/dev/root 

Due to openssl 1.0.1 introducing TLS v1.2 as the default for SSL connections you can find yourself facing an error like this:

Connection reset by peer - SSL_connect (Errno::ECONNRESET)

This will happen if you’re using macports with openssl 1.0.1 (latest one right now is 1.0.1c) and try to either use curl or ruby (no matter if it’s 1.8 or 1.9). OpenSSL 1.0.1 introduces support for TLS v1.2 which is not yet supported by most code, unfortunately it’s used as default and it’ll break your code with bizarre error messages about certificate trust.

The recommended resolution so far is to simply downgrade openssl, thanks to macports running svn this can be easily done by running the following lines into your terminal:

svn checkout -r 90715 http://svn.macports.org/repository/macports/trunk/dports/devel/openssl
cd openssl
sudo port install


This will install the last 1.0.0 version of OpenSSL available on macports (1.0.0h) so your problematic code can work again. If you’re writing your own code in ruby you can also add this option before pulling your https connection:

https = Net::HTTP.new(request_url.host, request_url.port)
https.instance_eval { @ssl_context = OpenSSL::SSL::SSLContext.new(:TLSv1) }


I’ve got a sendmail setup with ldap_routing, it’s very convenient if you’ve got a distributed sendmail environment, in my case I’ve just got ldap_routing for mail hosts and not for addresses, so it’s expressed in the following form in sendmail.mc:

FEATURE(`ldap_routing',`ldap -T<TMPF> -k (mailacceptinggeneralid=%0) -v maildrophost',`null',`')dnl

When upgrading my sendmail platform to the new Ubuntu 12.04 LTS (Precise Pangolin) I’ve found the following error:

readcf: config K line, map ldapmra: no map class

This is due to a change in behaviour in ldap_routing.m4 in 8.14.4, it’ll try to automatically add  -T<TMPF> which breaks the special `null’ behaviour.

The way recommended to fix this is to replace ldap_routing.m4 with the version from 8.14.3 which is available here.

In my case (Ubuntu) I just had to replace the file located at /usr/share/sendmail/cf/feature/ldap_routing.m4, then process sendmail.mc again and everything went back to normal :)

Ubuntu 12.04 LTS (Precise Pangolin) has updated MySQL to version 5.5, the update is not as straight forward as in other releases so some caution must be always taken.

Updating from MySQL 5.x

This is a fairly easy case, if you have any extra config in /etc/mysql/conf.d there’s a high chance that the new package will actually uninstall your old packages without replacing them, be extremely careful with that, also check that all your parameters are in line with MySQL 5.5 syntax.

First of all once the upgrade to 12.04 is finished, check which packages for mysql-server are installed:

$ sudo dpkg -l | grep mysql-server
ii mysql-server 5.5.22-0ubuntu1 MySQL database server (metapackage depending on the latest version)
rc mysql-server-5.1 5.1.61-0ubuntu0.11.10.1 MySQL database server binaries and system database setup
ii mysql-server-5.5 5.5.22-0ubuntu1 MySQL database server binaries and system database setup
ii mysql-server-core-5.5 5.5.22-0ubuntu1 MySQL database server binaries

If you see all the 5.5 packages installed congratulations, your upgrade was flawless, but in any other case you’ll only see the mysql-server-5.1 package, so you’ll need to install manually the packages.

$ sudo apt-get install mysql-server-5.5

This should in all cases suffice to get MySQL server running again if there’s no errors in your my.cnf.

Updating from MySQL 4.x

In this case the binary structure changes slightly so you’ll need to dump all your data and upload it to a fresh new MySQL 5.5 instance, there’s not much way around this unfortunately and not following this can result in corrupt data.

Today Ubuntu 12.04 LTS (Precise Pangolin) has been released, this is a LTS release and as such the preferred choice for lots of sysadmin/devops folks like me.

In this release I’ve been involved in Cloudfoundry, but also in packaging puppet, mcollective, mcollective-plugins, rabbitmq-server, and ipxe. All of which I’m quite happy about, if you feel like yelling at someone you know where to find me.

This release also makes the official debut of juju as a stable technology, the slogan says its Devops Distilled but I see it more as a giant application deployer with amazing orchestration skills, all of them make it a great solution, which you can also mix up with your usual puppet and mcollective of course :)

Go ahead and take the tour, and start playing with it in the Cloud or on your computer.

Finally Ubuntu 11.10 has just been released, this is the last version before our next LTS (12.04) so it’s a big technological preview.

