Skip to main content

zonena.me

IPv6 the SmartOS Way

Update: As of 20150917T235937Z full support for IPv6 has been added to vmadm with the added ips and gateways parameters. If you’re using SmartDataCenter, these parameters won’t (yet) be added automatically, so the following may be useful to you. But if you’re using SmartOS, see the updated SmartOS IPv6 configuration wiki page. There have been a lot of requests for IPv6 support in SmartOS. I’m happy to say that there is now partial support for IPv6 in SmartOS, though it’s not enabled by default and there may be some things you don’t expect.

A Primer on CFEngine 3.6 Autorun

Update: For CFEngine 3.6.2. CFEngine recently released version 3.6, which makes deploying and using cfengine easier than ever before. The greatest improvement in 3.6, in my opinion, is by far the autorun feature. I’m going to demonstrate how to get a policy server set up with autorun properly configured. Installing CFEngine 3.6.2 The first step is to install the cfengine package, which I’m not going to cover. But I will say that I recomend using an existing repository.

How the NSA is breaking SSL

This isn’t a leak. I don’t have any direct knowledge. But I have been around the block a few times. It’s now widely known that the NSA is breaking most encryption on the Internet. What’s not known is how. We also know that the Flame malware was signed by a rogue Microsoft certificate. That rogue Microsft certificate was hashed with MD5, which is what allowed it to be impersonated. On my Ubuntu box I just ran an analysis of the Root CA certificates (from the ca-certificates package which itself comes from Mozilla).

Timeout in a Shell Script

Although GNU coreutils includes a timeout command, sometimes that’s not available. There are a lot of ham fisted approaches by very intelligent people. The “right” way to do this is with the ALRM signal. That’s what it’s for. So rather than reinvent the wheel, here’s a correctly working timeout function. This works in at least bash and zsh. cleanup () { [[ -z $! ]] && kill -s TERM $! sleep 1 [[ -z $!