Update hosts via Ansible to mitigate bash “Shellshock” vulnerability

On September 24, 2014 someone posted on the oss-sec mailing list about a bash vulnerability that likely affects several decades of bash versions (something like 1.14 – 4.3!). The vulnerability — aptly named “Shellshock” — can lead to remote code execution on un-patched hosts, for example web servers parsing HTTP environment variables via CGI GET […]

Clear enormous GlusterFS mount logs

Today Munin was complaining that a partition is nearly full on one of my servers. Looking at the disk usage graph it kinda seems like a slow loris DOS attack… Sure enough, something has gone and filled up the /var/log partition: $ df -h /var/log/ Filesystem Size Used Avail Use% Mounted on /dev/mapper/vg_root-log 9.9G 9.0G […]

Using swiftclient for object storage on OpenStack

I wanted to play with my new account on East African OpenStack provider Kili.io, specifically to use the OpenStack Swift object storage to do periodic backups from my desktop. I’d used tools like s3cmd to do backups to Amazon S3 object storage, but it doesn’t seem to work with OpenStack’s Swift. python-swiftclient seems to be […]

Parallelizing rsync

Last week I had a massive hardware failure on one of the GlusterFS storage nodes in the ILRI, Kenya Research Computing cluster; two drives failed simultaneously on the underlying RAID5. As RAID5 can only withstand one drive failure, the entire 31TB array was toast. FML. After replacing the failed disks, rebuilding the array, and formatting […]

Hacking on the Eudyptula Challenge

Last weekend a few of us met up at a coffee shop in Nairobi to hack on the Eudyptula Challenge. From their website, the Eudyptula Challenge is: … a series of programming exercises for the Linux kernel, that start from a very basic “Hello world” kernel module, moving on up in complexity to getting patches […]