Planet Redpill Linpro

I work with Linux. That shouldn’t come as a surprise considering where I work. My private system does not differ that much either. Since I also work with automation my private systems are naturally configured automatically as well. I honestly cannot help it.

Bash aliases are a minor part of my configuration deployment and I tend to follow multiple approaches for handling my aliases in my environment.

This post is about my approach on handling the main part of ...

Yesterday I pushed an update to varnish-4.0.5 in EPEL7. It includes the following advice:

SECURITY: The varnish-4.0.x branch is marked END OF LIFE by the Varnish Cache upstream project. Please consider upgrading to varnish-6.0 LTS or newer. Links to packages compatible with VCL 4.0 and EPEL7 may be found at https://varnish-cache.org/releases/

varnish-4.0.5 is vulnerable to CVE-2022-23959. If you are unable to upgrade to a current version of varnish, consider mitigating against this attack, see instructions in the included file vsv8_epel7_varnish405.vcl

So to repeat: varnish-4.0.x is EOL. The 6.0 LTS branch may be used in VCL 4.0 mode with minimal changes, and Varnish Software provides free el7 compatible packages that are well tested for production. If you use varnish-4.0 from EPEL7 on RHEL7, CentOS7, or other clones, it is time to upgrade now. See https://packagecloud.io/varnishcache/varnish60lts/install#manual-rpm for repo details, and https://varnish-cache.org/docs/6.0/whats-new/upgrading-6.0.html for details on the upgrade process.

I read Tolkien’s “Canon”, that is, The Hobbit, The Lord of the Rings, and The Silmarillion, every year about Christmas. So also this year.

If you are among the lucky readers that get to immerse yourself in The Lord of the Rings regularly, you may have wondered about Sam’s thoughts and reactions in The Shadow of the Past. After Sam’s exchange with Ted Sandyman at The Green Dragon inn at Bywater, we learn that Sam had a good deal to think about (…) He would have a busy day tomorrow (…) But Sam had more on his mind than gardening. After a while he sighed, and got up and went out. When I read this, I used to pause and consider what Sam was thinking about. For some years I thought it was Rose Cotton that was on his mind. But she does not enter the story until the very end. So what is it that bothers Sam so much?

We learn that this is the same time as Gandalf is visiting Frodo. And their exchange about The Ring must be the next morning. When Sam is discovered by Gandalf, eavesdropping outside Frodo’s windows in Bag End, Sam first try to bluff Gandalf, producing his garden shears. Then he quakes and begs mercy and talks like a waterfall. Finally, he shouts of joy, before bursting into tears. Anyone may feel a bit intimidated under Gandalf’s bristling beard and brow, but isn’t this reaction a bit much? Sam is a bit of an emotional type, but shouting of joy, and then crying his eyes out?

We know from A Conspiracy Unmasked that Sam, Merry and Pippin are conspiring against Frodo leaving The Shire alone, and have been for years. Sam is presented as the chief investigator of the group. Here it all comes together. Merry and Pippin has talked Sam into spying on Frodo and Gandalf. It is not strange that he is thinking a lot and planning how to get through with this, even cooking up an alibi of mowing the lawn, and trimming the grass outside exactly the window where Frodo and Gandalf are discussing The Ring. He is even almost caught at one point, where he appears to coincidentally pass along the garden path whistling. Let us repeat that: He actually passes by, whistling innocently. When I read this again, I almost can’t believe Gandalf not seeing through this! When Sam finally is discovered, he actually tricks Frodo and Gandalf into believing that he only coincidentally heard what they were talking about. It is not strange that he first babbles and begs before finally shouts of joy and bursts into tears. He cries in relief of not disclosing the conspiracy. He is not revealed as a spy yet – and luckily, not by Gandalf, or he might actually been turned into a spotted toad.

