the usefulness of a tool is on the person using it. More specifically, it is important to match the right tool with the right person.

I think it’s safe to say that this netbook was never particularly useful to Andi; yet here I am, watching films on it while waiting for my flight in the airport.