2 Bit Hacker

My home storage server has been a source of annoyance for a few months now. I had upgraded it from an Intel Atom board to a E5500 and had some major stability issues involving bad RAM and a bad motherboard. After finally getting it stable, I learned one of my 2TB drives in my RAIDZ pool had started reporting a slightly smaller size, making it unable to participate in the pool. Luckily, the drive was still under warranty, and replacing it is a stupidly easy process, which I’ve decided to document here.

[chip@sumo ~]$ zpool status
  pool: storage
 state: DEGRADED
status: One or more devices could not be opened.  Sufficient replicas exist for
        the pool to continue functioning in a degraded state.
action: Attach the missing device and online it using 'zpool online'.
   see: http://www.sun.com/msg/ZFS-8000-2Q
 scrub: none requested
config:

        NAME                STATE     READ WRITE CKSUM
        storage             DEGRADED     0     0     0
          raidz1            DEGRADED     0     0     0
            label/2TBdisk1  UNAVAIL      0     0     0  cannot open
            label/2TBdisk2  ONLINE       0     0     0
            label/2TBdisk3  ONLINE       0     0     0

errors: No known data errors

As you can see, 2TBdisk1 has failed and is unavailable. Since these SATA controllers support hot-swap, I just hooked up the new drive while the box was running. FreeBSD didn’t automatically detect the new drive, so I had to instruct it to rescan the SATA device. Normally I would expect atacontrol reinit to do this, but I ended up having to detach and attach the appropriate ata chain to get it to see the new drive.

[chip@sumo ~]$ sudo atacontrol detach ata2
[chip@sumo ~]$ sudo atacontrol attach ata2
Master:  ad4 < SAMSUNG HD204UI/1AQ10001 > SATA revision 2.x
Slave:       no device present

With the new drive now being recognized, I applied a GEOM label to it, then replaced the failed drive in the ZFS pool.

[chip@sumo ~]$ sudo glabel label 2TBdisk4 /dev/ad4
[chip@sumo ~]$ sudo zpool replace storage label/2TBdisk1 label/2TBdisk4
[chip@sumo ~]$ zpool status
  pool: storage
 state: DEGRADED
status: One or more devices is currently being resilvered.  The pool will
        continue to function, possibly in a degraded state.
action: Wait for the resilver to complete.
 scrub: resilver in progress for 0h0m, 0.12% done, 4h40m to go
config:

        NAME                  STATE     READ WRITE CKSUM
        storage               DEGRADED     0     0     0
          raidz1              DEGRADED     0     0     0
            replacing         DEGRADED     0     0     0
              label/2TBdisk1  UNAVAIL      0     0     0  cannot open
              label/2TBdisk4  ONLINE       0     0     0  554M resilvered
            label/2TBdisk2    ONLINE       0     0     0
            label/2TBdisk3    ONLINE       0     0     0

errors: No known data errors

Once the replacement process was finished, zpool status goes back to normal:

[chip@sumo ~]$ zpool status
  pool: storage
 state: ONLINE
 scrub: resilver completed after 5h49m with 0 errors on Fri Jul  1 23:23:08 2011
config:

	NAME                STATE     READ WRITE CKSUM
	storage             ONLINE       0     0     0
	  raidz1            ONLINE       0     0     0
	    label/2TBdisk4  ONLINE       0     0     0  437G resilvered
	    label/2TBdisk2  ONLINE       0     0     0
	    label/2TBdisk3  ONLINE       0     0     0

errors: No known data errors

Overall a remarkably painless process, all without taking the machine offline!

From time to time I think about tricks for managing e-mail, and the other day I came up with an idea I hadn’t seen in practice before. I doubt it’s an original idea, but it seemed interesting to try and implement.

Most people end up using the same e-mail address everywhere, like chip@2bithacker.net. This is easy, it works, and it’s how e-mail was intended to be used in the first place. But you give it to some bad eggs and they sell it to some spammers and now you start getting junk to that address. So what do you do?

In the past, I’ve tried to use local-part extensions to identify who I gave the address to. These are usually things like chip+facebook@2bithacker.net, which many mail servers will treat just like mail sent to chip@2bithacker.net, but you can then filter on the +facebook part. Unfortunately, this is well understood by the spammers as well, so they can easily strip off the +facebook part and go about their business as usual. Also, there are websites out there that don’t think a + can be in an e-mail address, so they won’t accept it. There are various ways around this, of course. One could reconfigure their mail server to use a different characters, such as a dash or period, or even some letter if you wanted to be weird.

I’ve also seen people use virtual domain wildcarding to send any local-part at their domain to a default mailbox. In this case, you could just tell Facebook that your e-mail is facebook@2bithacker.net and it would still wind up in your inbox, and you’d know if Facebook gave your e-mail out to others if you start seeing non-Facebook e-mail coming in to facebook@2bithacker.net. This isn’t great though, as spammers regularly probe addresses trying to find common names to spam at, and with wildcarding, anything @2bithacker.net becomes a valid e-mail address to you.

