Well that was a bit of process.

The best set of instructions I found were here.

I think a lot of the other instructions I found assumed you were at firmware version 1.00.62. The CYT unlocker program seems to only work with this firmware version.

The CYT unlocker program is a Windows console-mode program. It seems to run under Wine, but I switched to Windows before I realised that possibly my problems running it under Wine were related to the firmware version on the RTP300 and not a problem talking to the network.

All of the remaining steps on the above page could have been performed on Linux. In fact, the CYT unlocker program merely makes a HTTP POST to a specific URL (and I think it could just as easily be an HTTP GET) and then starts up a webserver on port 2400 to hand an XML blob of provisioning information when the RTP300 requests it as a result of the HTTP POST. A Linux version would be easy to implement.

In all of the futzing around, I noticed this gem in the HTML source of the web interface:

*********************************************************
*   Copyright 2005, CyberTAN  Inc.  All Rights Reserved *
*********************************************************

This is UNPUBLISHED PROPRIETARY SOURCE CODE of CyberTAN Inc.
the contents of this file may not be disclosed to third parties,
copied or duplicated in any form without the prior written
permission of CyberTAN Inc.

This software should be used as a reference only, and it not
intended for production use!

Now that I've unlocked it, I guess I should try and make it talk to my Asterisk box...

When we first moved to the US, I wanted to try and do the telecoms and Internet stuff as cheaply as possible, while still trying to be technologically "fun" as well.

I elected to get the cheapest home phone line (local calls only) I could get with AT&T (then SBC) (which is still remarkably expensive) so that I could get DSL (which, while three times faster than what I'd had previously in Australia, was still not that fast). (I went for DSL over cable because I'd heard horror stories about Comcast's reliability, and also they weren't cool with running servers or inbound services, Sonic is, and is a great ISP). I chose Vonage for US long-distance, I think because I'd heard of them previously, and was interested in trying out VoIP.

We initially used Vonage for calling Australia as well, until I played around with Engin, and then deployed Asterisk.

Anyway, I've been a loyal Vonage customer for exactly three years. The truth is, we hardly make any US long distance calls. We've got friends in Phoenix (hi Craig and Sarah!) that we call infrequently. I guess there might be the odd cell phone that isn't considered a local call, but we tend to use our cell phones more than the home phone anyway... So we were a very cheap $14.99 a month for Vonage.

So when I called T-Mobile to purchase a SIM card for the Android Dev Phone 1 I'd been recently given, the opportunity to have their T-Mobile @Home in place of Vonage, for an extra $9.99 on top of what I was paying for the cell phone line seemed like worthwhile cost saving. I have no attachment to the incoming number for the Vonage line, we give out the AT&T land line number to people as our "primary" home number.

Later that day, Vonage announced they were increasing their monthly fee from $14.99 to $17.99, which made the decision seem all the more prodigious.

I did a spot of research while I was waiting for the @Home box to ship to me, and it turns out that they have a wireless router and non-wireless router option. They hadn't specified what I was getting at order time, and I was hoping I'd get the non-wireless router, since I already had an access point I was perfectly happy with it. As luck would have it, I received the wireless router model (a Linksys WRTU54G-TM). I'd mentally prepared myself to be receiving just another Linksys RTP300, like what Vonage used, and so I was quite surprised by the differences in technology used.

It's been a while since I tried to do any reverse-engineering of the Vonage ATA, but I think from memory, it was essentially that: an ATA. It talked SIP back to Vonage. My DSL provider gave me a few static IP addresses, so when I got it, I just allocated one for Vonage, and did a static NAT through my firewall to for it, and everything just worked.

It was fairly apparent that the WRTU54G-TM was nothing at all like this (given it was also an access point). It takes a GSM SIM card (up to two in fact), which I presume has all of the provisioning information on it. I was initially worried that I was going to need to completely rejig my network to accommodate it. I guess the SIM card approach means there's no customer specific provisioning that presumably otherwise needs to be done to the device itself, and they can just ship vanilla devices. I presume the Vonage RTP300 had some sort of customer-specific configuration, because I never had to do anything.

I briefly toyed with the idea of running two access points, and having a "guest" wireless network, but I am interested in reducing heat and power consumption in my linen cupboard, so I decided to try and just swap over to using the WRTU54G-TM as my access point, retiring my Linksys WAP54G.

So that's exactly what I sat down to do last night. Sometimes in their efforts to make these things "simple", they end up making things more complicated. What I wanted to do was just plug the "Internet" side of the device into my internal network, have it get an IP address with DHCP, and then let me get on with configuring it. The "advanced" setup instructions talked about the box having a default IP address of 192.168.0.1 ("or try 192.168.24.1 if that doesn't work"). I figured the DHCP IP address would override that, so I was trying to hit the IP address I could see the unit had picked up from my DHCP server.

No response from the HTTP server. I could see it replying to ARP requests, and I could see what appeared to be an IPsec NAT-T connection. After some fiddling around, I twigged that I was trying to manage it over the Internet port, and any device worth its salt was going to be very hardened out of the box on what it expected to be the raw Internet-facing side, so I plugged my laptop directly into one of the four Ethernet ports that it also had, and then I could hit the 192.168.0.1 IP address and access the management interface.

It never occurred to me prior to fighting with getting the WRTU54G-TM configured, that the RTP300 might have been more than a black box, as I'd never tried plugging anything into the "inside" ports on it, mainly because I'd never intended to use it as a router or a switch.

Out of the box, the WRTU54G-TM was configured to be a router, which I didn't need, and it was configured to be a DHCP server for 192.168.0.0/24, which I definitely didn't want. An interesting side-effect of putting it into bridging mode was the MAC address changed (to the one that was printed on the unit, which was not how out of the box it presented itself). I have no need or intention of plugging anything into the "inside" Ethernet ports on the WRTU54G-TM, as I have a separate switch for that, and indeed I run my wireless network on a different interface of my firewall to my wired network. Fortunately I was able to enable the management interface via the "Internet" interface.

The added benefit of the device doing NAT-T is I don't need to allocate an IP address to it for the VoIP stuff it work, it all just works fine without it, so I've freed up an IP address, removed two devices from my linen cupboard, added one new one, and saved some money. Woot!

Next, just because I can, I'm going to try and break into the RTP300 and see if I can reconfigure it as a general purpose ATA to talk to Asterisk. There's evidence it's possible. It's otherwise of no further use to me. Even if I get it working with Asterisk, it's not of a lot of use to me. Maybe I can send it to a family member, and they can call us over the Internet for free instead of for the cost of a call to Brisbane...

It's not a holiday without a road trip, especially with petrol prices being lower now than they were three years ago when we arrived here.

So we headed off on Christmas Day for San Simeon, with the general plan to tour Hearst Castle on Boxing Day (which isn't a public holiday in the US, but is a company holiday), and then head to Thousand Oaks, to visit a friend of Sarah's who also had heart surgery this year, and then head home.

We'd hatched this plan a few months ago, and afterwards, saw a news piece on the "Civic Musical Road", and when we discovered it wasn't too far from Thousand Oaks in the grand scheme of things, we decided to throw that on the itinerary as well.

I found a five-part "making of" documentary on YouTube, along with what I presume is the original commercial, and of course, we had to record the experience.

Making of, part 1

Making of, part 2

Making of, part 3

Making of, part 4

Making of, part 5

Presumably the final commercial

Our experience (on the relocated version)

Seriously.

It reads more like a worked example, without enough of the underlying theory. It doesn't help that I have a slightly more complicated situation, in that I have a filesystem on a logical volume that spans 6 physical volumes.

So maybe writing all of this down will help...

I know the disk with the problem: /dev/sdc

I know the LBA of the sector where the rot starts: 754238963

I know that the physical volume is on /dev/sdc1 and that the partition starts at sector 63 (via sfdisk -luS /dev/sdc)

Therefore, within /dev/sdc1, we're talking about block number 754238899 (754238963 - 64)

I know the physical extent size is 4096 Kb (via pvdisplay -c /dev/sdc1 | awk -F: '{ print $8 }'). In LBA block size this becomes 8192 (2 x 4096)

I know the physical extents start 192K (into the partition, presumably) (via pvs -o+pe_start /dev/sdc1)

This is where the Bad block HOWTO starts to quicken the pace a bit on me...

I'm supposed to take the physical partition's bad block number (754238899) and divide it by the size of the physical extent (in LBA block size) (8192). So that'd be 92070.

This is where I think I end up completely departing the HOWTO, because my filesystem spans multiple physical volumes. Here's my general musings...

lvdisplay --maps /dev/data/srv tells me this about /dev/sdc1:

  Logical extent 272326 to 391559:
    Type                linear
    Physical volume     /dev/sdc1
    Physical extents    0 to 119233

So I'm inferring from this, given that I know I want physical extent 92070 of this device, that this corresponds to logical extent 92103 (again, I'm expressing this in LBA block size, so that's (272326 / 8192) + 92070

So now I supposedly know the logical extent (in LBA size) of the bad block. Now what? I think I'm wandering up too many layers, closer to the physical filesystem, but I'll continue wandering around...

So presumably at this point, I just want to convert the logical extent to an actual filesystem block number. Maybe the logical extent number divided by the extent filesystem block size divided by the LBA block size? 92070 / (4096 / 512) = 11508. That feels awfully low though. The dd test suggests this is incorrect.

At this point I'm feeling fairly lost. If someone out there is reading this, and they've done this before, I'd love to hear from you.

So it turns out if you wait long enough, you do get to piece the information together:

.
.
.
Too many illegal blocks in inode 209158151.
Clear inode? yes

Restarting e2fsck from the beginning...
/srv contains a file system with errors, check forced.
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Entry 'denemo_0.7.7-3.1_hppa.deb' in /debian/pool/main/d/denemo (211845291) has deleted/unused inode 209158151.  Clear? yes
.
.
.

I'm watching paint dry while e2fsck does its thing on a ~2TB filesystem (the one with all the good stuff on it on mirror.linux.org.au).

I'd seen a spate of kernel errors during the week about "attempt to access beyond end of device" so I figured it was due for one.

Let's take this output for example:

apollock@disco:~$ sudo e2fsck -y /dev/data/srv
e2fsck 1.40-WIP (14-Nov-2006)
/srv contains a file system with errors, check forced.
Pass 1: Checking inodes, blocks, and sizes
Inode 209158151 has illegal block(s).  Clear? yes

Illegal block #12 (1620503259) in inode 209158151.  CLEARED.
Illegal block #13 (2992116621) in inode 209158151.  CLEARED.
Illegal block #14 (1657577172) in inode 209158151.  CLEARED.
Illegal block #15 (1168774619) in inode 209158151.  CLEARED.
Illegal block #16 (993415032) in inode 209158151.  CLEARED.
Illegal block #18 (1611893880) in inode 209158151.  CLEARED.
Illegal block #20 (2939071693) in inode 209158151.  CLEARED.
Illegal block #21 (1714919190) in inode 209158151.  CLEARED.
Illegal block #22 (1450852455) in inode 209158151.  CLEARED.
Illegal block #23 (3482149179) in inode 209158151.  CLEARED.
Illegal block #24 (4143923374) in inode 209158151.  CLEARED.
Too many illegal blocks in inode 209158151.
Clear inode? yes

Restarting e2fsck from the beginning...
/srv contains a file system with errors, check forced.
Pass 1: Checking inodes, blocks, and sizes
.
.
.

How much more work would it be to tell the administrator the name of the file associated with inode 209158151? That'd be a lot more useful to most mere mortals than the inode number. I suppose if the filesystem is in a really bad state, ascertaining that information may be difficult...

Time to play with debugfs while I continue watching paint dry...

Mike Hommey took some inefficient shell scripting to task.

I feel obligated to point out that more $file | wc | awk '{print $1}' is not the same as wc -l $file.

To get the same output, you're going to need one of:

cat $file | wc -l

or

wc -l $file | awk '{print $1}'

I suspect cat is going to have a faster startup time than awk... (On my system, gawk is an order of magnitude bigger than cat)

My home Asterisk configuration has been pretty static for a while. It works well, and so I haven't had a need to mess around with it.

There's a couple of outstanding features I've wanted to implement for a while though, and I've now got one of them out of the way.

All calls that come in from the local PSTN line, the Vonage ATA, and the SIP connection to Engin, hit a menu, where the caller selects whether they want to speak to Sarah or myself. The sole purpose of this is to determine what to do with the call if no one answers (which voicemail box or cell phone to send the call to). A convenient side-effect of this is that it defeats most telemarketers.

Ages ago, I set up caller ID announcement to my MythTV setup, so if we happened to be watching TV or a recording when a call came in, it briefly popped up on the TV.

Fortunately, we're not huge square-eyes, and spend more time goofing off on our laptops, so I wanted a way to display notifications on our laptops when calls came in as well.

I had this crazy design in my head of having a server process on my Asterisk box, and then clients on our laptops could connect to it, and be informed of new calls. Before I went on a coding frenzy, and did something with the Observer pattern and more socket programming than I really wanted to, I thought I'd check if this was solved problem. Turns out, it kind of is.

I found the Notify application for Asterisk (which I've made a package for Debian Etch), which blats a UDP message to particular host as part of a dialplan. It's more intended to go in person-specific extensions, but as the majority of calls go into the main menu and never come out before hitting a person-specific extension, and I still wanted to know about them for my own perverse pleasure, I added multiple calls to the Notify application in the main menu dialplan.

The site for the application also mentioned some third-party clients for Linux and MacOS, but I've been looking for an excuse to try and write something that used Growl, so I wrote my own Python application, initially on Linux, and then I essentially swapped out the pynotify code for the equivalent Growl code, and it worked just as well on Sarah's Mac.

So it's not quite the solution that I had in mind, because it doesn't really scale, but for our two-user home setup, it's adequate. I might still try and write some middleware between a client for this application and an infinite number of observers, but there's no urgency.

The dialplan for our main menu now looks something like this:

exten => s,1,Background(for)
exten => s,n,AGI(mythtv-cid.agi)
exten => s,n,Notify(${CALLERID(num)}|${CALLERID(name)}|${EXTEN}/icarus)
exten => s,n,Notify(${CALLERID(num)}|${CALLERID(name)}|${EXTEN}/iapyx)
exten => s,n,Set(TIMEOUT(digit)=5)      ; Set Digit Timeout to 5 seconds
exten => s,n,Set(TIMEOUT(response)=10)  ; Set Response Timeout to 10 seconds
exten => s,n,Background(names/sarah)
exten => s,n,Background(press-1)
exten => s,n,Background(for)
exten => s,n,Background(names/andrew)
exten => s,n,Background(press-2)
exten => s,n,WaitExten

A call comes in, hits the menu, and the caller ID info is displayed on MythTV (if something's being watched) and our two laptops (if they're awake).

Unfortunately my Git-fu is atrocious, so I can't figure out how to link to a web-browseable repository that contains the source for my client, but if I figure that out, I'll update this with a link later.

Update

I managed to summon enough Git-fu to put the repository online. It's available at http://git.andrew.net.au/?p=asterisk-notify-client.git;a=summary

Now I just have to use it properly.

There seems to be a bit of a meme here...

I have a set of computers that I frequently reinstall for testing purposes. The "zomg! The host key has changed!" gets very tiresome very quickly.

Host reinstallalot
        UserKnownHostsFile /dev/null
        StrictHostKeyChecking no

I'm reading the Red Hat I/O Performance Tuning Guide, because hey, it's all Linux, and I might just learn something.

So far, I've learned that RHEL doesn't have sysfsutils. How very weird.

Unlike the /proc/sys/ file system, the /sys/ file system does not have a utility similar to sysctl that can make such changes persistent thoughout (sic) system reboots.

and

However, as mentioned in Section 4, “Selecting a Scheduler”, any tuning made though echo commands to the /sys/ file system is not persistent throughout system reboots. As such, to make any scheduler selection/request queue settings persistent throughout system reboots, use /etc/rc.d/rc.local.

