1. 2

    I love that it runs emacs (I used the terminal type vt100fc and that worked, mostly!) - gets you a nice view into where all this came from.

    1. 3

      A small utility that lets you do this on a per input basic too. http://kevingessner.com/software/functionflip/

      1. 2

        Nice! I’m not sure that would have helped though - I switch on the setting that allows using the F-keys without the Fn key. Of those F-keys, only F4 was completely inactive - pressing F1 would send ^[[OP, F2 would send ^[[OQ and so on - only F4 would remain completely mute. I have no idea what’s going on there, but this ought to fix it (:

        1. 2

          Do you use hammerspoon? Because it’d be a nice way to solve this whole problem ..

          1. 2

            In what way?

            1. 1

              You can have per-app detection and enable it when you need it.

      1. 4

        This is also extremely useful and effective in case you have to deal with a fork bomb: SIGSTOP its process tree to make the processes stop spawning new children, then SIGKILL them all at once.

        1. 5

          It is probably enough to stop naive fork bombs, but it’s not safe against truly adversarial input. You can write a fork bomb to escape this technique.

          I’m not sure what set of processes the systemd code is trying to kill. But there is a fundamental race condition between:

          1. List all the processes matching <some property> (i.e. they might be descendants of a shell that started a fork bomb, etc.)
          2. Kill all those processes, or send SIGSTOP to them

          The problem is that between steps 1 and 2, any of those processes can fork(). They can spawn children to escape your wrath :) Even with SIGSTOP, you still have the problem of determining which of them match the property.

          There is no solution to this problem in POSIX – processes aren’t treated as adversarial in this regard. On Linux, the solution is the freezer cgroup. There’s no way for a process to “escape” a cgroup.

          Again I’m not clear on the context of the code, but my understanding is that systemd uses cgroups all over the place, so I’m not sure why they wouldn’t use it for killing processes.

          I guess it’s “late stage shutdown” when the computer is shutting off? That technique is probably fine then since shutting off is a very special operation, where you don’t need to preserve any invariants of the system after that operation.

          But if you want to try to write a stable cluster manager (as I once tried), you should treat processes as adversarial and use cgroups (on Linux).

          https://github.com/torvalds/linux/blob/master/Documentation/cgroup-v1/freezer-subsystem.txt

          It’s not a trivial problem, I bookmarked this awhile ago:

          https://issues.apache.org/jira/browse/MESOS-1689

          EDIT: If the fork bomb is started under a non-root user, I believe you can just kill all the processes under the UID with the given technique. The process shouldn’t be able to escape that property by forking (without privilege escalation). But that’s the best you can do – there’s no way to reliably kill a fork bomb while leaving other processes under the same UID untouched.

        1. 1
          1. 4

            https://mailinglist-archive.mojah.be/oss-security/2017-09/msg00040.php seems to be the one that OP meant to link. Here’s the ticket on the emacs debbugs instance, which has much more context: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28350

            1. 1

              Indeed, thanks

          1. 1

            I get an “insecure site” warning in both Firefox & Chrome.

            1. 2

              Seems like a slightly buggy github pages setup. I found the post here: https://github.com/horia141/horia141.github.io/blob/master/_posts/2017-08-21-history-tables.md

            1. 3

              I couldn’t agree more about this exec line noise - it takes a lot of mental gymnastics to figure out what even is happening in what parts of the program. One thing that I have found non-{0,1,2} FDs useful for however is when tools (e.g. gpg) take a --passphrase-fd argument, useful for when you are also redirecting some other thing into stdin.

              The author’s example of with redir would be excellent - making it much clearer how the dup gymnastics work.

              1. [Comment removed by author]

                1. 1

                  Where is this quote from? I can’t find that in the article or the referenced posts.

                  1. 3

                    Removing it… Wrong page. Sorry.

                1. 2

                  I really love this line:

                  Produced code will have valid JavaScript syntax, but may not work quite the same way due to many conceptual differences between the languages.

                  1. 2

                    This site’s certificate expired yesterday /-:

                    1. 4

                      That’s a pretty great find - the thing that made me laugh in this video is that despite “Check incoming email for spam” being selected, there is “100% electronically tested condom” spam being delivered at minute 2:43 of the video. Marvelous.