You can take an online tour here http://www.ubuntu.com/tour/

In this version I’ve contributed packages in mcollective, puppet and rabbitmq, but most of all I’ve been working in Openstack, Juju and Orchestra, have a look and enjoy! The next LTS will be very exciting.

We’ve been working very intensively these last three months with mcollective on Ubuntu, and it’ll be finally be available in natty, another great addition for this release alongside with cobbler.

Unfortunately, our plugins package didn’t make it on time for the natty release freeze, which makes mcollective on natty’s release on Apr 28th a bit limited, but we have the package available for your enjoyment \o/.

In order to be able to install mcollective-plugins into your system you should add this PPA by executing:
add-apt-repository ppa:lynxman/mcollective-1.0-plugins-natty

Once you added the new repo you can see all the plugins available by running apt-cache search mcollective-plugins and install them based on your mcollective needs.

I’m quite intrigued by the new devops movement that has been arising lately in the ops community.

A devops is basically a sysadmin with a deep knowledge of several languages and in touch with the code running over the platform he’s providing, normally related to new trends in systems administration as the ones used by Facebook, Google, Twitter, etc.

I can’t say I can’t feel identified with this movement since this is what I’ve been advocating for the last years, I’m quite happy to see that it has finally got enough intertia to develop into a full fledged movement that will take the sysadmin field into a new era, I’m completely giddy with excitement.

If you want to read more about what devops is about I think these are some of the most interesting blogs to follow:
http://www.planetdevops.net/
http://londondevops.org/
http://vuksan.com/blog/

Also there’s a couple Google Groups, devops-toolchain and agile-system-administration

devroot.org is now being served in IPv6 as well thanks to sixxs.net

I have just walked across this video, this is a really interesting presentation from one of a Googler himself, it explains good practices and methods in order to score a higher Page Rank when writing your blog using WordPress, definitely worth checking!

For anyone interested Matts blog is at http://www.mattcutts.com/blog/

Recently as a good Apple geek I got an iPhone on my last trip to the US, and got it unlocked so I could use it with my Swisscom SIM Card.

I’ve been a happy camper all along, got a nice business data package (50Mb per month) and also the roaming preferential package (CHF 5 per month) so the price per Mb of transfer while roaming would be lower (CHF 3 instead of CHF 14).

The iPhone works wonderfully in Switzerland’s Swisscom network, the phone takes advantage of the extended EDGE Swisscom network so I can fully use Google Maps or check the weather or my e-mail no matter where I am, even in the middle of the Alps, all of this joy turns into a nightmare when roaming in foreign countries.

This last month I’ve been visiting the UK and Spain for business affairs, being confident of the iPhone’s ability to measure EDGE/GPRS traffic I used Google Maps to guide myself around London city center and to find good restaurants in Barcelona, all of this only consumed 1.9Mb of transfer (800kb upstream and 1.1Mb downstream) so I was expeting a 2Mb or a 3Mb charge maximum.

I’ve got a 28.6 Mb charge, which amounted to CHF 140 approximately.

To my disbelief I called immediately Swisscom customer line, even if the helpdesk was a bit harsh at first (calling me a liar for saying that the bill was wrong) I finally got them to pass me through to a technical support person, which helpfully investigated the matter.

I’ve got a call back from the technical support to confirm that the bill amounted to 28.6Mb due to the fact that Swisscom roaming partnerships force Swisscom to charge a minimum of 30kb per session (up t0 a minimum of 300kb per session in Spain!!!), and they consider a session each time the telephone connects to the GPRS network, so this means that each time that I was checking Google Maps in Spain I was being billed 300kb even if I was using 1kb or 2kb maximum, a shameful ripoff.

Even if I kept complaining about this fact pointing out that it’s not my problem that Swisscom has such a bad partnership deals of which I were not warned about at any time, I’m now forced to pay the full bill and I’ve been told by the technician that my telephone is defective and I should get another one that only connects into the GPRS network once and leave the connection open so I can avoid multiple charges, so it looks like now an iPhone is defective in Swisscom eyes, amazing.

This is the kind of treatment and very user unfriendly deals that screws up us European users, and the kind of torment that Canadian users of Rogers suffer as well, this telephone is clearly ahead of its time and it looks like it’s way ahead the comprehension of my mobile phone network, which is not up to the challenge of making a user friendly comprehensible charging data network.

Shame on you Swisscom.