Of course, for all I know, this information may be out of date with respect to the current release, but Debian's had sysfsutils since November 2003.

Netflix really is a great service. (That is why I bought some shares in them after all) I like their core product offering, and I like that they're fairly switched on technically with their website. Now I also like their phone support.

We were supposed to receive Clerks: Tenth Anniversary Edition, but we received the bonus disk instead (I'm not even sure how you can do that, it doesn't appear to come up when you search for "Clerks"). I reported it as mislabeled, via the website, but this wasn't really accurate: the sleeve said it was the bonus disk. We'd just been shipped the wrong disk.

I wasn't sure whether the mistake was that we'd received the wrong disk, or that it was misrepresented in the DVD list on the website. I discovered that our $13.99 a month seems to entitle us to 24-hour telephone support (can you believe that?), so I called them up, bashed in our customer identification number, and in under a minute at 11:48pm on a Saturday night, was connected to an all-American sounding "Jill", who very quickly identified that we had indeed been shipped the wrong DVD, and so organised for the right one to be shipped out.

The entire experience was delightful. Yay for Netflix having competent phone support.

It wasn't me.

I just learned about Rovio courtesy of an advertisement in last month's Wired, magazine.

My initial thought was that it might be useful for Sarah's feral cat trapping antics, but alas the FAQ says it's not recommended for outdoor use, so I doubt it would perform well in low light.

Having just watched the promotional videos, I see where this would come in very handy in the smart home I'd like to build one day... It'd be so cool if when we were away from home and the home detected an intrusion, notified me, and then dispatched a Rovio to show me what was going on. Then I could call the police if necessary.

The one immediate downside I can see is that it only seems to support WEP. How 2001.

I've always installed the smartmontools package on my servers because I figured it'd maybe give me some early warning about an impending disk failure.

Getting proper SMART access was one of the motivating factors in moving my home-brew SAN from IDE-to-USB disks to native SATA.

Since then, I've had two drives fail on me. One of the original four that I bought, and the replacement one that Seagate shipped to me. (Incidentally, I love how your only recourse to a replacement drive failing with Seagate is they'll ship you another (reconditioned) replacement drive. I can see the shipping expenses racking up very quickly).

I decided to do the expedited return when the second drive failed, just because it meant I didn't have to be without a disk in my RAID-10 for a week while I waited for them to receive my drive and turn around and ship me a replacement drive, and it also meant I didn't have to mess around with packaging it myself.

(Incidentally, I wonder what happens in Seagate's reconditioning process? Will someone else get my failed drive (i.e. the same serial number) after they replace the platters or whatever it was that failed? Would it be interesting to set up a website where people could register the serial numbers of drives they returned to Seagate, and how they died, and at how many power-on hours? How many times does a drive get "reborn"?)

Whilst I was waiting for the replacement drive to arrive, I messed around with the failed one (I removed it from the RAID array), fiddling with the SMART self-tests that smartctl can initiate for you. The faulty drive failed the long self-test at the same LBA every time I ran it.

It was around this time that I realised that the default configuration that comes with the Debian smartmontools package isn't all that useful with SATA disks.

It ships with

DEVICESCAN -m root -M exec /usr/share/smartmontools/smartd-runner

which, as it turns out, doesn't detect SATA drives properly. I got

Nov 24 22:00:13 minotaur smartd[2990]: Device /dev/sda: ATA disk detected behind SAT layer 
Nov 24 22:00:13 minotaur smartd[2990]:   Try adding '-d sat' to the device line in the smartd.conf file. 
Nov 24 22:00:13 minotaur smartd[2990]:   For example: '/dev/sda -a -d sat' 

logged. It seems to me that if the software can detect this situation, it should be able to just try the "-d sat" behaviour automatically.

So it seems that this whole time, I haven't been getting any SMART monitoring of my SATA drives. hddtemp has been happily logging the temperatures for me though.

So I took the advice in the comments of /etc/smartd.conf and removed the DEVICESCAN entry in favour of explicitly naming the disks I wanted to monitor.

I also discovered that I can have smartd kick off scheduled short and long self-tests on whatever schedule floats my boat.

So now I've got something like this:

/dev/sda -d sat \
         -M exec /usr/share/smartmontools/smartd-runner \
         -s (L/../.././01|S/../.././(00|12))

This runs a long self-test at 1am every day, and a short one at midnight and midday. Hopefully this will help predict the next drive failure a bit earlier.

I'm now debating whether to set up an active Nagios monitor for SMART, or to see if I can write a passive one that runs as part of the smartd-runner infrastructure that the smartmontools package provides (and is pretty neat). I guess it's already setup to email me, so it doesn't really matter whether it's Nagios emailing me, or smartd itself.

My ankle still isn't quite right since I sprained it back at the end of August.

It still looks more swollen compared to my other foot, gets stiff when elevated, and my foot doesn't have the same range of movement as my left one.

I trundled off to a podiatrist yesterday, and he had a poke around, and then looked at it under a fluoroscope while he torqued my ankle.

Based on that, it looks like I have a anterior talofibular ligament instability. When he torqued my ankle in one direction, there was a 1.5cm gap between the bones of my foot where there should have been about a 0.5cm gap. This ligament's position certainly corresponds with where there's still some swelling, so it makes sense.

I've got some (utterly boring) exercises to do, and I have to go back and see him again in 5 weeks. He said surgery may be necessary to fix it, as left uncorrected, I could have a bad time with arthritis in my 50's, and there'd be not a lot that could be done about it at that stage.

So we went out and bought a balance board last night, and I'll be spending the small amount of time I watch TV standing on one leg.

Looks like I might be in my very first class action.

Excitement, he wrote.

10.0.1.218+10.0.0.525ubuntu1~hardy1+really9.0.124.0ubuntu2

Sheesh.

Those infamous Somali pirates have hijacked an oil supertanker

A Saudi oil supertanker at that. Carrying $100 million worth of oil, which I believe was headed for the US.

They've also got the Ukrainian ship full of tanks and what-not, which apparently pissed off the Russians.

I predict that real soon there's going to be serious action in that part of the world...

I've had this crazy ATA over Ethernet SAN for my MythTV setup for as long as I've been running MythTV. I'm using minotaur, an old Pentium III 1RU VA Linux server as the "head".

Originally, I had 4 IDE hard drives, attached to minotaur via IDE-USB adapters. This worked perfectly fine, but I missed the ability to query SMART information, and do other low-level drive tweaking with hddparm

So a while ago, NewEgg had a sale on 750Gb SATA drives, and I bought a 4 port eSATA card, and took the plunge with SATA. That all went fine.

The entire time, I've had the 4 hard drives themselves just sitting on top of minotaur, on cork trivets. The whole arrangement is in the bottom of our linen closet, as this is where the patch panel for the apartment is.

I've graphed the temperature of linen closet for some time now, but the benefit of having hard drives connected via SATA was that I could easily graph the temperature of them as well, which I started doing recently.

The catalyst for wanting to do this was that I had a drive fail, and I was concerned that they were getting too hot, just sitting in the closet with no airflow. Matt Bottrell's recent reminder of Google's research into hard drive failures also helped bring this concern to forefront.

Seagate's product documentation for the Barracuda 7200.10 claims that ambient operating temperature must be between 0°C and 60°C. I'm assuming that's the environment the hard drive is in, and not the temperature of the drive itself as reported by something like hddtemp. The closet is typically in the high 30's. If you believe what SMART reports, it seems to imply that anything over 45°C is a Bad Thing^tm.

So after I had a drive fail, I figured I should probably try to do something about the temperature situation, and started looking around for an external enclosure.

I'd previously had problems with the IEC-to-Molex power supplies I was using to power the disks, and think that they'd been the cause of some failures of my IDE disks, so was quite eager to stop using them as well, which was something else an external enclosure would give me.

I had trouble finding an enclosure that presented 4 separate eSATA ports, and I was talking to Marc about SATA port multipliers, when he mentioned he had a brand-new unused full-height SCSI enclosure, for four disks, which was surplus to his requirements. Since all I really needed was external power and cooling, I thought I could cannibalise this to my needs.

Sure enough, I could just remove the SCSI cables and their Centronics connectors, and feed the eSATA cables out the gap they left, and use the molex-SATA power splitters I already had. Because the enclosure was intended for full-height 3.5" hard drives, there was plenty of air space between each disk. The enclosure included two fans.

The results? Well the graph speaks for itself:

(I'm not entirely sure why minotaur's internal disk occasionally reports a very low temperature)

The added bonus is I've cleaned up the rats nest of cables in the linen closet. So thanks very much, Marc!

(or Taxation without Representation)

Wow, it's finally over, and best and right man won. I'm very excited and happy with the result.

It has been very interesting being able to observe the entire process from start to finish. All the primaries and caucuses, the protracted battle between Clinton and Obama in the Democratic primaries, the record breaking money Obama raised, the campaigning, the misinformation.

It'll be very interesting to see what the next four years brings. It's an exciting time to be living in America.

California is an interesting state. It has "ballot initiatives". Its constitution can (and has been) amended by essentially referendums whenever there's some other excuse for a vote. Anyone can propose a ballot initiative with sufficient backing by petition. Wikipedia has a good writeup of all of California's propositions. Probably the most controversial one this time around is Proposition 8, which seeks to essentially reverse the same-sex marriage right that the Californian Superior Court ruled on earlier this year.

This concept of ballot initiatives seems to trickle all the way down to the city level, where they're called Measures. San Francisco has some ridiculous number of them this time around. They use letters, and I think they go all the way to V. There's one to rename a sewage treatment plant after George W Bush, there's one to decriminalise prostitution. A co-worker who lives in San Francisco brought the official voter guide book to work with her today. It's about the size of a phone book and about 1.5 centimetres thick. I don't see how it's possible to make an informed decision on everything you're expected to vote on, when there's that much reading.

The observation I've made is that Americans seem to have an inherent distrust of their governments, so that's why so many bits of it are directly elected by the people. Judges are voted for, county sheriffs are voted for. You vote for your school board. It seems like very few positions of any power are appointed by someone.

Coming from Australia, where it's really the opposite, I'm not sure what I think is better. I think I like the simplicity of the Australian system. You vote for someone, and you essentially delegate power to and place trust in them.

These add-on scripts make it very easy, and need their Googlejuice boosted, so people don't find the stuff on the forums first.

For part of the 32 hours I spent inside a plane crossing the Atlantic, I watched Recount.

I wanted Sarah to see it as well, so we got it with NetFlix and watched it tonight.

I have no idea how factually accurate the movie is, but I'll assume all of the bits that were on the public record were vaguely correct. I'll assume the chad factor with the ballots was correct. The movie portrayed the US electoral system as a complete and utter shambles. The thing I found most striking was that the recounts keep having deadlines that weren't met, and the whole recount got discarded as a result. The process seemed incredibly flawed.

It got me wondering how the Australian vote counting goes, given it's completely manual. I might have to volunteer as a scrutineer when we wind up back in Canberra.

I highly recommend watching this movie if you can get your hands on it.

I got a voicemail message at home from UPS for a Christopher Pollock. I've previously received some mail for him as well, so I went searching, and it turns out that he lives elsewhere in my apartment complex.

Not long after we moved to the US, we were picking up a pizza from Pizza Hut, and someone else was also picking up a pizza for "Pollock". It seems my last name is more common than I thought.

Neil:

$ host -t txt manpages.debian.net
manpages.debian.net descriptive text "Javier Pen~a <jfs@debian.org>"
manpages.debian.net descriptive text "PGP D6 91 BB 89 88 7A F7  A0 BA E4 27 FD 7A 6A FE DA"
manpages.debian.net descriptive text "PGP 86AA DB04 D2F5 CC55  3A4D 940F B1A9 DD82 DC81 4B09"

I'm wading through my email and saw a recent announcement about the miniconfs that have been accepted for linux.conf.au 2009, and Debian was conspicuous in its absence. That's a bit of a shame.

We're heading off on a vacation, the first real "put our feet up" kind of vacation since our belated honeymoon a couple of years ago.

Our ultimate destination is the Seychelles, a tiny set of islands off the east coast of Africa, near Madagascar. Sarah's aunty and uncle live here. Her uncle's the deputy commissioner for the United Nations Indian Ocean Tuna Commission.

Getting there is pretty heinous. We're flying to Houston, then to Dubai, then to the Seychelles. Originally we were leaving tomorrow, but Sarah noticed that we only had an hour to transfer in Houston, and when she checked with the airline, they agreed (despite them booking the entire trip in the first place). So now we've changed to a flight today, with a night in a hotel in Dubai. Emirates only fly to the Seychelles a couple of times a week, so we really don't want to miss the Dubai-Seychelles leg. The flight from Houston to Dubai is 15 hours. That's worse than San Francisco to Sydney. Not looking forward to sitting on a plane for that long.

Flying on September 11 is an interesting experience so far. It seems that the airlines are "randomly selecting" all passengers who aren't US citizens for secondary inspections at the security checkpoints. I was vaguely aware, but had largely forgotten, that if they print SSSS in the bottom corner of your bording pass, then you've been randomly selected. The TSA guy was very apologetic, as he proceeded to completely dismantle our carry-on luggage.

The other fun aspect is that hurricane Ike is busy making its way towards Houston. It's not supposed to make landfall until Saturday, but since they've already evacuated some cities south of Houston, I'm really hoping it doesn't bugger up our flights.

We're in the Seychelles for 10 days, and then we're going to spend 3 days in Dubai on the way back. It'll be during Ramadan, which is apparently an unpopular time for Westerners, so all of the hotels are nice and cheap. It looks like it's going to be pretty hot as well.

I saw that the inimitable Steve Kemp has cranked out an RBL for hosts that do brute force SSH attacks within seconds of thinking about doing it.

As I have a passing interest in such things, and discovered that his sample submission client is really more geared towards people using iptables with the LOG target (and I use the ULOG target), I cranked out this moderately flexible Python client for logs written by ulogd this evening.

If you use Netfilter rules like mine, you can use my script after /var/log/ulog/syslogemu.log gets rotated with:

$ ./report_iptables_ulog.py --log /var/log/ulog/syslogemu.log.1 --prefix SSH_brute_force

It's hard to believe, but it's a year ago today since the worst day of my life.

In so many ways, it feels like so much longer, yet the memories still haunt me.

I was playing racquet ball with Kendall yesterday, and I was running backwards, towards the front wall to try and get behind the ball, and my right ankle rolled underneath me as I was putting my right foot down.

There was a really nasty internal crunching sound, and it hurt like hell, so I thought that maybe I'd broken it. I was able to walk home from the Club, so I figured it wasn't broken, but the swelling was pretty bad.

Several hours later at Urgent Care, they confirmed with an x-ray that it wasn't broken, so it's now strapped up and in an ankle brace. I have to keep off it for 10 days.

I seem to have pretty bad ankles in terms of rolling. I quite often stop myself from stepping down on my foot when the ankle's rolled inwards slightly. Back in May I rolled my left ankle a bit, just crossing the street, and it's still sore.

John Goerzen writes an entertaining piece on his ongoing battle with Dell to stop receiving advertising from them.

(The comments on the post are rather interesting in themselves)

I say "good on you, John" for taking a stand. Now that I know of these prohibitory orders, I might try them out on Pennysaver so I stop getting their stupid catalogs.

A while ago our junk mail situation got completely out of hand, and at the time I found 41pounds.org, which for a very reasonable $41, did a very good job of stopping pretty much all of the addressed spam.

About the only thing we get now is a small wad of catalogs that USPS delivers to every resident, which isn't explicitly address to us by name, just the apartment number. That and these stupid "checks" from Washington Mutual that we can use against our credit card account with them. They give me the screaming heebie jeebies, and I shred them on sight, because I've seen how insecure cheques are.

I, for one, like Lucas' idea.