                      1. 3

                        TIL about xcrun! That’s a very handy command to know!

                        1. 10

                          I did not know about \watch. This is somewhat life-changing. Thanks!

                          1. 2

                            Yes watch and programmatically, notifications are two favorite features of psql and postgresql.

                          1. 1

                            This is a super cool summary, and one thing really stands out:

                            Removing an instance from the cluster before replacing it is required. Otherwise the replacement instance can’t join the cluster. This means, if an instance ever dies, you need to manually remove it from the cluster with etcd member remove.

                            (instance death/EoL by the host is a very common occurrence if you’re running a lot of instances, and having to do that manually for every one will use a lot of manual operator work.)

                            1. 1

                              I’m still oscillating wildly between “I want one” and “this is going to be terrible for all my peripherals”, but the one thing I’m really interested in seeing once they come out is a technical guide to working with the Secure Enclave programmatically.

                                1. 2

                                  Thanks! Too bad I can’t edit.

                                  1. 1

                                    Ask a mod to change it - @kyle @Irene or @jcs

                                    1. 3

                                      done

                                1. 3

                                  @antifuchs any reason you went with t-digests instead of HDR histogram? I wrote a bias quantiles implementation a while back for some stuff we were doing, but with our throughput it sucked horribly due to the dynamic memory use. Are t-digests a fixed size no matter what?

                                  edit it appears so. The only make I see is in the constructor. What advantages over HDR histograms does this have?

                                  1. 1

                                    That’s a great question - I asked my co-worker responsible for implementing the t-digest/merging feature, and that’s what he had to say:

                                    the main reasons were basically 1) needed fixed memory regardless of the number of samples, since we’re shipping the whole histogram around 2) our previous histogram library didn’t support merges and the one before that didn’t support floats, we needed both of those features (and coda’s implementation of hdrhistogram in go also does not support floats 3) lower error at extreme quantiles is a nice feature since those are the ones we really care about (but i admit that my survey of the field was fairly brief) and finally 4) i figured if we were going to write our own histogram implementation we might as well choose a fun one and let’s be honest here… #4 was the most important reason of all

                                    You can see item 3 analyzed in https://github.com/stripe/veneur/tree/master/tdigest/analysis (provided you have R installed (-:). I think the higher fidelity at the 90/95/99 end is pretty cool (also that you have 100% fidelity for the maxima and minima).

                                    1. 1

                                      Ah! Nice. I hadn’t considered the floating point problem. We’re only doing histograms on ints (milliseconds), so that hasn’t been problematic. We, too, ship histograms around, and store them at 1m, 10m and 60m (rolled up of course). Our accuracy though, is probably the thing that suffers most. I don’t remember exactly, but my guess is that we’ve reduced the precision a bit to make the size reasonable.

                                      For our use case, I actually advocated for doing log-scale response time buckets, but that got vetoed. Thanks for going the extra mile to share the details of the decision!

                                  1. 2

                                    This is one medium across and one medium over, but this post strongly reminded me of this analysis of the Marvel Cinematic Universe’s background music.

                                    1. 1

                                      This is very cool! Does patter deal correctly with parallel tests?

                                      1. 2

                                        Not intentionally! But, I haven’t tried it, yet. This is the result of a whim, and about an hour of work.

                                        I think I’ll make this work with go test, too, so I’ll test when I do that work.

                                        1. 2

                                          I just tried executing a giant test suite with -p 10 (but no actual calls to t.Parallel). This is supposed to result in tests from other packages running in Parallel. Since the output is largely the same --- PASS: I think it just works.

                                          As for subtests, what currently happens is that if the parent passes, it gets counted as 1 test, and the sub tests are added as comments. I guess the easiest thing to do would be to strip leading spaces, but then I’d over count…

                                      1. 3

                                        The websites shown in red do not provide an AAAA record.

                                        I guess that’s better than providing an AAAA record and having no connectivity (or unmonitored connectivity) to the address that the AAAA record points to /-:

                                        1. 2

                                          Noticed that SLIME still announces “Lemonodor-fame is but a hack away!”, in 2016, almost 8 years after the last update. I chuckled at that.

                                          Good screencast! It was great to see what has changed (and what hasn’t)! (: