In case you didn’t know, OpenSMTPd is so outdated on Ubuntu systems, that you’ll need to install it from sources, otherwise expect some TLS issues 🙂
You will need to use the following:
./configure \
--with-user-smtpd=opensmtpd \
--with-user-queue=opensmtpq \
--with-group-queue=opensmtpq
mkdir -p /var/empty
ln -s /etc/ssl/certs/ca-certificates.crt /usr/lib/ssl/cert.pem
Congrats, now you have a proper working SMTP server.
Cheers.
Alecu Ștefan-Iulian: “Long rant about “obsolete” languages (not):
Long rant about “obsolete” languages (not); contains swearing
Number two: #pascal (and #delphi). Going raw on this one.
“Pascal is just for teaching”. As if a language that’s easy to learn for beginners is bad. #python and #js are used a lot in teaching too and I don’t see them get shit for this. I pity people who start with #c because that’s an unreadable mess. Additionally, it came I think 2 years earlier than C, so it had to deal with the same constraints that C had. It has a lot of low level capabilities and plenty of compiler directives to choose from in case you’re a control freak. We even have asm blocks which, unlike C, aren’t (excuse my Spanish) dogshit to use, we can just reference variables inside them and it works as expected (you have to do some weird stuff in C to get that). We have pointers too and use them decently frequently. Pascal, along with ALGOL-60, was designed as a language for formal specification and teaching of algorithms, but contrary to ALGOL-68, emphasis was put on simplicity (imagine a world in which ALGOL-W was ALGOL-68…).
“Pascal is slow”. What? Pascal was fast even back when Turbo Pascal was all the rage, a direct competitor to C. #apple sure had their reasons to choose Object Pascal (basis for Delphi) when they did the Apple ][ and Apple ///). There also existed UCSD Pascal which ran on the UCSD p-System, popular at that time (it ran actual Pascal p-code, which means it was the Pascal equivalent of the #lisp Machine, really powerful). Free Pascal is on par sometimes with even GCC.
“Pascal is outdated”. News flash for people who’ve only tried Turbo Pascal: we have interfaces, generics, lambdas, Unicode support, database support through a common interface, dynamic arrays, abstract and sealed classes, for..in, operator overloading, static methods/properties, RTTI, type inference and so, so, so much more. We’re more than able to meet modern demands with the amount of libraries at our disposal. It runs on more platforms than it ever has before (I beg you to find me a more portable language than Pascal (and Free Pascal specifically) that’s not C, it’s gonna be a rough realization). I have actual enums that work like symbols, I can have negative indices, character indices, enum indices, whatever. That allows me a lot of freedom (for example, it’s a pain to iterate over enums in C, something I have to deal with in #cpp in my compiler). It’s fast, performant, easy to understand and still has room for improvement.
“Pascal’s syntax is too verbose”. It is verbose in a readable way, unlike some other public, static and void of any elegance main languages that are both terse and verbose in the most cursed way. The syntax is well structured and strict, which is good for not just beginners, but also parsers. In C, a function is 1. its signature and 2. the declaration of variables.. and definition of function which may be mixed up. In Pascal, it’s clear: 1. function/procedure signature, 2. declaration of variables, 3. definition of function/procedure/program. Simple as that, it follows a predictable structure. Don’t even get me started on C’s = vs == (which can BOTH be used as valid Boolean expressions), unlike Pascal where we have := for assignment and = for comparison (they’re mutually exclusive, as in assignment isn’t Boolean and comparison isn’t an assignment). We also have `<>` which is really different from != in C. I don’t need to insert break everywhere in my Case … Of section in Pascal because the syntax is strict and so it knows where to stop. There’s a strict difference between a pointer and a string (we have native strings too, btw, unlike C). We also have native set operators (and sets, obviously); we can check if an element is in a set via in, we can include/exclude elements, compare sets ((symmetric) difference), combine and intersect them). This is all in the language, no extra units needed.
You Pascal and Delphi haters (usually ones that never even attempted to try these languages, as always, the grapes sure are sour) aren’t grateful enough for these languages existing. For one, it’s the first widely used implementation of a bytecode (if you want to put it that way, it’s also the first VM). The chief designer of Delphi went on to create C# (which you don’t seem to have a problem with, mostly, although the Delphi influence is clear as the night sky in the mountains). Also, have you heard of these irrelevant programs named Skype and InnoSetup? Yeah, those ones. News flash: they’re in Pascal (I think Delphi specifically). Delphi essentially pioneered the concept of RAD (rapid application development) in an IDE form which is why it evolved to fit so nicely with GUI development in mind, unlike its C++ sibling in RAD Studio. It’s still hard to beat Delphi in the GUI department (too bad Embarcadero realized a bit too late that they needed a Community Edition… or Linux support). Visual Basic, Visual FoxPro, VB.NET, C#… it all started with Delphi.
I absolutely agree with Alecu about all of this, and about the rest of his rant as well.
There are so many awesome programming languages out there that do exactly what they are supposed to do, and yet no one talks about them, either because they don’t have a C-style syntax, or follow a different paradigm or they are not hyped.
Never underestimate a tiny programming language that gets shit done, or an old programming language that learned from its mistakes.
Between the hours of Mon Jul 3 03:05:59 2023 and Tue Jul 4 01:10:15 2023 the home server named BSD.am (also known as pingvinashen.am) was completely down.
The event was triggered by a battery issue due to high temperature at the apartment where the home server resides.
A battery swell caused the computer to shut down as it produced higher than normal heat into the system.
The event was detected by the monitoring system at mon.bsd.am which notified the operators using email and chat systems (XMPP).
This incident affected 100% of the users of the following services:
Multiple community members contacted the operator (yours truly) asking for an ETA.
After receiving an email at Mon Jul 3 03:06:49 2023, the Chief Debugging Officer (yours truly) started analyzing the possible issue. According to Monit (mon.bsd.am) all the services were unavailable and the server was not reachable by IP (based on ICMP).
The usual possibility, network failure at the ISP level, was ruled out, as the second home server (arnet.am) was functioning properly.
The person closest to the server physically, was the operator’s sibling (lucy.vartanian.am), however she did not have the background in Unix system administration nor in hardware maintenance. Also, she was asleep.
Hours later the siblings (yours truly) organized a FaceTime call to debug the issues remotely.
The system did boot the kernel properly, however it would shutdown before the services could complete their startup.
Clearly, the machine needed to be shipped to the operator (yours truly) to be debugged at the spot.
So that’s what the team did.
Precise addresses are removed for privacy
At the operator’s (yours truly) location, the BIOS logs have listed that the system suffered from a ASF2 Force Off. This usually means a thermal problem.
The operator (yours truly) disassembled the laptop, hoping the system needs a little dust clean-up and a thermal paste update.
Turns out the problem was actually a swollen battery.
After removing the battery, the system booted fine. Just to be sure that the swollen battery was the root cause, a complete system stress test was ran. No issues detected (Well, except “Missing Battery”).
The systems was returned to its residency, connected to the internet and all services were accessible again.
Precise addresses are removed for privacy
If you’re new here, then first of all I’d like to thank you for reading this IR Postmortem article.
Yes, this was an IR Postmortem of a home server of a tiny community in a tiny country. This was not about Amazon, Google, Netflix, etc.
I wrote this for two reasons.
First, I wanted to show you how awesome the actual internet is. You see, when Amazon dies, everything dies with it. Your startup infra, your website, your hobby projects, everything.
When my server dies, only my server dies. And that’s the beauty of the internet. If you can, please, keep that beauty going.
Second, I run a small security company, illuria, Inc., where we help companies harden their environment and recover from incidents. It’s been years since I wrote an IR postmortem personally (my team members who do that are way smarter than me!), and I thought it would be a nice exercise to write it all by myself 🙂
I hope you liked this.
That’s all folks…
Really Apple?
I just learned that the WordPress mobile app supports non-block classical editor. Wow this is a life saver! Now I can blog on the move without opening my laptop or mobile browser!
A customer asked me to help them setup a tiny lab with many open-source tools. They are planning to move from corporate services to open-source alternatives such as NextCloud, Gitea, etc.
Unfortunately, they run only Linux, Ubuntu to be more specific, and as a UNIX gentlemen, I didn’t want to put everything into a single host, so I decided to use containers, in this case, LXC, a.k.a Linux Containers.
How hard could it be?
Oh god, layers of abstraction on within the system that have no idea about each other.
Like, who would assume that LXC would automatically download and install dnsmasq and assign IP addresses without my knowledge, or that it would push rules into the firewall?
The more I use Linux Container, the more I understand why FreeBSD Jails / illumos Zones didn’t win.
People don’t want automation or control, they want “please do this for me as I don’t wanna do it myself” tools.
I’d expect at least a message post-installation that says “We have installed and configured dnsmasq, reconfigured some systemd things, modified the following file (which is not mentioned in any man page, so you can use Google instead of man/apropos) and will use IP address ranges that you didn’t approve”
Is this why Docker won? Is it because people DIDN’T want to learn how to do software packaging? I hope not. I wanna believe its because developers wanted to “think operationally”
Oh, and from a FreeBSD perspective, what’s even more weird is that
lxc but I’m using 20 utilities named lxc-*, and I still cannot find the proper documentation for thatlxc) that has multiple config files with no proper versioning, pretty complex manual pages and the not even examples or HowTos.I’m looking at this and thinking ”oh well, if we build a proper tool, I bet we can win some of the market” until you realize, of course, that when people hear FreeBSD, they will be thinking ”it’s not Linux? maybe it’s not worth it, otherwise I would’ve heard about it”
I’m just angry here. Please ignore my rants.
Cheers y’all.