Eddy Petrișor wrote about doing some sort of user supported thing for snapshot.debian.net, which I was saddened to learn from his post had reached capacity in May.

I think rather than relying on the generosity of random users, the Debian Project should just throw some money at the problem. It's got more than enough. Disk is cheap.

I'd think that with a few fully loaded SR2421's and an Ethernet switch, you'd be laughing.

Somehow (thankfully) I've managed to avoid much to do with backups in my career as a sysadmin. It's always been someone else's responsibility, that's been fine by me.

For some reason, I've been more paranoid lately, and with all of the crazy shit I've been doing to daedalus, I wanted to have a backup, just in case. Maybe it's old age.

So a while ago, I went and had a stab at setting up Amanda, since pretty much whenever I've been near a bunch of sysadmins and someone asks for a recommendation on what to use, "Amanda" is the answer.

I jumped through all of the hoops to have caesar be the backup server, and daedalus be a client. I set up a virtual tape library on caesar. I think I then lost interest for a while, until I was going to upgrade daedalus to Etch, and I wanted to have a successful backup first.

I had the holding disk and the virtual tape library on the same filesystem, and it was nice and big, yet I kept running into this error about insufficient space. "dump larger than available tape space" was the complaint.

I tried making the filesystem larger. I tried adding more virtual tapes. Nothing would placate it. After another round of Googling, I discovered that the problem was because Amanda would only only span a maximum of four tapes, and the filesystem I was trying to backup was way bigger than that. So I told it to use up to 10 tapes in a run (runtapes 10) and then lo and behold, I got a successful backup out of the sucker.

So that was mostly all good, but occasionally a backup would fail, or fail once an succeed on a retry, because tar exited non-zero, with "file changed as we read it". I did some more Googling tonight, and discovered this Amanda/GNU tar compatibility matrix.

It turns out that the version of tar and the version of Amanda shipped in Debian Etch aren't compatible with each other. Suck! Oh wait, they're maintained by the same person! Argh!

So aside from the occasional backup failing due to a file being written to at the time of the backup, it's working fairly well. My DSL link isn't the fastest, so a full backup of daedalus can take over 48 hours to complete, but I'm not paying for inbound bandwidth at home, so it's not a big deal.

I initially thought that to do a restore, I'd have to run amrecover on daedalus, and then I'd have to stream the contents of multiple tapes back to it at the appalling uplink speed of my DSL connection, but fortunately amrecover has a sethost command, so I can restore just the files I need on another machine local to caesar at LAN speeds, and just transfer the files I restore to daedalus. So that's all pretty neat.

I quite like the FTP-client-like interface of amrecover. It's cool how you can use setdate and just go back in time.

I had the opportunity to do a test restore recently when one of my users nuked his Maildir directory by accident. Unfortunately I was unable to recover the needed files in that case, and I'm not entirely sure what the problem was, so there's some more testing to be done before I'll be fully confident that I can rely on it.

There's a lot of configuration options available as well, and I think I got the config I'm currently using from a template or something, so there's probably a fair bit of tweaking I can do.

Oh, and I'm constantly reminded of this quote from a previous life, where technical details bubbled too far up non-technical management:

"Who is Amanda, and what is her role in the backups?"

Spoken by a co-worker, fighting with nano, when all he wanted was less to browse the installer log to diagnose why an installation with d-i failed.

One of the things I've wanted to do since I discovered that Caltrain (and the VTA light rail) are well-equipped to take bikes, was go for an outing further afield on our bikes using one of these methods of public transport.

So we finally got around to doing that yesterday, when we threw our bikes on the train, and BART, and went for a ride around Golden Gate Park.

The grand plan was to bike to the Caltrain station, take Caltrain to Milbrae, BART to downtown, then bike from there to the park, and then catch an afternoon showing of The Dark Knight in IMAX at the Metreon, then bike back to the BART station, and reverse the whole thing.

We had a minor hiccup in that Sarah had just gotten her bike back from a friend she'd lent it to, and as we were about to head to the Caltrain station, discovered that it a broken spoke. She managed to extract the spoke and we got to the station with a couple of minutes to spare.

It turned out that Mike's Bikes were fairly close to the BART station, so we stopped in there on way to the park, and they were able to fix the spoke on the spot in 20 minutes for the princely sum of $21.

Unfortunately the weather was pretty typical summer San Francisco weather, and it was quite cold and foggy. It didn't get any better as we got closer to the park (and the coast), so the ride around the park itself wasn't terribly exciting. The hill we had to get over (Hayes Street) was a bit of a slog. On the way back we saw the filming of a Japanese Nissan commercial (complete with right-hand drive car).

I'd done some research into bike parking beforehand, and found that all of the parking garages are required to provide bicycle parking, and there's a pretty comprehensive list.

So we parked our bikes in the Moscone Center garage, which was about a block from the Metreon, and went and caught the movie.

The Dark Knight was really good. Very... dark. I really liked Ledger's portrayal of the Joker, much better than the original. I wonder if they'll just keep re-imagining the Batman movies over and over? There was pretty good continuity from Batman Begins. I thought the voice of Batman was a bit ridiculous though, at least initially. You kind of got used to it after a while.

Anyway, we got back to the parking garage, and some lowlife had cut through the cable lock that we'd used to lock our bikes to each other and the rack, and stolen Sarah's bike! Annoyed does not begin to describe it.

We trundled off the seven or eight blocks to the Hall of Justice to file a report. The SFPD weren't the least bit interested, really. The somewhat astounding thing was the bike racks were right behind the cashier's office, and there was video surveillance, and someone still managed to just walk right in, cut the cable, and walk out with the bike. We checked with the duty manager, and he reviewed the video footage and said they have footage of him walking in and then walking out with the bike. So hopefully the police will get hold that.

We have to see if we can dredge up the purchase documentation for the bike and see if the serial number is recorded. I have no idea if we'll ever see the bike again. Our renter's insurance may cover it, but I suspect the deductible won't make it worth our while to make a claim.

I have to say (and it's not like it's a recent discovery or anything) that the Bay Area's public transportation is a joke. It cost us $32 to go from Mountain View to Downtown San Francisco, via Caltrain and then BART. Our Prius takes about 11 gallons at worst, and with gas prices being at say $4.30 a gallon, that's about $47 a tank. We get about 400 miles out of a tank usually, and it's vaguely 40 miles from home to the guts of Golden Gate Park. So it's cheaper, and faster to drive to San Francisco than it is to use a bicycle and public transport. Particularly when you factor in the risk of theft of your bicycle.

Our next bike lock will be one of those fancy Kevlar ones.

Well that happened, and uneventfully as well.

Now if only IntaServe actually made it possible to update glue records, everything would be done...

What is it with domain registrars and glue records? Are glue records that much of an edge case these days that no one bothers having an interface for managing them?

I've found a new colo for my server, and Brent has kindly offered to do the remote hands work for me tomorrow. Fingers crossed it'll be fairly smooth...

I just became aware of this electric lawn mower via Woot!

I never minded mowing the lawn, when it was a decent kind of yard (i.e. level). This mower looks like it'd take the fun to a whole new level: hardly any noise, and no smoke.

I just need a yard now...

So hot off the back of my successful upgrade from Sarge to Etch, I thought I'd try the new "Etch and a Half" 2.6.24 kernel on daedalus

Let's just say that it's times like these that I'm glad I got the serial-over-LAN thing working, and have remote power.

I spent many hours today rebooting, trying to get to the bottom of why it wouldn't work.

At first, I thought it was hanging, but then I realised it was dropping to a shell in the initramfs, and just not making that very obvious because the serial over LAN console is a bit crappy.

Once I realised what was going on, I did some poking around.

It seemed like udev wasn't getting started properly, so when it went to assemble the mirrors, that failed, because the component devices couldn't be found, then it freaked out because it couldn't mount the root filesystem.

If I ran the relevant bits of /scripts/init-premount/udev by hand, the SCSI devices appeared, and I could manually assemble the mirror, and mount the root filesystem, which was handy, because I also discovered that you can boot with debug on the kernel command line, and it logs the initramfs run to /tmp/initramfs.debug. So that was a convenient way of preserving the log, because there seemed to be some characters in it that made inspecting it over the serial console difficult, and there was no way to get it off the machine from the initramfs environment.

As far as I can determine, it's telling udev to start, but it certainly isn't still running when it bombs out to a shell after failing to mount the root filesystem. It's not immediately clear if there's something later on that is stopping it again. I've put the log here in case anyone's interested in looking at it. This was with the addition of "x" to the options of the shebang line of /usr/share/initramfs-tools/scripts/init-premount/udev so that I could see what was happening when /scripts/init-premount/udev ran.

So I don't think the kernel itself is at fault, it's some sort of weird udev/initramfs interaction.

Rather than further rebooting the tripe out of daedalus, I'll have to see if I can reproduce the problem on a less important machine locally to do further debugging. In the meantime, I'll have to stick with 2.6.18.

Well that certainly wasn't worth the amount of angst I'd pre-allocated it.

The upgrade went reasonably smoothly. Lowlights included:

• aptitude wanting to uninstall sendmail in favour of exim4. I think mailman was the culprit. I wasn't in the mood to get to the bottom of it, I just upgraded Sendmail first, then stuck it on hold, then Aptitude decided to upgrade Mailman as well, which is what makes me think it was Mailman
• inetd coming back from the dead. I probably removed all of the rcN.d links instead of just the start ones.
• gallery got upgraded on me despite it being on hold, so I had to scramble to repatch it afterwards to reenable friends.andrew.net.au

I'm certainly glad to be getting security updates again. Given how smoothly this went, I'll definitely not procrastinate on upgrading to Lenny when it releases.

I'm starting a dreaded dist-upgrade of daedalus to Etch. I'm feeling very apprehensive about it, mainly because it's a good 14,000 km away from where I am.

So apologies in advance if I flood any Planets due to the Blosxom upgrade doing something weird.

Today is our third wedding anniversary.

We're marking the occasion by having a night at the Tickle Pink Inn, which I can vouch for as being very nice indeed.

Unfortunately I ended up on-call this week, so my day off tomorrow isn't going to be as idyllic as it could have been.

It's hard to believe we've only been married three years. I think we've already been through more than a lot of married couples would have to go through in a lifetime.

Here's to at least another 50 years.

Unfortunately the free ride I've had for the last oh, gee, it must be something like four years, is coming to an end, so I have to find somewhere else to co-locate daedalus. Thanks Ben, you've saved me a packet!

The first step is to figure out roughly how much traffic this thing is doing. Fortunately I've been running Argus on it for donkey's ages, so I should be able to figure that part out.

Then I have to find a colo facility, (preferably in Brisbane, to avoid too much dicking about with moving the hardware), which won't charge me an arm and a leg for traffic. I'd prefer a flat monthly fee if possible.

I also need to do some soul searching to decide if it's even worthwhile continuing to keep a physical server. I could move my mail to Google Apps, the photos to Picasa, but I kind of like my blog the way it is. I spent a non-trivial amount of money of daedalus about 3 years ago. It's a grunty server. It seems something of a shame to get rid of it, but I could potentially get a virtual server a lot more cheaply.

The other option would be to try and generate sufficient income with it to cover its costs, but that has all sorts of tax implications, not to mention having to maintain a service level agreement. I really don't have the time or inclination to be doing all of that on the side.

All stuff to think about.

I have an amorphous month to move my server, so if anyone out there has suggestions on a colo provider in Brisbane, please drop me a line.

Sarah just got her University results for semester 1.

A distinction and a credit.

That was starting the semester recovering from heart surgery. I'm very proud of her.

She's doing three subjects next semester, and then she's finished first year. Pretty impressive progress really. I know I wouldn't stand a snowflake's chance in hell of doing well studying externally.

I'm in the process of converting my poor-man's SAN from IDE disks attached to the host by IDE-USB adapters to SATA disks attached by eSATA to SATA cables.

I had some spare time tonight, so I thought I'd prepare the new RAID-10 on brutus. The intent is to then take the 4-port USB 2.0 card out of minotaur during a lull in recordings on Saturday, and put it in brutus as well, and do a giant pvmove, then put the 4-port eSATA card back in minotaur with the new disks attached.

So I've got the 4-port eSATA card (a Silicon Image SiI 3124) in brutus, and I've built the RAID-10 with mdadm and it's busily reconstructing.

I'm getting a reconstruction speed of around 60Mb per second (/proc/mdstat says 60254K/sec right now). I have no idea if that's good, bad, or indifferent.

I do know that output of hdparm -tT is very nice by comparison:

apollock@brutus:~$ sudo hdparm -tT /dev/sda

/dev/sda:
 Timing cached reads:   260 MB in  2.01 seconds = 129.06 MB/sec
 Timing buffered disk reads:  222 MB in  3.01 seconds =  73.77 MB/sec

compared to

apollock@minotaur:~$ sudo hdparm -tT /dev/sda

/dev/sda:
 Timing cached reads:   162 MB in  2.02 seconds =  80.20 MB/sec
 Timing buffered disk reads:   48 MB in  3.04 seconds =  15.78 MB/sec

Those times are with a reconstruction running on brutus and a recording being written to the array on minotaur, so not the most controlled benchmarking environment.

If I can sit on my hands long enough, I'll try some benchmarks from the MythTV machine, comparing the performance of the SAN before and after switching disks.

Bastian Venthur has discovered how to enable tab completion in the standard Python interpreter.

Good to know, but I'll still stick with ipython. It offers tab completion by default, and a lot more.

We currently have fifteen cats in the house. Only three of them are ours.

When Sarah was contracting at Google, she started an informal, but company-endorsed trap/neuter/release program, because the basement of buildings 40-43 had a bit of a stray/feral cat infestation.

Since she left Google, she's continued doing trappings on an on and off basis.

She got a call a couple of days ago about a litter of kittens behind one of the other buildings, so she headed off last night with one of her crazy cat lady friends, and they proceeded to catch one of the kittens. She brought that home, and I went back with her, and the mother, which seems fairly feral, had been caught in a trap. The rest of the kittens seemed to have managed to secrete themselves away inside a generator behind the building.

This morning, with some help from various facilities types, she managed to extract the other four kittens from the generator. So that put the mother plus five kittens in the spare room (in a large cage).

At more or less the same time, Sarah got news of a litter of six kittens that need rescuing from down Gilroy way (some woman in a trailer park didn't seem to realise that boy cat + girl cat = kittens), so after grabbing the other four kittens this morning, she headed off to Gilroy to grab them.

So the current plan is to get the mother cat of what we'll call the Google litter desexed on Tuesday and then release her back where she came from. Her five kittens are young enough (~8 weeks) that they can be socialised and won't be feral. The six Gilroy kittens are from non-feral parents, and are about 11 weeks old. All of the kittens are old enough to be desexed as well, but Sarah can't get them into Palo Alto Animal Services for desexing for a couple of weeks, so I suspect we're stuck with them in the interim, unless Sarah can find foster homes for them. To cap it off, we're going to Sacramento for the weekend, so we have to get one of our friends in the complex to take care of them all.

The sad thing is the Gilroy Six seem to be in worse condition than the Google Five. They've got pretty poor coats, and seem to have some diarrhoea. Hopefully with a better diet they'll pick up. They're all very cute. The first one of the Google Five that Sarah caught last night is particularly cute. I expect Sarah will get some photos of them all up soon.

If anyone is in the Bay Area is interested in a kitten, we've got them by the near-dozen.

The current autofs package in Debian unstable has twenty-nine patches applied to it.

The Ubuntu autofs package in Hardy Heron LTS has thirty patches applied to it (twenty-nine of them being the Debian ones).

We discovered a bug today in Hardy's autofs, which will undoubtedly also affect Debian's autofs as well, which is apparently fixed in the likes of Red Hat Enterprise Linux for something like four years.

So either Red Hat is doing a shoddy job of feeding patches back upstream, or upstream is doing a shoddy job of accepting them.