In Crickhollow, after the conspiracy is finally unmasked, Sam says that Frodo ought to take the Elves advice. Gildor said you should take them as was willing, and you can’t deny it. Frodo’s answer is a bit remarkable unless you have figured out the connection: I’ll never believe you are sleeping again. Here, Frodo is of course pointing to the fact that in Three is a company, while Gildor has a conversation with Frodo, and that while these words fall, Sam sat curled up at Frodo’s feet, where at least he nodded and closed his eyes. But Sam is here still the spy in the group. He only pretends to sleep, and is actually eavesdropping as hard as he can all the time. This is taken up again by Merry in The Palantir: Now Pippin my lad, don’t forget Gildor’s saying – the one Sam used to quote: “Do not meddle in the affairs of Wizards, for they are subtle and quick to anger.” Gildor said this to Frodo while Sam was apparently sleeping.

At the end of The Council of Elrond we hear that Sam again is spying and eavesdropping. He suddenly jumps up from the corner where he had been quietly sitting on the floor, and Elrond remarks that the council was secret, and that Sam was not invited.

In Flight to the Ford, Frodo says about Sam that First he was a conspirator, now he’s a jester. He’ll end up by becoming a wizard – or a warrior! And Sam answers: I hope not (…) I don’t want to be neither!. But at least his career as a conspiring spy was rather successful.

Merry Christmas, and a happy new year!

With great thanks to The Tolkien Professor and his Exploring the Lord of the Rings project, where the role of Sam has been more than thoroughly discussed

The most common firewall setups reject inbound traffic initiated from the internet as such, but let all traffic pass through as long as the connection was initiated from the intranet. I strongly believe that such firewalls are overrated and that it makes as much sense (maybe even more sense) to filter outbound traffic.

The Log4Shell case

Yesterday some of us got quite busy with patching things and searching for vulnerable software due to the Log4Shell 0-day exploit. This ...

TLDR: Jump to the end for the quick explanations of how to do this.

At Redpill Linpro we use Zimbra for our email hosting.

It has the same email and calendar functionality as Microsoft Exchange, so it’s a great alternative to Office 365. Especially if you don’t want to have your data stored in Microsoft’s datacenters.

But if you like to use Microsoft Office, it’s not directly intuitive to get Outlook fully integrated with Zimbra. If you try to ...

Pipewire, the new default audio subsystem in Fedora 34, introduces support for the mSBC audio codec for the Bluetooth Headset Profile (HSP), which is used for transmitting bi-directional audio to/from Bluetooth headsets. The mSBC codec provides greatly improved audio quality over the CVSD, the default codec used with HSP. If you are using a Bluetooth headset to participate in teleconferences, you will most definitively want to use mSBC if your headset supports it. Your colleagues will sound better ...

GraphQL is a modern approach to APIs that simplifies integrations. This is an introduction to what GraphQL is, and we build a simple GraphQL service with the help of Vert.X.

What you’ll need to follow along

This introduction will barely scratch the surface of the potential and power that GraphQL together with Vert.X offers. Understanding of programming and the REST protocol is assumed.

Make sure to have the following installed:

• JDK 8+
• Maven
• IDE

Source code for ...

Getting a single random row, or a few rows, from a table in order to get representative data for example is a frequent need. The most common way to do this in PostgreSQL is using ORDER BY random() like:

SELECT id FROM data ORDER BY random() LIMIT 1

But when run on a large table this can be very slow because it will have to scan the entire table to find the rows. Jonathan Katz mentioned a different way to do it on Twitter, which reminded me that people keep coming up with different (and sometimes very complicated) ways of trying to solve this problem.

And while Jonathan's method (he has the super simple sample code and results up on a gist) is still about twice as fast as ORDER BY random() on my test (with his data), it comes with some problems. For example, it requires a contiguous set of id values, that have to be integers. And it still takes about a second to run on my machine with his sample of 5 million rows -- and will keep getting slower as the table grows.

And it turns out, if you don't need your row to be perfectly random, just mostly random, and can deal with some caveats, PostgreSQL has built-in functionality that does the job about 20,000 times faster than Jonathan's version and 40,000 times faster than ORDER BY random(). Enter TABLESAMPLE.

Getting a single random row, or a few rows, from a table in order to get representative data for example is a frequent need. The most common way to do this in PostgreSQL is using ORDER BY random() like:

SELECT id FROM data ORDER BY random() LIMIT 1 

But when run on a large table this can be very slow. Jonathan Katz mentioned a ...