So I had an idea, mostly building on the second use-case, but with some smarts added in. When signing up for a site, say Facebook, give them an e-mail address of facebook@2bithacker.net as above, but with your mail server configured such that mail to facebook@2bithacker.net is only accepted if facebook appears in the sender’s domain name. So mail to facebook@2bithacker.net is allowed from update@facebookmail.com, but mail from spammer@buystuffnow.com isn’t. In the latter case, the server will send back a 5xx error code just as if the address isn’t valid.

I’ve been trying to come up with a catchy name for this technique, something better than “semi-whitelisting” and I think Sender Domain Local-Part, or SDLP for short, might make sense.

It should be pretty trivial to implement as a Postfix policy server, and I’m working on a reference implementation there to try it out. I suspect it’d be pretty easy to do in Exim as well. I’ll try to remember to post again once I get it working.

This past Saturday was the big housewarming party for Meg and I. Unfortunately, Meg got sick around the middle of last week, and I managed to catch the bug near the end of last week, so we weren’t feeling great when it came time to get ready, but with a lot of help from Meg’s mom and my dad, the party went off pretty well. Big thanks out to everyone who came out to help us celebrate, and to anyone who couldn’t make it, we hope to provide you with plenty of opportunity to visit in the future. In the meantime, I finally took some pictures of the house now that it has some furniture in it.

I was a little out of it from the cold and being dosed up on DayQuil, but I think everyone had a good time. We’re considering having a Halloween party, but I’m not sure if we’ll be up for another party in just a month or not. See how we feel after recovering from these colds, I guess.

One pretty awesome thing that came out of the party was Tom talking Meg into letting me go to the Maker Faire in New York. He was just fishing for someone to drive Jason back up to NH so he wouldn’t have to, but I’m really glad I went, and it turned out that I didn’t even have to drive.

The Faire was held at the New York Hall of Science and had a wide array of crafters, makers, artists and tinkerers of pretty much every discipline. One tent was devoted entirely to home grown 3D printers, some made with parts produced by others. There was also a group from HoSARC, an amateur radio club based at the Hall of Science, attempting to communicate with amateur radio satellites as they passed overhead. Unfortunately, the attempt we were present for was unsuccessful, but it was pretty interesting all the same.

We also took some time to wander away from the Faire and check out the few remaining structures from the 1964 World’s Fair, including the Unisphere, the Tent of Tomorrow and the observation towers. I’m generally pretty interested in urban decay, but this site in particular is somewhat depressing. After seeing the state of the NY State Pavilion, I decided to do some scrounging online, and it appears that it was pretty impressive during the fair, but fell into disuse and disrepair almost immediately afterward. There was an effort a few years ago to preserve what was left of a NY road map that once covered the floor of the Tent, but I had little luck finding out the final status of that project, and the floor is now simply covered in gravel.

After wandering around that area and snapping a bunch of pictures, we headed back to the Maker Faire to catch ArcAttack and their musical Tesla coils. My spirits were suitably relifted by the arcs of musical plasma and my efforts to capture them on film (or in pixels, anyway.) Once that show was over we decided to pack up and head back to NH.

Another weekend packed to the gills with fun, friends, and fascinating stuff. I’d like to have a quiet weekend at home at some point, but it’s looking like that might be a ways off still.

This past weekend, Meg and I celebrated our one year anniversary with a full weekend of running around and having a great time. Technically our anniversary isn’t until Friday, but with the housewarming looming up on Saturday, we decided to celebrate early before we get all stressed out with getting the house ready.

We started off heading down to Boston for a Cake concert at the Orpherum Theater. It was Meg’s first time seeing Cake, and my second. She had giving me tickets to it for my birthday, and the timing just worked out such that we made it part of our anniversary. It was a great show, and we both had an awesome time. Our seats were on the mezzanine, near the front in the center, so we had a great view of the stage.

After the show we took the subway back to our hotel, Le Meridien in Cambridge. We stayed there on Valentine’s Day, and it’s a great hotel. Very comfortable and nicely decorated.

In the morning we woke up early and set out for the Flea at MIT, a monthly flea market of computer, electronic, and radio stuff. I didn’t find anything that compelled me to part with my money, but Meg found a gas mask for a steampunk project. Last month I picked up a rack mount APC UPS for my garage datacenter project, but I still need to pick up some new batteries for it. We also met up with the Coopers at the flea, and we carpooled down to King Richard’s Faire for the afternoon.

We had gone down there last year shortly after we started dating, and I had bought a necklace for Meg at the time. This year she got a pair or earings from Uncommon Adornments and a spinner ring. I also got to see one of the jousts for the first time this trip, and we generally acted silly for the afternoon and had a great time.