The fact that Debian has to carry twenty-nine patches suggests something is similarly wrong in our camp.

We've been finding various problems in autofs in our environment recently, and have accumulated maybe half a dozen patches or so in the last month. I'll have to make sure that they get fed back into Debian and Ubuntu at the very least. Given the nature of one of the bugs we found today, I have grave doubts about the code quality of autofs. I have to wonder if it's worth rewriting from scratch in Python or something.

Now that Tim Connors has taken the lid off it, I feel I should opine on the matter.

Microblogging is just not terribly exciting for the reader. I don't see the point in aggregating it.

I don't particularly find Mikal's blatherings terribly exciting reading. I don't find Stewart's twitterings much fun either. I think Facebook's status updates are a better way to poll such things, myself, and it's where I confine my "microblogging" to.

I think one of the things that used to make reading blogs more worthwhile than reading mailing lists was the high signal-to-noise ratio. Back in the day, there was a bit of a "cost" or barrier to entry for writing a blog post. For most blogs, it wasn't as easy as writing an email. I still hand-craft my blog posts in HTML, so for me to write something, I have to have enough inclination to fire up an editor and write the words. Often I run out of motivation half way through a blog post, and just end up scrapping it. I'm sitting on a few more lengthy posts that I haven't managed to summon up the energy to write at all yet.

I think some of the "push-button publishing" out there is rapidly commoditising blogging, to the point where it becomes as easy or easier than writing an email. And we all know what happened to email...

Blogging for me is essentially a journal. I like to use it to refer back to. To share what I'm doing with others. Occasionally it can be cathartic. Often it's a substitute for going to work and telling my co-workers about what crazy geeky thing I've done in my spare time. Mostly it's for me. The fact that I choose to share it with the world is not really a primary motivating factor for me, it just makes it more accessible for me, and sometimes helpful for others.

We recently joined The Club of Mountain View, because it just happens to be around the corner, and we both want to try and get back into some semblance of shape.

The Club has pretty reasonable facilities. It has a large cardio room, a large weights room, a group exercise room where they do a number of classes, and a spinning room. It also has three racquetball/handball courts, as well as an indoor basketball court.

Pretty much all of the facilities are included in the monthly membership, so Sarah went and booked a racquetball court this evening, and we had a bit of a whack.

We didn't have a clue how to play, so it was just basically half an hour of belting the ball around, and I have to say, I really liked it.

I haven't played squash since high school, but didn't enjoy it, because I was more used to tennis, and constantly misjudged where the racquet head was, hence missing the ball. I never really liked the characteristic of a squash ball either.

I really like tennis, but I have habit of getting carried away and belting the tripe out of the tennis ball, either sending it completely out of the court (over the fence) and far away, or at the very best well and truly past the back line of the court and into the fence.

Racquetball seems perfect for me. I can belt the living daylights out of the ball. It can't get lost. The racquet is short and reasonably large. There's a very satisfying thwack sound to boot. In short: I like it.

Newegg.com just had a special on 750Gb Seagate SATA drives, so I thought it might be a good opportunity to replace my 400Gb IDE drives with ones that can be connected to the host by something less ghetto than IDE to USB 2.0 adapters. Who knows? I might even lash out on some kind of enclosure, instead of sitting them on cork trivets on top of the computer they're attached to.

So once the drives turn up, all I'll need to do is replace the PCI 4 port USB 2.0 controller with a PCI 4 port eSATA controller.

I'm a total SATA ignoramus, so if anyone has any suggestions on what's good, or what to avoid, shoot me an email.

Martin Krafft did a nice, if overly complicated writeup on disk encryption with Debian.

Martin stated his main motivation for the setup he describes is having separate filesystems whilst still employing encryption, and not entering a passphrase per filesystem at boot.

My laptop is encrypted. I have multiple filesystems, and I only enter one passphrase at boot. I used the standard installer and did nothing beyond what it offered me. I'm using LVM. I have an encrypted root filesystem and an encrypted PV for LVM, and that's the end of my partitioning.

Sarah and I did the 50km route of Tour de Cure today. Many thanks to those who sponsored us. It was looking a bit dubious for me making the $150 minimum for a while. Sarah raised $170.

We couldn't have asked for better weather, really. It was clear, not too hot, a light breeze. The 50km route was very doable. All of the hills involved were rolling, so it wasn't too much of a slog.

This was the first major bit of exercise that Sarah's done since her heart surgery, just over 5 months ago now. She held up well, but was totally exhausted afterwards. Some of the uphills were a bit tough on her. I'm totally out of shape as well, and was expecting it to be much harder as a result, but I was pleasantly surprised at just how doable the ride was. That said, we both had a decent nap this afternoon after a dip in the pool.

Apparently the 75km route had some gruelling hills in it, so I think we'll stick to the 50km one if we do it again next year.

We actually got home last Sunday, but I've been too jetlagged, and then too busy with work to really have a chance to write anything...

We got back in at around 2pm, but our bags fell victim to Heathrow's Terminal 5, and didn't arrive until around 11pm. I think I lasted until about 8pm, when I had to crash. Poor Sarah had to stay up until 11pm when they finally got around to delivering our suitcases.

The week in Zurich was wonderful. The Zurich office is everything the photos make it out to be, and then some. One weird thing: apparently there's some Swiss regulation about how much you're allowed to cool a building in relation to the outdoor ambient temperature, so there's no air conditioning in the office. Instead, you can open the windows. Unfortunately, there's a fairly busy set of train tracks right beside the office, so it can get a tad noisy... It was a pretty warm week, I think around 30°C. I certainly prefer being colder rather than hotter when indoors, so found the lack of decent cooling to be a shame, given the rest of the building's features.

That said, it was pretty amazing sweltering away in Zurich, and then looking up and seeing snow on the mountains. It was surprising how much of a temperature difference there was.

On the last evening in Zurich, we went on a reconnoitre to try and find the river that we could hear (and see on the map) behind our apartment. We eventually found some street access to it, and it was another world back there. It was fairly thickly wooded, and the sunlight was heavily filtered through the trees, so it was cool and shady.

The river was fairly fast flowing over some rocks in parts, which is what was making it so audible. The whole setting was absolutely beautiful. There were a couple of paths, and the whole thing felt like something out of a fairy tail. We think we stumbled onto a fox, but we're not sure. It's a shame we only discovered the place on the last day, as I'd have liked to have explored it further.

I really liked Zurich. It was nice and flat, and had an excellent tram service. Monday Night Skate made me wish I'd packed my roller blades. We were wandering around on Monday night, and it felt like the entire city had donned skates and were going out. Apparently the authorities really get behind it, and close roads, and the police go along behind the pack and reopen the roads behind them and pick up the stragglers. Great way to encourage an active lifestyle.

We've got all of our photos up now from the Europe trip, and they're here.

This brings the total countries I've visited up to 10, excluding Hong Kong and Macau. I don't like selecting China when I generate this map, as I've never been to mainland China.

Russell Coker wrote something about converting between timestamps since the epoch and human-readable dates.

I haven't fully parsed his post because I'm still half asleep, but I feel the need to point out the @ operator that I discovered last year in newer versions of GNU coreutils.

apollock@icarus:~$ date +%s
1212672691
apollock@icarus:~$ date -d @$(date +%s)
Thu Jun  5 06:31:50 PDT 2008

It seems a bit shorter than what Russell was using, and presumably does the same thing.

We got back to Zurich late last night (not quite as late as we got into Prague though, thankfully).

We stopped off in Deggendorf on the way through Germany to visit our friend Christine from the Bilbys, who has moved back to Germany, along with her Australian boyfriend, who is now furiously learning German (we're talking a year-long immersion program).

Deggendorf was a gorgeous little town, with cobblestone streets and more Churches than you can shake a stick at. Unfortunately we could only stay for a few hours, so we had a barbecue lunch and a quick wander around, and headed off on our way again.

This morning we dropped the rental car back at the airport, had one of our typical misadventures on the train (went the wrong way at first) and then caught a tram back to the apartment. Everything being in German is a bit of a challenge. Parts of it you can make out, parts of it are totally unintelligible. There seems to be a general tendency to concatenate words, for example, our apartment is on what would translate to "Rehalp Street", but in the local vernacular, is expressed as "Rehalpstrasse". So when you're looking around and trying to follow directions, the names don't seem quite so ludicrously long and intimidating if you just drop the "strasse" or the "brücke" (bridge).

The car that we rented from the Zurich airport developed some kind of non-critical fault on the way to Prague, and Sarah exchanged it for another one in Prague, as Hertz seemed unable to fix it. (It had the "check engine" and "check vehicle stability control" lights on). So we drove to Prague in a petrol Toyota Auris, and drove back in a diesel Audi A3. We both preferred the Auris over the A3, as the A3 seemed easier to stall, and harder to recover from a stall. Putting it in reverse was totally unintuitive as well.

Speaking of fuel, it sure is expensive over here. We paid about 60 euros in Germany somewhere to put about three quarters of a tank in the Auris on the way to Prague, and we spent about 100 CHF to refill the A3 in Zurich. I think Sarah said the diesel cost converted to about $9 USD per gallon.

So it was a nice novelty value to drive across Europe, but I don't think we'll be doing it again in a hurry. I did enjoy driving on the autobahns though.

While I'm writing about driving in Europe, I might as well make a note about the traffic signs. We really should have researched them before hopping behind the wheel, as there were quite a few we didn't understand, and they weren't terribly intuitive (to us anyway).

For example, versus versus

The first is the pretty internationally standard "no entry" sign, but when you see the third sign in isolation, it seemed to us at least, that perhaps that meant "no entry", where it actually means "no standing". "No parking" is a variant of "no standing", with just one diagonal line. The middle sign means "no vehicles", which makes no sense at all, unless you've seen (and understood) the other versions of this sign, which have lesser restrictions of "no cars" or "no bicycles" and feature an icon of either inside the circle.

Speed limit signs were also a bit interesting. You'd have , which specifies a speed limit, but then you'd have , which means "End of speed limit". Our question was "well what is the speed limit now?" The answer seems to be "the default national limit for the class of road you're on".

The final set of signs we didn't understand until Christine explained them to us when we saw her yesterday, were and , which are "priority road" and "end of priority road", respectively. We just didn't know what a priority road was. Turns out it means traffic on the priority road has right of way over traffic on roads intersecting it. I would have thought this was pretty obvious, but apparently on a non-priority road, you have to give way to traffic on the right, regardless of whether you have a stop sign or a yield/give-way sign. So there's some sort of implicit four-way stop thing going on on a non-priority road.

Every time I see European traffic signs, particularly the triangular warning signs, it gives me a flash back to my childhood. My Aunty Peggy used to have a huge big bag of mixed Lego pieces, including a bunch of European traffic signs, and some square Lego mats, and when we were kids, and we used to go to her house to play, we'd build little towns out of all of the Lego.

This was the first time we've driven a manual left-hand drive car, and it was fine, except your immediate subconscious reaction the first few times is to go reaching for the gear stick with your left hand, and bash it into the door. It was also the first time we've driven on a roundabout on the right hand side of the road. That was interesting, because it added an additional thing to think about: the traffic on the left.

I thought I'd throw the Etch and a half kernel on my laptop, mainly because I wanted better battery performance, which I suspected I'd get (and powertop would work).

So far, all I've noticed is

apollock@frobnitz:~$ sudo iwlist eth1 scan 1>/dev/null
Warning: Driver for device eth1 has been compiled with version 22
of Wireless Extension, while this program supports up to version 20.
Some things may be broken...

It seems the appropriate people are already aware of it, and it's purely cosmetic.

Been rather busy, so I haven't had a chance to continue recording the trip...

We got into Zurich (albeit late), without incident. Immigration was the biggest joke ever. There was no paperwork at all, and we just handed our passports to the guy, who just looked at them casually, and waved us through. No stamp, no scan, no nothing. It was a bit disappointing really.

We got our rental car, and drove around aimlessly for a bit, until the GPS got lock, and then headed for Prague. We went through Austria, where the guy at the border did give our passports a more thorough inspection, more because we were confused and were waving them at him. He also gave us a stamp. The woman from Hertz told us we needed to buy some sort of highway sticker for the car to drive in Austria (wow it's hard to type "Austria", "Australia" just keeps coming out from muscle memory), so we bought one of them and stuck it on the windscreen, and then promptly entered Germany.

The autobahns in Germany are wicked! Everyone's screaming along at a ridiculous pace. The fastest I got up to was 180 km/h. The roads themselves were surprisingly quiet, and only two lanes.

We stopped off for dinner somewhere in Germany, and finally arrived at the hotel in Prague at about 1am on Sunday morning, so it took about 7 hours instead of the 6 that we'd estimated.

We got to bed by about 2am. I woke up at about 10am, then went back to sleep until about 2pm. We finally ventured out for a bit of exploration at about 3pm on Sunday.

One observation about Czechs: they seem like a pretty dour bunch. Here we were wandering around, being all wide-eyed and touristy, smiling at everyone, and they'd just scowl back at you, no matter how hard we tried to get a smile out of them.

After that initial wander, we discovered that there was a Metro station right across the road from the hotel in another direction, so we caught that to go and check out Prague Castle. The Metro system is another one of those great subway systems that I love. It ran regularly, so you didn't need to concern yourself with a timetable. The ticketing was a bit bizarre. It seemed totally honor-system based. There were no barriers to stop you getting in or out.

It was fairly late by the time we got to Prague Castle, so we just wandered around the grounds, took a look inside Saint Vitus's Cathedral, and caught an orchestral performance in Saint George's Basilica, then headed back to the hotel.

Everything at Prague Castle was pretty mind-blowing. The size of grounds. The view. Saint Vitus's Cathedral. The Cathedral was huge. When you stepped inside and looked up... words can't describe it. It was amazing.

Unfortunately, we didn't bring a camera with us, so we don't have any photos from the Sunday excursion, but Sarah went back this afternoon, and her photos are here.

I think the thing that struck me the most was that here were some seriously old buildings - older than my home country, and they were in amazingly good condition. They really built things to last back in the day.

The weather so far has been pretty miserable, and if the forecast is anything to go by, will remain miserable until we drive out on Saturday.

We've survived, language-wise. The default language of the hotel staff seems to be English, and most random people we've had to interact with seem to speak English. I feel really arrogant and rude just speaking in English to people without first asking if they speak English, but I'm also getting really sick of starting every conversation with "Do you speak English?" The printed language is by and large indecipherable.

The currency, which in English is called a "crown" is crazy. One US dollar buys about 16 Czech Koruny, and the prices are ridiculous. A glass of wine at the hotel is maybe 250 CZK. Granted, the hotel prices are obscene, but seeing triple-digit prices for a glass of wine seems totally bizarre.

The prices in general seem pretty steep. Sarah said she got a 2 koruny coin in change today. We've got no idea what you'd actually use that for.

Last night, after the conference had finished for the day, we wandered off in a different direction again, and wandered through the grounds of Vyšehrad Castle. The Cathedral of Saint Paul and Peter has an amazing graveyard in it, including the grave of the composer Dvorak. We grabbed some dinner at a nearby restaurant, which was substantially cheaper than the hotel restaurants. Again, we forgot to take a camera with us.

Heh, in the 11 or so hours since my last blog post I've received two emails from people going "yeah BA is crap!"

Well the flight itself was fine. The plane was nice. The entertainment system was pretty decent. The UI was all touch screen based, which made it less clunky than Qantas'. Food-wise, I thought the dinner tray was pretty loaded with stuff.

Only problem is that the flight was running about 10 minutes behind schedule, then had to hang around in the air at Heathrow for about 10-15 minutes, so we didn't make our connecting flight. BA bumped us to the next one without any problems, so now we're chilling out in the spiffy new terminal 5 BA lounge for an hour. I guess an hour just doesn't have enough fat in it for a connection.

Terminal 5 is pretty shiny in general. Hopefully our bags won't get lost.

(Well we haven't even gotten on the plane yet)

I'm pretty sure that this is the first time I've flown British Airways.

Sarah and I are off to Zurich via London, and when we rocked up at the airport to check in, we couldn't get seats together. We're sitting in the middle seat in front of each other.

We were quite taken aback by this, as we've done a fair bit of flying together and never had this happen before. We mentioned this to the customer service person when we dropped our bags off, and she told us the reason was because they have online check-ins, all the seats go from people checking in online. They only seat people together with infants, in parties of three, or in a wheelchair. She went on to say all the airlines are like that.

Not in our experience.

So once we got through security and into the BA lounge, I thought I'd try again and see if we could get reseated. The customer service person in the lounge had a quick glance at the computer, and told me there was nothing available. There was no attempt to re-seat other passengers travelling alone, or anything. It looked like she based her inability to do it off the available seats.

I'm just really surprised.

It's stinking hot. Right now, at nearly midnight, it's 22.9°C downstairs in the living room with the air conditioning on, and 32.5°C upstairs in the bedroom, with the window open.

No prize for guessing where we're sleeping tonight.

Last weekend, Sarah and I went to the Maker Faire again. I love how I don't even have to negotiate with Sarah to go, she loves it just for watching the Combot Cup, where the combat robots destroy each other spectacularly.

Ever since Jon Oxer gave his Hardware/Software Hacking: Joining the Real and the Virtualtalk at Google about, I got vaguely interested in electronics again. The Arduino board seemed like a pretty cool thing to hack on, and since it seemed like I'd need to get vaguely electronically savvy to do a thing or two for the dream home we want to build one day (which coincidentally seems to quite similar to what Jon's currently building), I figured I'd have to get my act together and learn the difference between an Ohm and an Amp.

The last time I dabbled in electronics was as a kit, with the ubiquitous Dick Smith Funway 1 kit.

So the Maker Store at the Faire had copies of Making Things Talk, bundled with an Arduino starter kit, so I lashed out on one of them, a BoArduino, and a little breadboard-based electronics kit.

I've been flicking through the Making Things Talk book, and reading the projects. The Arduino board seems really cool. The Processing/Wiring language seems fairly straightforward.

I'd decided that my "project" would be a water monitor for the cat water bowl. We have a dish with a little tank on it, not unlike the office water cooler, and it usually lasts about 7 days. We typically refill it on a Saturday as part of the weekend chores. Sometimes our schedule gets a bit disrupted (we go away, we have visitors) and we forget. Or worse, we're away, have a house sitter, and they completely forget to check it. It's only happened a couple of times, but we really don't want to neglect the cats.

So I thought a water sensor would be a perfect project. One of the projects in the book involves a Bluetooth modem, so I figured that as the MythTV box has a Bluetooth adapter, and would be within range of the water bowl, I could use it to monitor the water sensor (as well as stick a blinking light on it). The end goal is to have the house call us (via Asterisk and eSpeak) if the water bowl gets empty.

So I ordered a Bluetooth modem, the exact part number in the book, and it arrived on the weekend, and I got around to playing with it today.

To cut a long story short, I was messing around with it attached to a USB to TTL serial cable, and I was trying to get it to talk to my laptop, and instead of swapping the TX and RX lines, I swapped the V_CC and ground lines, and well, I let the magic blue smoke out.

What I discovered, after the fact, was that the Bluetooth chipset had been changed since the book had been written, and so the commands for the chipset were different. So most of my second-guessing whether I had the TX and RX round right way was because of that.

So I'm miffed with myself for frying the thing within hours of getting my hands on it, and I'm miffed with the supplier for maintaining the same product ID for a product that has changed componentry.

Chalk that one up to experience...

To add insult to injury, Spark Fun is out of stock of the (cheaper) item that it turns out I want instead. I doubt I'll get my hands on it until after we get back from Zurich, so it'll be another three weeks before I can begin to make any progress. I guess I can try to prototype the water-sensing part with the board connected to my laptop with the USB cable in the meantime...

We've been blessed with really wonderful neighbours in our apartment building. We know four out of the seven households in our building really well.

A while ago, we thought it'd be cool to rent a house and have a weekend away together, so we booked it for this weekend, rented a house in Rio Monte on the Russian River, and hung out together for the weekend.

Eight adults, 3 kids, and we're all still talking to each other afterwards.

Trying to coordinate outings with 2 small kids nap schedules was tricky, so we only made it to the Korbel winery, but we picked up some cheap champagne (an I thought you could only call it champagne if it came from Champagne, France).

Sadly, because Gavin and Christina have a second son on the way, they've bought a house up in greater Sacramento, and are moving out next weekend. We'll miss having them and Aiden as next-door neighbours.

We've decided that we should make this an annual event, so there'll be an annual "building 4" reunion.

Photos from the weekend are here.

Sarah and I are doing the Tour de Cure again this year, like we did in 2006, again as part of the Google team.

This time around we're doing the 50 kilometre ride, since the 25 kilometre one was a bit of a cakewalk. That said, the fitness levels of both of us are pretty abominable at the moment, so it'll be interesting.

So this is the obligatory grovel for donations. If you'd like to make one, you can do it at http://tour.diabetes.org/goto/andrew_pollock

Here's what I'm not spamming people with:

I recently accepted the challenge of cycling in the American Diabetes Association's Tour de Cure fund-raising event. The Tour de Cure is a series of cycling events held in over 80 cities nationwide. The Tour is a ride, not a race; it features different route lengths from a leisurely 10-mile course to a demanding 100-mile journey. I have joined thousands of others to pedal in support of the Association's mission: to prevent and cure diabetes and to improve the lives of all people affected by diabetes.

I am asking you to help by supporting my fund-raising efforts with a donation. Your tax-deductible gift will make a difference in the lives of more than 20 million Americans who suffer from diabetes and another 54 million people in the United States with pre-diabetes.

Any amount, great or small, helps in the fight against this deadly disease. I greatly appreciate your support and will keep you posted on my progress. If you want to do even more to help, please consider joining me in this great event. Our efforts will help set the pace in the fight against diabetes.

More information on the American Diabetes Association, its programs and diabetes in general can be found at the Association's Web site: www.diabetes.org.

For more information on Tour de Cure, please visit www.diabetes.org/tour.

Holger was wondering what tense people write their changelog entries in.

I'm pretty sure I always write mine in the past tense.

Sarah's favourite American city has an online store.

Steven Hanley was pondering how to keep /var/cache/apt/archives empty on the mirror that I help administer.

This sounds vaguely similar to mounting the /usr filesystem read-write at the start of an APT run and read-only again at the end. (A practice I used to believe in, but due to various package upgrades making /usr busy for no good reason, and it artificially inflating the maximal mount-count and prematurely causing a fsck at boot, I've discontinued)

So, putting

DPkg::Post-Invoke { "apt-get clean"; };

in /etc/apt/apt.conf (or in a file in /etc/apt/apt.conf.d) ought to do the trick.

...is just not enough time to see the place properly.

I took Friday and Monday off, and Thursday night a week ago, Sarah and I flew down to San Diego for a bit of a "Yay, we've achieved normality" escape.

We'd intended to go to SeaWorld on Friday, vege out for two days, go to San Diego Zoo on Monday, then fly home on Monday night.

Well we did SeaWorld and the zoo as planned, but lazing around the pool never happened, we ended up running ourselves ragged exploring San Diego all day Saturday and Sunday instead.

We stayed at The Dana on Mission Bay, which we picked because it was the closest to SeaWorld. The accommodation was more like a motel than a hotel. There were numerous two-storey buildings across a fairly sprawling area. It had frontage onto what I presume was Mission Bay, and also had a Marina attached to it, so the outlook was quite nice. It also had free WiFi, so we could upload photos throughout the stay. The food offerings were pretty good, and reasonably priced as well.

SeaWorld was really good. It's been a long time since I've been to the Australian equivalent, but I don't remember it as being as interactive. San Diego's SeaWorld had a Bay Ray feeding area, where you could purchase food (small whole fish), and hand-feed the Bat Rays. That was pretty cool. It took a bit of a courage to leave your hand in the water, palm up, with something the size of sardine dangling between your fingers and let these huge rays literally swim right over your hand so they could suck the fish from between your fingers.

There was also a dolphin feeding area, where you could purchase some small fish again, and give the dolphins a pat on the head and then throw them a fish. I really love dolphins, and one day I'd like to be able to swim with them.

The main attraction of SeaWorld is the various shows that they do. I think we caught all of the different ones. The killer whales are just amazing. There were a few different programs where for an additional fee, you could swim with various animals. Dolphins and Beluga whales seemed to be the ones we noticed in particular.

There were a few oddities, though:

The park is owned by a beer company, so there was a part where you could go and get free samples. Two per person per day (I think on the honour system).

At least at the food outlet where we bought lunch (they don't allow you to bring in any food or drink from the outside "for the safety of the animals", so they have a nice monopoly on catering) every kid's meal came in a commemorative Shamu blue plastic lunch pail - whether you wanted it or not. There were two empty ones left on the table that Sarah and I sat down at. The lady cleaning up the tables asked us if we wanted them, and we said no, and she promptly chucked them out with the trash. This just struck me as a terrible waste. They obviously cost money and energy to produce, and they're just going to end up in landfill. They could have been washed and reused instead. I felt this was very hypocritical for a park that was trying to send people away with a message about conservation.

Other than this nitpick, I thought SeaWorld was really great. It was a good size, and it was doable in one day, in their normal opening hours. I guess it'd be a bit slower with kids. Photos from the day are here.

The next two days we spent exploring San Diego. The hotel was conveniently located on an MTS loop, which ran surprising frequently for a weekend (at least compared to public transit in the Bay Area), so we bought day passes on Saturday and Sunday and used it to get to the Old Town transit centre.

On Saturday we explored Old Town, which was a historic preservation of how San Diego looked "back in the day". In the afternoon, we also bought 48-hour tickets for the red double-decker "hop on, hop off" tour bus, and did one of the two loops that it offered.

The next day, we caught the loop in the opposite direction, and checked out Mission Beach, which was probably the best beach I've seen in California so far (although the water was still far too cold), saw some pretty cool alternative accommodation (possibly for next time), and did part of the other loop on the tour bus, getting off at the USS Midway. This massive retired aircraft carrier is permanently moored at San Diego, and for a fee, you can crawl all over most of it. It was very interesting, and gave a good insight into the life of a sailor. We blew a good 4 hours or so here, and ran out of time to see the entire thing (we didn't make it onto the "island" part of the ship, which we were a bit bummed about).

We then caught the trolley back to Old Town, and grabbed a beer at a pub that sold it by the yard glass and half yard glass. We opted for the half yard glass, since the full yard glass seemed a bit unwieldly, and we thought it looked like a hell of a lot of beer, but the half yard glass, whilst also looking like a lot of beer, was only about one and a half pints.

We then grabbed some dinner at one of the very authentic looking Mexican restaurants (they had women out the front, almost on the sidewalk making fresh tortillas on the spot) and headed back home. Photos from our exploration are here.

On the last day, we went to the San Diego Zoo (which every time I read the URL for, I read it as "Sandie go Zoo!").

This zoo is purportedly the best zoo in the country, but it really didn't blow my socks off. We seemed to have a really hard time navigating the place, and spent a lot of the day walking around in circles trying to find various exhibits. It's also in a bit of a valley, so the circles tended to be up and down hills, which was tiring. I really don't think we were very efficient at all in our coverage of the place.

The other thing that I personally found annoying was the cages. The wire was very close together, which made it really hard to take photos, because the camera would keep focusing on the wire, instead of what was behind it. I guess this is why God invented manual focus, but that made it very hard to photograph big cats stalking their cages. The photos we did manage to get are here.

Overall, we had a great time in San Diego, and it seems we didn't really scratch the surface. I'd like to go back again and see Balboa Park, the Gaslamp district, and I thought there were more naval vessels that you could look at, but I might be mistaken.

Definitely a very nice city.

Steve Kemp holds the opinion that "Debian package maintainers should be able to program/debug handle the language a package is developed in" to be a package maintainer for that software.

Naturally, as a non-C programmer, maintaining multiple packages in Debian of software written in C, I disagree.

Any bug in the software packaged is inherently an upstream bug, and the problem of the upstream author. As a Debian package maintainer, I'm responsible for how the software is packaged and integrates with the rest of the Debian operating system, but I think to make it a requirement to be overly familiar with the code base itself is too onerous.

My view is more that if the Debian package maintainer doesn't have a good relationship with the upstream author, then they should reconsider packaging it (depending on the complexity of the package).

For most of the packages that I maintain, I have a reasonably good relationship with the authors. For dhcp3, I've met with the guys from the ISC a few times, and follow their mailing lists. For dstat, the upstream author is subscribed to the package via the PTS, and pretty much always chimes in on bugs filed by Debian users.

I don't know C, but I can (generally) read it, I can (usually) refit a patch if necessary, and I know how to drive strace (but sadly not GDB terribly well). Having that skill set has served me well enough to date.

That's not to say I don't want to learn C, I've just always been served well enough by a higher level language like Perl, PHP or Python, that I've not felt the need to go cutting my teeth on C (I have always felt less of a man, not being a C hacker, though).

I have a hankering to try and write an application for Asterisk, so that'd require me to do it in C, so maybe I'll get a chance sometime soon.

Simon Rumble says the ABC should peer with all Australian ISPs.

The fact of the matter is communication links don't grow on trees. The cost to the ABC would be prohibitive, I'd imagine.

If the ABC has private WAN links around the country, and they were under-utilised, the most sensible thing to do would be to peer at each of the PIPE peering locations, where as I understand it, most ISPs worth their salt have a connection.

That said, because WAN links don't grow on trees either, the ABC is probably not forking out for more capacity than it needs. Given the never ending budget cuts that the ABC has to endure, I doubt dishing up Internet content at low costs for the downloaders is their first priority.

But yes, it would be nice if Australian content providers all peered.

I've never been much of a podcast listener, largely because I haven't gotten my act together and downloaded any on a regular basis, and partly because the iPod is tied to Sarah's iTunes on her laptop, so it's not convenient to go fiddling with the iPod. If I ever manage to get back into the swing of things and get to the gym regularly, I think I'd prefer to listen to a podcast rather than straight music, so I can hopefully expand my brain while I'm slogging my guts out on the treadmill.

Kynan and Shona have both talked about LugRadio events from when they lived in the UK, and I've been vaguely aware of it as a podcast (it's probably the first podcast I'd name if you asked me to name one). I vaguely knew that Kynan had been trying to organise something LugRadio related in the Valley for a while now.

Well, it turns out he's succeeded, and it's good to see he's gotten some credit for it as well. Onya Kynan!

So I got all excited when I went and looked at the schedule and discovered it was going to be something vaguely like a mini-linux.conf.au, I scurried off and bought a couple of tickets. Then Sarah pointed out that it's the weekend that we're going to San Diego for a four-day weekend. Oh well, at least the tickets were pretty cheap.

So, if, unlike me, you'll actually be in the Bay Area on April 12th and 13th, check it out, it sounds like it'll be fun.

I switched from Pine to Mutt as my primary email client around the time I decided to become a Debian developer, because Pine's PGP support was abysmal (it also beat building Pine packages by hand all the time).

The other bonus feature was it threaded emails, which made it easier to follow mailing lists.

It's been a very gradual learning process since I switched, and I certainly don't consider myself to be a Mutt power user. I initially really hated it, I think largely because of the concept of "old, unseen" messages, versus "new" messages, and the behaviour of the Tab key. Once I unset the mark_old variable, it got a lot more tolerable. I think at some point I either plagiarised someone's .muttrc from the Internet, or sat down with the manual (or possibly a bit of both) and came up with a config that I could live with, and it's been workable ever since.