All in all, it was a great weekend, and I’m very much looking forward to spending another year with my Meggy-girl.

I set out with a simple goal this evening, to change my Eye-Fi card’s upload destination from Facebook, where it was putting each image in it’s own album, to simply uploading to Hindenburg via FTPS. This led to a fun filled evening of debugging and data recovery!

The configuration change on the Eye-Fi Manager side was easy enough, simply selecting FTP as the upload mechanism and filling in a few fields. For the server side of things, I decided to go with ProFTPD, largely because I’ve used it in the past and the configuration is pretty simple. I’d never used FTPS before, but it’s pretty easy to enable with ProFTPD, just a few configuration directives:

TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol SSLv3 TLSv1
TLSRequired on
TLSRSACertificateFile /usr/local/etc/kyzoku.2bithacker.net.cert
TLSRSACertificateKeyFile /usr/local/etc/kyzoku.2bithacker.net.key
TLSVerifyClient off
TLSRenegotiate none

However, this doesn’t appear to work. Based on the xferlog and tls.log, it appears the Eye-Fi client was connecting, but the data session was failing, but it did give the helpful message of “client did not reuse SSL session, rejecting data connection (see TLSOption NoSessionReuseRequired)”. This option is undocumented, and is actually “TLSOptions NoSessionReuseRequired” (note the plural), but it does solve the problem. Apparently clients are expected to reuse the TLS session between the control and data channels, but Eye-Fi doesn’t.

So, that’s working, but now my Eye-Fi card isn’t able to be read in either of our cameras or my laptop. Not sure what happened, but it appears the partition table became corrupt this evening. The card still had the only copy of a lot of our Comic-Con photos on it, and I really didn’t want to lose them. First, I decided to get a disk image of the SD card using Mac OS X’s Disk Utility. Then, I had remembered hearing about some open source software for recovering images from damaged cards, and after a quick Googling, I came up with PhotoRec.

PhotoRec is extremely easy to use. It opened up a terminal window with a curses interface, prompting through selecting a disk to scan, a place to save the found files, then initiating a scan of the Eye-Fi, turning up all of my missing images, along with a handful of other files that I didn’t realize were on the card (including an SQLite database, maybe used by Eye-Fi?) So happy I didn’t lose all those photos, and will have to work on getting them uploaded. Unfortunately, I think I’ve lost the ability to geotag those photos though…

Earlier tonight was the first meeting of the new ManchLUG chapter of the GNHLUG at Wings Your Way in Manchester. I’d been tossing around the idea of organizing this chapter for a while, but hadn’t found the round tuits. Kenta came along and wrangled things together, and this first meeting at least turned out pretty well. We had 18 people registered for the event beforehand, and I think our total turn-out ended up being around 26 people.

The meeting itself was pretty casual, just some announcements and just general chatter for most of it. I’m hoping to have more organization for next month, perhaps with some discussion topics or a quick presentation. One person brought up the topic of media center computers, so maybe we can find someone to talk about their experience building such a thing with open source tech. I’ve taken a stab at it in the past with my MythTV box, but was never terribly happy with the results, and just use a WD HD TV Live to stream stuff from my storage server today.

Overall, I think everyone had a good time, and I’m hoping this will be a successful chapter.

Sitting on the front steps of the house, enjoying the cool evening. I’ve just finished trimming the lawn and sweeping the driveway, and am waiting for Meg to get home from work. Growing up I always hated doing yardwork, and while I’m still not a fan, there is a certain feeling of satisfaction that goes along with mowing the lawn and keeping the place looking decent.

We just received our first check for the first time homebuyer’s tax credit (we each claimed half) last week, so we rushed out to buy some items we were waiting on; some new chairs, a couple tables, and some much-needed lawn equipment. Being the proud owner of a brand new Troy-Bilt, I of course had to use it last weekend. The grass was nearly knee-high when I started, but after 5 hours of walking every inch of the lawn it was cut down to size and looking much more lawn-like. Last night we went out and picked up a string trimmer to get all the little places I couldn’t mow, a Black & Decker corded electric. I was on the fence between gas and electric, but we don’t have a lot to trim and I didn’t want to muck about mixing gas. It did an adequate job, and I’m overall rather pleased with the lawn at this point.

We also had our first plumbing related fun with the house this past week. The drain from the shower stall in the master bath was leaking into our kitchen ceiling. This is covered under our builder’s warranty though, so we just had to call up and he sent out a plumber, who just tightened up something in the drain, and so far it seems to be better.

Other than that, we’ve just been running around like headless chickens. Somehow we’ve found ourselves with a fairly full social calendar between movie nights and game nights and various cookouts. To help contribute to the chaos, we’ve decided to throw a housewarming party near the end of summer, currently scheduled for late September. If you haven’t already been invited, drop me a line so we can correct that.

The bugs are starting to come out now, so I think it’s time for me to get off the stoop and head indoors.