One problem I (more recently) started having was that when I had 200-odd unread emails in my inbox, which has been pretty common occurrence in the last couple of years, and someone replied to an email in an old thread, because I wasn't necessary scrolling through all 200-odd emails (as new, unthreaded emails usually sorted chronologically at the bottom of my inbox), I'd miss the fact that the email had arrived, often for extended periods of time.

I was lamenting this problem to Sarah over dinner last night, and saying how I preferred Gmail's behaviour, where the position of a thread in the inbox was determined by the date of the most recent email in the thread.

I figured Mutt must have a sort option to be able to deal with this, and so I went rummaging in the manual last night, and discovered the sort_aux configuration variable. I've set that to last-date-received, and now I'm very pleased. I should never miss an email again. Of course, I should really try practising Inbox Zero, then it wouldn't be an issue.

Sarah and I caught an advanced screening of Run Fatboy Run tonight.

I thought it was really great. Dylan Moran was hilarious. I really liked him in Black Books, and his character in Fatboy had a lot of Bernard Black in him.

So my flight from SFO to AKL was nice and uneventful. I even managed to sleep for about 6 hours. The flight landed about 30 minutes early in Auckland, but alas, the connecting flight had some sort of "engineering" problems, and was delayed from a 6:30am departure, past 7:30am, and then the next thing I knew they were handing out bits of paper saying the flight wouldn't be departing until 10pm and we were all getting shuttled off to a hotel for the day.

So I don't really know what happened to the flight, but the same flight number is now departing this evening. Fortunately I didn't have a huge amount to do today in Brisbane (but I have no idea what Nick had intended to do today). I currently estimate I'll get into Brisbane at around 11:30pm tonight.

I've got plenty of reading I was planning on doing on the flight, which I didn't do any of, so I can keep myself occupied. I'm also going to try and catch up with Rowan and Kelly. Oh, and it was good to be able to have a shower. It sure beats sitting around in Auckland International all day.

I think this is the first time I've had a delay like this. The moral of the story? Direct flights, hang the expense!

I'm getting on a flight to Brisbane, via Auckland, shortly. My mate Nick (yes, that one), is remarrying, and asked me to his Best Man, and I could hardly say no, given he was my Best Man (and we've been friends for years)

So I'm flying out of SFO tonight, arriving in Brisbane on Friday morning, going to the wedding on Saturday, and flying home on Sunday morning. Fortunately with the time difference, I'll arrive on Sunday, so I get to walk around like the living dead for a day, and then go back to work.

Yep, I'm a sucker for punishment.

I've never been Best Man before, so I'm nervous. My speech is pretty short and sweet. Fortunately someone else is being Master of Ceremonies.

I'm slowly converting the team I work with to use the term fortnight. It's so much less ambiguous than "bi-weekly".

(Provoked by Dave Jones' post)

apollock@caesar:~$ host mirrors.kernel.org
mirrors.kernel.org has address 204.152.191.7
mirrors.kernel.org has address 204.152.191.39
mirrors.kernel.org mail is handled by 10 hera.kernel.org.
mirrors.kernel.org mail is handled by 20 zeus1.kernel.org.
mirrors.kernel.org mail is handled by 30 zeus2.kernel.org.
mirrors.kernel.org mail is handled by 999 bl-ckh-le.kernel.org.
apollock@caesar:~$ GET -H mirrors.kernel.org http://204.152.191.7/ubuntu/dists/hardy/Release | md5sum
4f053c0db4bc9d851059c0899b85f338  -
apollock@caesar:~$ GET -H mirrors.kernel.org http://204.152.191.39/ubuntu/dists/hardy/Release | md5sum
c4ba9d980e675875079bf5fea46cffd2  -

It's shit like this that makes my job that much more difficult. Back to archive.ubuntu.com we scurry. (This is obviously not Ubuntu's fault, it's just a pain in the arse nevertheless)

Disclaimer: I may well be an ignoramus with respect to the release schedule for Firefox 3 with respect to the release schedule of Hardy.

It grabs me as breathtakingly stupid to be shipping a Long Term Release of Ubuntu with a pre-release version of Firefox. I can't see how anyone can think this is a good idea.

That said, I remember a thread on ubuntu-devel, where someone was shot down for complaining about a release candidate of the Gimp shipping with Gutsy, so there's certainly a precedent for shipping stable versions of Ubuntu with non-released versions of software. I still think it's sloppy. "Bleeding edge" and "stable release" should be mutually exclusive, yet it seems they're not.

I predict dragons ahead.

I first heard about Jon Oxer's home automation setup when he visited Google last year to give a tech talk (heh, that's right, I introduced him).

After reading this latest article on his house, I've come to realise that he's implementing pretty much every cool thing I wanted to do when I get around to building the "dream house" (except I'm not too keen to go microchipping myself).

The main difference is Jon's actually electronically inclined, whereas I have all the ideas, but lack the ability to go hack them together myself.

So many things I'd like to learn, so little time to learn them...

ubuntu-keyring

I'm struggling to understand, from a casual inspection, what the change that introduced this is trying to achieve.

So it was trying to fix this bug, which is actually in a completely separate package.

I guess the first thing is to understand what this net-update mode for apt-key is.

Aha. That appears to be an Ubuntu-ism: AptArchiveKeySignatures

Anyway, having looked at the /etc/cron.daily/apt script that ships with Ubuntu's apt package, I fail to see how the changes to ubuntu-keyring address bug 192074. The net_update() function of apt-key is still going to spit out stuff.

Oh wait, I see. The cron job will still spit out output when it actually decides that something should have been done. The presence of /var/lib/apt/keyrings/ubuntu-archive-keyring.gpg will mean the stat call will return a valid mtime, so more often than not, because the mtime is unchanged, the cron job won't feel the need to actually do anything that produces output. I guess it's reasonable to produce output on the odd occasion that a key update actually occurs. Fair enough.

I'm not sure I'd be using mtimes to make the decision though. I'd be more inclined to use the MD5 checksum of the files, but that's just me.

So guess I've now had less of a casual inspection, and understand what the change was trying to achieve. It just failed miserably by not ensuring the directory existed. Oh well, patch supplied.

So I started an Ubuntu category in my blog a while ago, the intention being to document the trials and tribulations of trying to derive (and I use the term loosely) another distro.

The hope has been to get it added to Planet Ubuntu's feed, where I'd like to engage in some discourse with the Ubuntu development community, and perhaps challenge some of aspects of how they do things.

I'm not feeding it to Planet Debian, since me blathering on about Ubuntu's foibles is probably not of interest to that audience.

truckie

teamster

So today is the third anniversary of my first upload of the ISC DHCP v3 package to Debian.

It all started back in the days of the linux.conf.au 2005 organising committee. Bob Edwards, who ran the ANU Department of Computer Science computer labs (which ran on Debian at the time), was constantly complaining about bugs like #286011, once he'd found out I was a Debian developer.

So I figured I'd try and do something about it, so I think I emailed the maintainers, who had been fairly inactive (the last upload before mine was in July the year before), and asked if they'd like me to NMU the package.

I think Matt Zimmerman emailed me back and told me to knock myself out, and add myself as an uploader while I was at it, and well, the rest is history...

I've had fun fixing bugs, trying to clean things up, deal with a pretty archaic upstream build system and get the package up to current Debian standards compliance. One of the highlights was being able to finally get rid of Debian Installer's dependence on the v2 DHCP client package, so we could finally jettison the v2 packages for Lenny (which reminds me, I still have to figure out how to handle the transition from Etch with respect to that).

I've been working hard to try and get as many of the patches in Debian's DHCP packages incorporated upstream. Unfortunately, they have a totally unpredictable release cycle, and they have feature releases and bug fix releases. The feature releases are very few and far between, and they won't introduce new features into a bugfix release.

Speaking of patches, my personal philosophy is that distribution packages shouldn't differ radically in behaviour or functionality from their upstream source, so I've resisted incorporating some of the more deviant patches from Ubuntu, instead forwarding them directly upstream.

There's still a bit of work to be done with the package. The ISC released version 3.1.0 a while ago, and that's the version I'm trying to standardise on for Lenny. It's got new support for a domain-search option, which means people can stop abusing the domain-name option to set a domain search list in their clients. The domain-search option is also honoured by Mac OS X (Leopard), and I dare say Windows Vista probably supports it as well, but I haven't checked.

Unfortunately the client-side support for the domain-search option is a bit flaky in 3.1.0, so I'm hoping the ISC will release 3.1.1 real soon now, as I believe most of the flakiness issues are addressed in it. Of course, for Lenny to do the right thing consistently with this new option, #460609 and #465158 need to be resolved also.

The last thing I'm trying to sort out for Lenny is the reasonably in-demand LDAP patch. It's been floating around out-of-tree for longer than I've been maintaining the package. José L. Redrejo Rodríguez has been kind enough to clean up the patch for me, so that rather than bastardising the standard DHCP package to build a dhcp3-server package that has LDAP support, it basically builds DHCP twice, once with the patch and once without, and the dhcp3-server-ldap package just diverts /usr/sbin/dhcpd3 out of the way and plonks in the LDAP-enabled binary in its place. I hope to upload a new revision of the package that builds this new binary package within the next week (hopefully this weekend).

After that's done, and hopefully 3.1.1 has been released, and Lenny is out of the way, I'm going to focus on transitioning away from a versioned set of DHCP packages. The whole "3" in everything was to allow the v2 and v3 packages to coexist. I've sought advice from the release team about this, and they said not to bother, but it feels really gross to have the version 4 package (4.0.0 has been released by the ISC for a while now as well) be still called dhcp3, and to install into /etc/dhcp3 and other such versioned directories.

The final thing I want to look into is collaborative maintenance. I've been wanting to do this for a while, but I wanted to get the package into a revision control system (shock horror, it's not currently) and I've been baulking at how to do it the "right" way. I'm pretty sold on using Git for the revision control system, I just haven't figured out the right approach yet. Martin Krafft's articles about it have been interesting, but feel a bit overly advanced, and don't quite suit my situation. I've been hesitant to start using Git, then discover I've done it all wrong, and have to start again. I need to just bite the bullet. My upstream also doesn't use Git, and doesn't make their revision control system publicly available, so I just get the tarballs when they're released.

Speaking of upstream, I made the discovery last year that they're just down the road from me in Redwood City, so I've been trying to improve relations by getting the main folks who work on DHCP at ISC to pop up to Google for lunch every now and then, which so far has happened twice, and been good a opportunity to have a chat. In fact, they're keen for Debian to join the DHCP Forum (Debian is already a member of the BIND Forum) and I think they've started talking to the Debian folks responsible for our BIND Forum membership about extending that to cover the DHCP Forum as well.

So that's about it. I think after three years of being the sole uploader, I'll formally put myself in as the maintainer and Eloy as an uploader until I get around to implementing collaborative maintenance.

Jeremy Visser writes about the evilness of User-Agent sniffing

I tend to disagree with him, particularly after reading Wikipedia's robots.txt file, and some of the comments in there.

wget can be quite a nasty program if used incorrectly. Chances are, if you know what you're doing, you'll know how to change the User-Agent string, and therefore you're probably not going to do something dumb like try to download the entire site recursively.

If you don't, you're probably Doing It Wrong.

One of Sarah's university subjects this semester is a statistics course. One of the requirements of this course is some software package that only runs on Windows. As the only Windows machines in the house are my laptop, which dual-boots between Linux and Windows XP and goes for many months without XP seeing the light of day, and our desktop, which dual-boots between Linux and an ageing Windows 2000 installation (which blue-screens on boot at the moment because I have a Sun Quad Fast-Ethernet card in it), we figured it might be a good idea to look into getting a copy of Windows XP (especially before it stops becoming available). I wouldn't buy Vista, given all the bad things I've heard about it.

The game plan was to either throw it on the desktop (and see if it tolerated the QFE card better than 2000) or try out Boot Camp on Sarah's MacBook Pro. We ended up doing the latter.

I did all of the post-installation configuration of XP while Sarah was napping this afternoon, and I have to say I'm impressed. Apple (for whatever reason) has gone to a fair amount of trouble to make sure that Windows runs really well on their hardware, and the Boot Camp stuff is really slick. It all "just works". Even the built-in iSight camera.

So I feel pretty dirty for forking out for a copy of Windows XP (although I'm deriving some pleasure from boosting the Windows XP sales figures in spite of Windows Vista being available), and then putting it on a Mac to boot, but we'll blame the university for being uncool.

Now if I could just get the Windows version of ClamAV to make me feel confident it was actually providing some protection...

From the e2fsck man page:

SIGNALS
       The following signals have the following effect when sent to e2fsck.

       SIGUSR1
              This  signal causes e2fsck to start displaying a completion bar.
              (See discussion of the -C option.)

I was just lamenting to myself how e2fsck should default to showing a progress bar for those times when you check a multi-terabyte filesystem, and would really like to know how long it's going to take so you can decide to go to bed or not, and you've learned about the -C option after you've started e2fsck.

I'd been thinking to myself how grouse it would be if e2fsck would let you know how far it had gotten on receipt of some signal of some sort.

Ted Ts'o, I salute you.

Update

Too bad I can't say the same thing for resize2fs.

I wonder if things could go any worse if we actively tried?

So despite going back to see the cardiologist on Monday afternoon, concerned about there possibly being still some sort of infection, and being told there wasn't, on Thursday morning, the top part of the incision was looking swollen.

It looked even more so by the evening when I got home from work, and Sarah emailed a photo to the cardiologist, and he agreed it didn't look too crash hot, so he phoned a prescription for another, longer course of antibiotics through to the pharmacy, but too late to get filled last night.

By bedtime it was looking even more ready to blow, and sure enough, around 1am (it's always 1am) it erupted everywhere. Fortunately (for me), I missed all the gory details, but I think there was a fair bit of fluid built up in there.

So we went back to the clinic this morning, and they decided that they needed to open up part of the incision to let it drain and heal properly.

They took another swab to run another culture, and then got a physician's assistant to take to her with a scalpel. I've seen my poor wife go through too many painful things in the last six months. Today's was no better. Most of the problem was the local anaesthetic injections, but watching them open up the incision again wasn't much fun either. No one should have to go through as much shit in a short time as what Sarah has had to. It's just not fair.

She now has a gaping hole in her chest with some gauze packed in it, which has to be changed twice a day (by lucky old me). The idea is to let it heal from the bottom up, rather than the top down, as it seems an abscess had formed in the wound, and that was were all the trouble was. So by leaving it all open, it can drain properly, and heal from the bottom up. $DEITY only knows what sort of mess it's going to make of the incision area, but we can deal with that later. They reckon it'll take another 4-6 weeks to heal.

I'm really hoping now that with it draining, and another course of antibiotics, Sarah will be in much less pain.

I just did the evening gauze change. Fun. The opening in the incision is longer than I remembered them making this morning. It's about an inch long, and a centimetre deep, and there's a small hole in the bottom that presumably leads to the "interior". It's not as bad looking as I thought it might be. Packing the gauze in didn't seem to hurt Sarah too much, which is just as well.

This really is the pits. I really hope this is the end of this, and the infection goes away for good, and the incision heals quickly. In terms of recovery, this is a pretty major setback in my opinion. From now on, we won't be relying on the cardiologist for surgical opinions, we'll be insisting a member of the surgical team checks Sarah out.

I don't think the first trip ever made a mention in either of our blogs. Funny how an exhausting trip tends to stem the care factor to write about it afterwards...

Anyway, Sarah was in a fair bit of pain last night when she went to bed, and despite taking 800mg of Ibuprofen, some amount of Oxycodone, and some sleeping tablets, she was up again under 2 hours later, in agony.

The main concern was that the staph infection she'd apparently had in the incision a few weeks prior hadn't been kicked fully by the antibiotics, and was coming back.

So off we trotted to Stanford's ER, getting there around 1am. Fortunately it was very quiet (not that it matters when you mention the magic words "chest pain") and Sarah got straight in.

They did the usual battery of tests and decided to keep her in for observation, so I trundled off home for some sleep at about 5am.

They told her she could go home at about 1:30pm. Apparently the problem was muscle spasms, which can happen in some people after having heart surgery (even this long after the surgery). The solution? Valium. The poor girl's going to rattle soon with all these pills.

They did some blood work and there's no sign of the staph infection. Whatever pain medication they gave Sarah intravenously today made her extremely nauseous, and she was still concerned about the state of the incision around the area that had been weeping previously, so we trekked back in to Stanford this afternoon to see the cardiologist, who wasn't concerned about the incision at all. In fact, he said the surgical doctor had been a bit generous with pronouncing a staph infection in the incision two weeks previously, saying that the swab they took at the time probably just picked it up off Sarah's skin, where it's quite common to be found. So she may never have had a staph infection in the first place.

In light of this Linux kernel local root vulnerability, I thought I should audit the trustworthiness of users with logins on systems I administer, so I slapped together this script to find users who had a valid shell and an unlocked account.

Disclaimer: I wrote it in bed on a Sunday morning. It may be utter crap.

I went back to work today after something like a total of 6 weeks off. (2 weeks vacation, 4 weeks unpaid leave).

The month of January went pretty quickly really. The week in hospital with Sarah was a blur. The week and a half afterwards was also pretty much a blur. Then we had the week where things went a bit backwards, and then we had this week, a few days of which were spent up north at an inn in Little River, Mendocino County. Heck, let's just call the entire month a blur and be done with it.

Sarah's doing pretty well now. Surgery on the 3rd, discharged on the 9th, back in the Emergency Room on the 21st with tachycardia. Concerns about the incision weeping on the 21st, and again on the 28th. General increase in pain on the 28th, along with a few sleepless nights preceding.

But now, with a doubling of her beta blockers, some antibiotics, pain killers, anti-inflammatories and sleeping tablets, she's feeling a bit more human again, if not like a human pill bottle.

The surgical folks want to see her again on Monday to follow up how the incision is going since they prescribed the antibiotics. The weeping has calmed down significantly, but hasn't gone away completely.

A couple more months to go before we can call her "recovered".

So it's been a few days since I swapped in the Zonbu I bought, as my ATA over Ethernet "head".

It hasn't been all ponies and roses, but it hasn't been a total loss either.

The main problem I was having was a lot of

usb 5-2: reset high speed USB device using ehci_hcd and address 2

type of errors during moderate I/O to the RAID10, which was connected to the four USB ports on the back of the unit (similar errors for all four USB devices). Initial Googling suggested that it was a USB mass-storage thing, and that lowering the maximum number of sectors read (and/or written?) a once in /sys/block/sd[a-d]/device/max_sectors would fix the problem. Well that didn't really seem to make a difference.

Then I did some rummaging in the Zonbu forums, and it became apparent that there were some problems with the four USB ports on the back of the unit and USB 2.0 mass-storage devices.

One of the forum threads pointed me at this bug, which had been subsequently fixed in a newer release of the Zonbu OS. I apprehensively emailed the Zonbu support folks lateish on Friday evening, not expecting to hear anything back until Monday, and half expecting to be unsupported because I was running Debian on it, when I got a reply fairly promptly telling me this kernel patch would fix the problem. It turns out that the VIA CX700 is a wee bit buggy, or the BIOS support for it is or something.

Anyway, I spent the better part of two days compiling a new Debian 2.6.22 kernel with this patch applied (took me two goes, the first time the patch wasn't applied), but the Zonbu is now running a 2.6.22 kernel with this patch.

Notably you get this message during bootup now:

PCI: VIA CX700 PCI parking/caching fixup on 0000:00:11.7

It's a bit early to tell how it's going to work out. I don't have a scheduled recording until tonight, but I've just scheduled something random to see how it works out. Playing back a recording made before I swapped the Zonbu in seemed to go fine.

That is all.

After the debacle last time I tried to grow the size of my existing RAID1 when I put new disks in daedalus, I thought this time I'd do my homework.

I did some research, I found out the way I should have done it. I did a practice run on a USB key. I fully planned how I was going to do it:

mdadm /dev/md2 --fail /dev/sdb3
<delete /dev/sdb3, recreate at new full size>
reboot
mdadm /dev/md2 --add /dev/sdb3
<wait for sync>
mdadm /dev/md2 --fail /dev/sda3
<delete /dev/sda3, recreate at new full size>
reboot
mdadm /dev/md2 --add /dev/sda3
<wait for sync>
mdadm --grow /dev/md2
<wait for sync>
pvresize /dev/md2

Everything went as planned, until I went to grow the RAID1 volume. It still thought the underlying device was the same size. There was nothing to grow.

So at this point, I decided to do something similar to what I did last time to get around the failing disk, and should have done last time anyway. I broke the mirror, created a new degraded RAID1 using the full size of the new partition on the half I pulled out of the mirror, and did a pvmove from the old non-full-sized degraded mirror to the new full-sized degraded mirror.

All of that went swimmingly until the pvmove was around 50% complete, when the kernel decided to oops spectacularly. I had to power cycle daedalus to get it back under control, and even in single-user mode, without me doing anything, the kernel started oopsing again. Dammit.

I had to boot into emergency-mode (insert standard gripe about Debian's single-user mode being far too non-singular here), then I could resume the pvmove without any further oopsing. After that completed, I was able to ditch the old non-full-sized degraded RAID1 device and resync the new one onto the old partition. There was still some minor filesystem corruption, more likely because I had everything mounted at the time of the crash. Yes, I still haven't learned not to do this kind of thing in multi-user mode. It seems every time I try to minimise the size and duration of an outage, it bites me in the arse. Even though I should have been able to move open logical volumes between physical volumes, the kernel oops seemed to be in the dm_mirror code. daedalus is running a fairly old kernel. The annoying thing is that getting some additional disk space on board was the dependency for doing a general upgrade of all of the software on it. Argh.

Anyway, it's done. I hope not to have to go through this again. I just have to sit through a potentially nail-biting remote upgrade of Debian now, and I should be good for a couple more years hopefully.

I've been quietly coveting the Zonbu for a number of months now. I finally caved in and ordered one when we got back from Australia, with the intention of using it to replace minotaur, the computer that exports my RAID10 via ATA over Ethernet to my MythTV box.

minotaur is the old daedalus, which I bought back around 2000. It's a VA Linux Pentium III. It's old, noisy, and has no idea what power management is. The Zonbu has more grunt than it (in terms of BogoMIPS), and it's a fraction of the size. Our linen cupboard is now significantly quieter (and hopefully cooler). Heck, hopefully the power bill will be lower as well.

Anyway, I put the order in when we returned from Australia, with the expectation that it'd turn up some time while Sarah was in hospital, or shortly afterwards, and I could use the rest of the month that I was off work to play with it. Well, I got an email on the 31st of December, telling me they were out of stock, and unless I wanted to pay $29 more for one with built-in WiFi, I'd have to wait until mid-January.

As I just couldn't see the point of having WiFi (or spending more money) and not needing the thing in a hurry anyway, because I had more important things to worry about in the meantime, I opted to wait. This morning, I emailed them to enquire about whether or not more stock had arrived, and they emailed back to say that they were still waiting, but they'd found one they could sell to me anyway. The company happens to be close by in Menlo Park, so I picked it up today in our travels.

Let me just say that it is a very cool little computer, just if you use it for its intended purpose. It's running a customised Gentoo Linux, with a 2.6.22 kernel. I'm a bit surprised about their choice of Gentoo. I think they'd be better off partnering with Canonical, given that Mark Shuttleworth is trying to make a Linux distribution easy enough for his grandmother to use. That'd take the work of engineering the operating system out of the equation, then they could just focus on the hardware and a bit of integration with Amazon's S3.

The thing I have to give them mad props for is documenting how to hack the tripe out of the box. They tell you how to enable root. They tell you how to enable PXE booting. So once I figured out that the front USB port seems to get treated slightly differently for a USB keyboard than the back ones, it was very easy to PXE boot it and install Debian.

I initially started with trying to install Etch, but I kept getting missed interrupts on the CompactFlash device, which resulted in the filesystems panicking. So I gave up and went with Lenny, and presumably because it also uses 2.6.22, everything seemed to go fine. The box comes with a 4Gb CompactFlash card, which is ample for my needs. It's running the 686-optimised kernel, which is probably not ideal, but works. We'll see how things go.

Interestingly, I blew another hard drive power supply, exactly like last time. I've no idea if it's the act of plugging everything back in again that's causing the problem, or they're generally flaky, and they don't fail until they're powered off and back on again. Maybe that IEC Y-cable wasn't such a good idea after all. I've now run out of spare power supplies, so I'm going to have to get some more for when these two inevitably fry themselves.

Overall, I'm very pleased with this purchase, but it's a bit early to see how it's going to perform. I can't imagine it's going to perform worse than the computer it's replacing, but it was probably never intended for what I'm using it for either...

Oh, and I discovered vblade-persist, which seems to be a very nice framework for managing ATA over Ethernet exports.

Now I just need to get my hands on a big tub of Lego to build a nice chassis for the whole thing.

Erich Schubert's two posts about embedding spamtraps in web pages got me wondering about trying to track the web crawlers that harvest such addresses.

If the pages that had the embedded spamtraps could be dynamically generated, it'd be interesting to generate email addresses that encoded the time of the crawl (well the page load I guess) and the IP address of the remote host.

I expect that most of the harvesting is done by botnets, so it possibly wouldn't tell you a lot, but it'd be kind of cool to maintain a central blacklist of known harvesting IP addresses, that sites like mailing list archives could use to try and block the harvesters with.

I've been a bit behind with the ISC DHCP v3 package of late. I've had a package of 3.1.0 for a few months, but I'm becoming more and more reluctant to make uploads of this package without giving it some rudimentary testing. Real life has been demanding of late, so I haven't had a chance to do that testing. Nothing's gone wrong with the package to date, I just feel negligent not giving it some basic testing before throwing it out there.

So I chucked a spare QFE card in my workstation brutus, put unstable on the second hard drive, installed Debian unstable on the spare 10G partition of Sarah's old PowerBook, and lashed the two together with a bit of CAT-5, and voila, instant DHCP client/server testbed.

So now that I'd verified that version 3.1.0 wasn't blatantly broken, I could have a fiddle with the new support for option 119 (domain-search) that has people at work very excited. I spent a bit of time off on a wild goose chase trying to figure out how to configure the DHCP server for this new option before I realised it was as simple as option domain-search "foo bar baz"; and then made the necessary tweaks to dhclient-script.

I'm figuring that since one of the blokes who wrote the RFC works at Apple, and since Leopard supports option 119, the way they're doing it in Leopard must be approximately correct, so I've altered the behaviour of the DHCP client accordingly.

All of this assumes you're not using resolvconf.

Prior to 3.1.0, if you had the domain-name option set, the /etc/resolv.conf created by dhclient-script would set the search directive to the domain name. With 3.1.0, I've decided to make this set the domain option instead. The resolver behaviour remains the same, as best as I can determine.

With 3.1.0, if the domain-search option is set, then the search directive is set to this. If the domain-name option is set, this is prepended to the list of domains in the domain-search option. This is consistent with what MacOS X 10.5 (Leopard) does. I'm not sure what Windows does (nor what version started honouring the domain-search DHCP option)), and since it doesn't have an /etc/resolv.conf equivalent, it's a bit hard to test. I'm going to hazard a guess and hope that since the other bloke who wrote the RFC works for Microsoft, that maybe, just maybe, Windows and MacOS X at least behave the same way.

Currently, if resolvconf is in use, you get the old behaviour whereby the search directive is populated with the contents of the domain-name option, and the domain-search option is ignored completely. I've filed #460609 with a patch to fix this. Interestingly, resolvconf itself internally collapses the domain and search directives into the search directive of the /etc/resolv.conf it generates, so I can't quite get the same /etc/resolv.conf generated as would be generated without resolvconf being used. No big deal, the behaviour should be the same. The domain directive is largely unnecessary as I understand it.

I have unearthed what I consider to be a bug with the domain-search option handling code in the client. It seems to be largely benign, apart from causing the client to emit some errors when it's obtaining a lease that contains the domain-search option, and possibly not splitting the domains in the domain-search option correctly. There's also another (I think unrelated) warning that gets emitted as well. I'm waiting to hear back from upstream about both.

I'm not going to package the recently released 4.0 DHCP until I've figured out a transition plan to go from the old DHCP v2 packages to the v3 ones.

Sarah and I went to see I am legend with Shona today.

How many more post-apocalyptic, zombies-created-by-a-virus movies can Hollywood possibly churn out? That said, it was a good watch. Will Smith did a really excellent job, and there were plenty of edge-of-the-seat suspense moments.

One of the things I noticed when I was fiddling around with daedalus the other week, was that when I had everything stopped, linux.org.au seemed to stop resolving (and therefore semi-important things like ftp.au.debian.org, which is a CNAME to mirror.linux.org.au

This made me very sad, because I'm always harping on about BCP 16 when I see other sites go down because all of their name servers are on the same subnet.

Now that wasn't the reason for this particular "outage", though. It seems that because one of the name servers is russell.linux.org.au, and there's no glue record for this host on any of the .org.au name servers, I don't think russell is seeing any DNS traffic at all (perhaps only from resolvers that somehow already happened to have a cached entry for it obtained through other means than an NS query for linux.org.au)

So before I go doing any further disruptive maintenance on daedalus I guess I'll be needing to get a glue record for russell.linux.org.au. I'm surprised that searching Enetica's knowledge-base for "glue" didn't raise a mention of it. I would have almost thought that they could detect the need for a glue record when you're adjusting a domain's delegation, so I wonder if it's a failure of their domain management system, or a complete oversight. Maybe people just don't go sticking their name servers in the domain they're hosting any more.

Discharged!

Sarah was discharged almost bang on 11am, the advertised discharge time, which is less than 6 full days after she got out of surgery. Pretty amazing stuff, and not a moment too soon, if you ask Sarah. She had a final chest x-ray this morning, and that was about it.

We took a non-highway route home, and stopped via the supermarket to get a few things and get her prescriptions filled, so we got home at about 12:20pm.

The rest of her recovery can be followed on her blog.

We both feel forever indebted to the wonderful doctors and nursing staff at Stanford Hospital. Being in a hospital is certainly a lot better when you're not grieving, and the outcome is positive.

Not a whole lot to report.

Sarah's still yet to have a decent night's sleep.

The cardiac rehab lady came by to go through the do's and don't's and answer any questions we had.

They did an echocardiogram. I tagged along to watch. The Dacron looks a bit whiter on the ultrasound than the aortic tissue, other than that, there's not a lot to see.

It's looking like she'll be discharged tomorrow.

Sarah slept better overnight, but still not great. She was certainly more lively this morning when I got in, than yesterday. She's resigned to the fact that you don't come to a hospital to get rest, which is kind of ironic. She did need to get put back on the oxygen overnight because her O₂ saturation dropped. She was off it again by the time I got in.

Today's big achievement was getting the external pacing wires removed. They were put in during the procedure as a precaution, I think because if her heart played up, they didn't want to have to use defibrillator paddles, and because they'd cracked her chest open, manual CPR wasn't an option. The wires could be attached to an external pacemaker if necessary (but it never was).

I watched the removal quite closely, as I was pretty curious. Basically the physician's assistant just came in and yanked them out. Judging from the look on Sarah's face, it was an interesting sensation. We were both amazed at how long the wires were. There was probably 30 centimetres of wire under the skin. The last bit was loosely spiralled. I was just really surprised, because the PA's hand started off at Sarah's chest, and ended up at the PA's shoulder. It was just a lot longer than we both expected. All the extra length was because the wires wrap around the heart. The wires came out at about 2:30pm.

Sarah had another chest x-ray and a CT scan today. The CT scan looked good. The x-ray showed some fluid in her lungs, and her lung capacity is still sub-par. It seems when she's fully horizontal, her breathing isn't so crash hot, but it's fine when she's sitting up or walking around.

All Sarah's got left is one peripheral line now. There was some talk of her possibly going home on Wednesday. She has an echocardiogram tomorrow, and I guess it'll all hinge on how her lungs are going.

MythTV's commercial skipping really spoils us, and we practically never watch anything live (we don't watch a lot of TV at all, really, more DVDs, thanks to Netflix), so we're totally insulated from all the commercials except when we're staying in a hotel, or, as is the case right now, having a stay in hospital.

It seems all of the commercials during the news programs are pharma-related. The majority are prescription drugs to "ask your doctor about", with the rest being health-related.

Today's exciting product I learned about was Might Putty (you can watch the ad on their site). I just wish I had something to use it for.

The other thing that piqued my curiosity was the Takara Patch. It sounds like a bit of a gimmick, but I've always liked gimmicks that look like they're doing something. The Biore Pore Strips for example. I'll have to do some more research.

Slow day today.

I slept at home, and got in at around 9:40am. Sarah didn't sleep well again overnight, her O₂ saturation levels kept dropping below 90% because she wasn't breathing deeply enough in her sleep, and that causes an alarm to go off. So she was pretty flat when I first got in, but she picked up as the day went along, and was fairly chirpy by around 11am.

The doctor came by and explained the photos that we've been given, so I'll have to try and regurgitate all of it and update the captions. Her lungs are still looking a bit suboptimal. The third lobe on the right lung isn't inflating well apparently. They said something about there being some fluid as well, although the nurse said she can't hear anything.

All that said, she spent a lot of time in a chair today, and her O₂ saturation levels have been the best they've been since she was in the ICU. So good, that they're trialing having her off oxygen while she attempts to take a nap as I write.

Her blood sugar levels are settling down. I think they're still slightly elevated, but not to the point that insulin is required. She only needed insulin with lunch yesterday, so it definitely looks like it's improving.

She's already been on her three walks today, by 4pm. An occupational therapist came by, and went through the sternal precautions again, and showed us how to get in and out of bed without putting undue pressure on the sternum, and Sarah's been getting out of bed unassisted from horizontal since. Her pain has been quite manageable.

So while today started out looking like it was going to be a small backward step, I think it's still a good move forward. Sarah's continuing her breathing exercises, so I'm sure her lungs will sort themselves out in the next day or two. I guess they'll take another chest x-ray this afternoon, although it's getting a bit late in the day.

Sarah's starting to get a bit of cabin fever, but I think today's been pretty slow, in part because we deferred having visitors on account of her being not up to it in the morning.

"Day Two Downers" be damned, Sarah's powering along like a freight train.

Neither of us had a terribly fantastic night's sleep. Her chest drain is attached to this big box thing that has some sort of water seal in it, and with the suction going through it, it bubbles and makes noise like a massive aquarium. But she did get some sleep, and said she felt better this morning for it.

The doctor came by at 8am, and took the incision dressing off, and we got our first good look at it. It's big (i.e. long). It runs from about the top of her breastbone to the bottom of her sternum. 20cm at my estimation. She said that she thought the chest tube could come out today, and sure enough it came out at about 12:30pm. They also took her urinary catheter out at that time, so now all she's hooked up to is oxygen. Her blood sugar levels were acceptable at breakfast time.

Oh, the reason the incision ran so high was because they elected to do the bypass attachment to an artery in her neck, rather than further around the aorta, because the tissue was fragile and they didn't want to risk a dissection. Not doing the bypass in the aorta also left them the option of removing some of the transcending arch if they determined it still ended up being necessary.

Sarah got up and had breakfast in a chair again, and was generally feeling pretty mobile. She moved between the chair and a wheelchair (and back) when they came to get her for another x-ray, without requiring any assistance.

She took her first walk around the ward at 11am. I'd popped home for a shower and to check on the cats, and so I missed it.

Doctor Miller dropped in at around 12:30pm to see how she was doing, and that was good as Sarah got a chance to talk directly to him about how the procedure had gone. He was very positive and said she could put this whole thing behind her now.

At 2pm, she went for another walk, this time sans two thirds of the tubes from her first walk, and got in and out of bed unassisted.

She took her last walk of the day at 4pm.

Apparently her blood sugar is still on the high side, but within the range that they don't feel the need to give her insulin. Her chest is apparently looking better on the x-ray they took this morning. They took a second one after they removed the chest drain, but we haven't heard anything about how that looks yet.

She's continuing to do extremely well, most of this less than 48 hours out of surgery.

I just called the ICU for an update before I head in for the day. She's apparently doing well, and can probably transfer out of the ICU later today, although apparently beds are tight in the ward.

Update 1

I've managed to find somewhere with EVDO access, so I can update this in between ICU visits.

She's looking really good this morning. She asked for some 7up, because her throat's really dry and sore from being intubated. She had something to eat at 6am. She hasn't had much sleep though, because the ICU has been too busy. She's getting turned every two hours, which isn't terribly enjoyable, but her pain is manageable. She's such a trooper.

Update 2

Sarah's continuing to do well. The nurse sat her up on the side of her bed for lunch, and had half a roast beef sandwich and some fruit. Her throat's still pretty sore, and she's really preferring the liquids. Apparently her blood sugar is a bit high (something that can happen post-operatively) so they gave her some insulin before lunch.

Getting her back down again looked a bit painful, as did shuffling her up the bed.

Apparently there's a bed with her name on it in the intermediate ICU, so as soon as the doctor's order comes through to move her, she'll be moved. They'll also take out the central line and one of the peripheral lines at that time.

Update 3

Last update today. Sarah was moved out of the ICU and into intermediate intensive care (where she'll remain until she's discharged) at 2:25pm. She got a private room again, which is very fortunate. It's nice and quiet, so she should get a good night's sleep. I can stay the night as well.

One of the doctors from the team looking after her came by at about 5:50pm. She said the chest drain can come out in the next day or two. They took another x-ray this afternoon to check on some pleural effusion that they were worried about. When we asked the doctor about it this evening, she described it more as trapped air than trapped fluid, and that it should work itself out in the next few days. The x-ray showed that it was "stable", in that it hadn't really changed from the x-ray in the morning. They'll take another x-ray tomorrow morning to see how it's going.

Other than that, she's continuing to do really well. The pain seems manageable. She got up into a chair for dinner (with help). They didn't give her any more insulin beforehand, so I presume her blood sugar is settling down again.

I'm exhausted, but very relieved.

The important news: the operation was a success, the surgeon, Dr D. Craig Miller, bless his cowboy boots, managed to spare the aortic valve (he'd given us a 99% probability of being able to do so beforehand), so we don't have to be concerned about pig/cow valves for now, and mechanical valves later. He was reluctant to say that her own valve will last her the rest of her life, but it should last a "long time, long enough to have a family".

When I left the hospital, Sarah was in intensive care, extubated, conscious, and talking to me, but very very tired. She's got a daunting array of things coming out of her at the moment (a lot of which I couldn't see because she had blankets over her). It's been a long day, so I decided to head home, rather than potentially keeping her awake for the next two ICU visiting times tonight.

Here's the time line that I recorded:

05:15 - Arrive at the hospital to go through the admissions process

06:35 - I leave Sarah shortly before they're going to wheel her off to the operating room (I'll get into my fun at the end).

09:30 - I ask for an update, and they tell me she's going on bypass

10:30 - It looks like they can save the aortic valve

12:25 - Still doing the valve stuff, making a new sinus of Valsalva

14:15 - I ask for another update, everything is going okay, someone will come out to talk to me

14:55 - Still going, at least another hour until they start to close up

15:15 - Closing up, surgeon will be out to talk to me

16:10 - Surgeon comes out to talk to me about how the operation went

16:50 - I got to see Sarah briefly in the ICU, she was still intubated, but conscious and seemed to respond to my voice

~18:15 - Extubated. Spoke with her briefly. She was very tired, and I decided to let her rest for the remaining visiting times and go home and get some rest myself

So what the surgeon had to say for himself was very interesting indeed. He didn't end up doing exactly what he'd said previously, based on how things looked once he actually got in there.

He said that the sinuses of Valsalva were paper thin. So thin, you could see the blood flowing through them. They were about 0.5mm thick, rather than the normal 1.5mm thick. Sounds a bit like a disaster waiting to happen. Apparently it's not possible to detect this with imaging, you have to get in there and see it for yourself. He didn't end up removing as much of the aorta as previously planned (specifically the part around the transcending arch) as whilst the diameter was a bit bigger, the tissue apparently looked healthy. He said the part of the aorta he did remove (preceding where the braciocephalic, left common carotid and left subclavian arteries branch off) was "cheesy" in consistency, so it's not like she just happened to have an enlarged aorta, no aneurysm, and way too thin sinuses of Valsalva. There was definitely some unhealthiness to the aortic tissue, just not as bad as thought from the imaging.

So it's all good. I think she'll spend a day or two more in the ICU before getting moved to a normal ward, but it's too soon to say what's going on with all of that. There's some elevated risk of stroke due to blood clots for the next 24-48 hours, but she's on blood thinners, so it shouldn't be a problem.

The day was pretty crazy for me. I'm not sure if it was stress, or the stomach bug that's been doing the rounds of Central Park Apartments, but I went to bed last night at 11pm, was up again at 1am, with shall we say, a gastrointestinal upset, and up again at 3am, throwing up. We got up at 4:15am to get to the hospital.

I felt really nauseous all morning, and was an absolute wreck while I was in with Sarah when they were putting a peripheral line in her before they wheeled her off to the OR, so I bailed about 5 minutes early and just made it to the bathroom in time to throw up again. I haven't eaten all day, just tried to keep the fluids up. I'm debating having some plain boiled rice for dinner, or waiting until tomorrow to have something easy on the stomach. I definitely felt a lot better as the day progressed, but my stomach is still pretty tender. Sarah and I ate pretty much the same stuff yesterday, so I don't think it can be food poisoning. She tends to have a very sensitive stomach at the best of times, so I'd expect her to be showing problems before me if it was food poisoning.

But enough about me, I'll live. I hope it's not a stomach bug, as I don't want Sarah to come down with it as well, now that she's on the road to recovery from this surgery.

Many thanks to Shona, Briana, Laura, and Christina for spending time with me throughout the day to keep me occupied.

ICU visiting hours are every even hour between 10am and 10pm, for thirty minutes at a time, so I plan on spending all day at the hospital tomorrow. Hopefully I can find a good spot to get some EVDO coverage, so I can update things as the day goes along, rather than at the end of the day when I get home, like I had to today.

Hopefully I'll sleep better tonight than I did last night.

We went in to Stanford Hospital this morning for a few hours of pre-op stuff.

They took blood, did an ECG, a chest x-ray, and we had a chat with someone from anesthesiology. A physicians assistant and a nurse practitioner talked to us (separately) about what to expect. We also watched a short video about what to expect.

We now have to report back at 5:15 tomorrow morning (there's a 5:15 in the morning, how about that?) for a 7:30am procedure. They're saying it'll take 6-8 hours and that Sarah will be on a ventilator for the first 4 hours or so that she's in intensive care, post-op. She'll probably be in the ICU for a couple of days. It's sounding like I can only spend 10 minutes in there every few hours, but we'll see how that pans out tomorrow I guess.

It's sounding like I won't get to see her until around 4pm tomorrow I think someone was saying. I guess we'll see how that pans out as well.

I've just doped myself up with some NyQuil so I hopefully get a better night's sleep than last night. I'm going to need it, it's going to be a long day.

We really haven't stopped since we lost Joshua. It's helped us kill time until Sarah's surgery, which is now in two days time.

It's hard to believe it's rolled around so quickly, really. We've got about four hours of pre-op stuff tomorrow, from 9am, which sounds like it entails blood tests and a chest x-ray, as well as general Q&A.

The surgery is scheduled at 7:30am the next day. It's good that it's early in the day.

We found a good page that describes what they're going to be doing (a modified David's Reimplantation Procedure)).

I'll be able to write something more competent about proceedings tomorrow after the pre-op stuff I expect.

Well, this is actually our fourth day home, I just haven't had the time or inclination to write anything until now.

We had an uneventful trip home on the 29th. I think I'm getting more used to these long-haul flights, the time went pretty quickly. There is much to be said for Qantas' in-flight entertainment system. And Melatonin tablets.

We had a good, jam-packed three weeks in Australia.

We landed on a Sunday morning, at around 8am. Sarah's Aunty Glenda picked us up from the airport, and we stayed with her for the week. We caught up with two sets of friends on the Sunday, and managed to last until the evening without crashing.

I spent the week working from the Sydney office. Jetlag is a wonderful thing for making me into a temporary morning person. I was at my desk by 8am every day. I'd forgotten how early the sun got up in Australia in the summer time.

Monday in Sydney is Sunday in California, so Mondays are blissfully quiet and great for getting things done. The beauty of getting in by 8am meant I still caught Mountain View from about about 1pm onwards for the rest of the week, so that was good. I got a lot done while I was in the Sydney office.

On Tuesday morning we went to the US Consulate to sort out Sarah's visa renewal. It was a no-brainer, and our passports were back at my parent's place within 48 hours.

Thursday night was the Sydney office Christmas party. The Friday night we flew out of San Francisco was the Mountain View office one, so it was good to be able to catch a party somewhere. Got to love working for an international company. Photos here.

Sarah spent the week in Sydney pottering around and catching up with relatives. Every night was booked out with dinner with friends. Photos from the week in Sydney are here.

Next stop was Canberra for four days. We stayed with different friends each night. We'd really come to appreciate how bug-free California is. Apparently Canberra was having a particularly bad fly season this summer. They were just about carrying us away.

We stayed a night with Rusty and Alli on their farm out at Majors Creek, which is always a nice getaway. It was great to see how the place is coming along. We won't recognise it next time we're there.

At Canberra airport on the way to Brisbane, totally by chance, we bumped into our old upstairs neighbour Melissa, from when we lived in Turner. Her and her husband and kids moved to Brisbane around the time we moved from Turner to Ainslie, and we hadn't done a very good job of keeping in contact. To cap it off, she ended up sitting in the seat across the aisle from us on the plane, so we had a good old chinwag for an hour and half. Photos from Canberra are here.

Then we got to Brisbane and did the family thing. It was good to see my family again, and show them all of the photos of Joshua and just spend time with them. Brisbane traffic has degenerated significantly in the last 12 months. The Gateway Arterial Motorway near the airport is a complete mess. There's a lot of construction going on for the new cross-city tunnel they're putting in.

Probably the highlight of the trip was the mass outing to Australia Zoo. It's been a couple of years since we've been there, and boy, does that place just keep getting better.

My hot tip is to save yourself a fortune, and a precious couple of hours, and avoid purchasing food from the catering area. It's sheer bedlam, and very expensive. The zoo is getting so big, that you really need all of 9am to 4:30pm to see it all properly, so you can save a lot of time by bringing your own lunch, or getting a pass-out and getting lunch from somewhere nearby. Photos from the zoo trip here

The weather in all parts of Australia that we saw was pretty grey and wet for the most part. I'm not complaining, we need all the water we can get. It was sounding like most of the rain was falling outside the catchment areas though. It was nice to see Canberra not looking all brown and dry though.

Photos from the time in Brisbane here.

In a brief fit of spontaneity we decided to sign up for Qantas Club memberships. I'm really kicking myself for not getting lifetime membership back in 1999 when I sold my share of our business. I've done so much travelling since then, and it'd have really come in handy. As it happened, we got good use out of it this trip. The flight from Brisbane to Sydney was at 8:15am, so we left my parents' place at about 6:15am, sans breakfast or showers, and breakfasted at the Brisbane airport, and showered in the Sydney airport, as we had about 5 hours to kill until our flight to San Francisco departed.