The Life and Times of Michael Shadle

Today we had an issue at work, an odd issue.

OS X users using Safari wound up with a proxy issue after clicking on a button on our site, and reloading the page.

The suspect seemed simple to me - the button has to do something persistent that makes the browser behave differently the next page load - so a cookie or a session-based thing on the server side which scrambles the request. Session stuff seemed incorrect as it should show a PHP error or something, not actually make the proxy reject the request. So I came to the easy conclusion of going down the cookie route.

Sure enough, it was an onclick function which set a cookie - one that worked in every browser including Safari on Windows*, but broke on Safari on OS X. So we looked to see what the cookie was. Turns out, Safari on OS X at the moment does not like when a cookie's value ends with a comma "," - it  literally breaks cookie handling altogether. It sends some request that our proxy considers invalid and rejects, and checking without the proxy involved showed us that some cookies (if not all of them) were not being sent to the server (or at least not properly) - which included our authentication cookies. The minute we nuked this "bad" cookie, our other cookies got read properly, the proxy allowed the request, etc.

So, for those people who like to see things more direct and don't like to read a lot of fluff (me included!) here's a simple breakdown:

BREAKS: CookieName=Foo,Bar,Baz,
WORKS: CookieName=Foo,Bar,Baz

Pretty simple. Odd that it appears to be inconsistent across platforms. Anyway, have fun with that little nugget of information. If I wasn't lazy I would look into exactly where to submit a bug, somewhere in the WebKit community I assume.

* I cannot confirm that Windows did not suffer from this, a coworker provided that information.

Might not be the most advanced, but hey, it works. You just need to alter the mac address and the display for each machine. I'm running this on Ubuntu 10.04 (Lucid) and it seems to work great.

/etc/init/my-kvm.conf:

description     "my-kvm"

start on (net-device-up
   and local-filesystems)
stop on runlevel [016]

respawn
exec /usr/bin/kvm -hda /root/virtual-machines/my-kvm.bin -no-acpi -m 128 -net nic,macaddr=DE:AD:BE:EF:18:12 -net tap -vnc :0

Enjoy.

As of Chrome 5, it appears that SPNEGO (that seamless sign-on that happens using Kerberos tickets and GSSAPI and all that magical crap) on a Windows-centric network is supported. Thanks to Tim for noticing that today and after upgrading to version 5, I could confirm it.

I have to say that I have been impressed with Chrome, for the most part. I still would like a status bar at the bottom, I'm used to having some sort of "frame" around my windows to know where they end. Also it has a limited amount of things to customize inside of the options. However as far as development goes, it's moving along quite steadily after the initial launch and stagnation. I did expect this version to be noticeably faster but so far it seems the same. I especially expected Gmail and other Google properties to magically perform better... but nothing major to report so far.

When it comes down to it though it's becoming the default browser on almost all of my machines. It's faster on startup and such than Firefox and less prone to large memory usage (but still is a bit bulkier than I'd like...) but it's design is much better than Firefox's due to it's sandboxing. Hopefully development continues at the same rate though!

Google's usually pretty good about pushing standards and best practices but this is just lame.

http://code.google.com/p/chromium/issues/detail?id=41467

From my understanding, if you type in http://www.foo.com in your browser it will now remove the http:// - not that it matters, the browser auto-prepends if it you leave it out, but it's not intuitive at all now, and it's not like it was a change that needed to be done.

This is just going to make more people copy/paste the wrong URLs into pages, not get autolinked properly, etc. How many <a href="www.foo.com/"> type links will there be if this starts spreading... I like being able to copy/paste directly from the address bar.

I don't care if people don't put it in when you type in "yahoo.com" - the issue here is the output and reuse and the general idea of "this is a legitimate URL" - considering the RFC for URLs does maintain that you need a scheme!

"A URL contains the name of the scheme being used (<scheme>) followed by a colon and then a string (the <scheme-specific-part>) whose interpretation depends on the scheme."

With the whole MySQL/Oracle issue going on, I find myself looking into the future and how I see it. As far as I'm concerned, MySQL will start to lose it's popularity as the landscape changes. As far as I am concerned, there will be two key players in the MySQL replacement market, those being Drizzle and MariaDB.

I am not just saying Drizzle just because I help out with the project in various ways, however, that should be a good sign that I believe in it if I am willing to put any effort into it. With people behind it like Brian Aker, Eric Day, Monty Taylor, Stewart Smith, Jay Pipes, you've got a coding powerhouse that could solve the cancer issue if it was up to software development to fix it. These guys work around the clock and have been refactoring and re-examining everything inside of MySQL. What's going to be left ideally is a superfast microkernel that supports plugins for everything - leveraging the best options out there for replication, messaging, storage engines, etc. Growing apart from the monolithic huge distribution model that MySQL currently follows.

The second key player is MariaDB. Another fork off of MySQL, led by Monty Widenius himself and with other MySQL key players behind it, there is no doubt it will continue Monty's legacy as being able to spin success out of a tiny little open source product. I believe it will stay more traditional in-line with MySQL, but will provide more advanced functionality and scalability as it is developed further.

I won't get into other options like PostgreSQL as I don't follow the rest of the community there much.

Also, we'll see more NoSQL (did we ever bottom out on a better term for that?) options. CouchDB and MongoDB (both of which from a 50,000 foot view look identical from a usage model) and options like Cassandra will also become important and your data needs will become the decision maker for going with a SQL or a NoSQL database. Both of which offer advantages. However, I see Drizzle as making huge strides in leveling the playing field (or attempting to) with it's replication work to make it as scalable as NoSQL databases seem to be with their ability to scale out and replicate changes easily (which to me are their main selling point right now...)

Anyway, this is from a user perspective, not a developer perspective, and from what I've seen from #drizzle on freenode, a few SQL and open source conferences, blog talk and my own gut feelings.

I should make a note that I still use MySQL and will probably continue for some time. Neither Drizzle nor MariaDB are production-friendly yet. However, I believe 2010 should see the first "production capable" release of Drizzle (not sure of MariaDB.)

It is an exciting time though as we're starting to be presented with more options by the day, in fact there are so many various NoSQL databases now, key/value stores, and even a few more SQL databases that it's too hard to keep track of them anymore. There's a lot of code being written and with this whole Oracle possibly inheriting MySQL depending on the EU's judgement, it could ultimately help usher in some of these smaller projects into the spotlight quicker depending on what Oracle does with MySQL...

Thanks to Monty, I've learned something that will save me a lot of headache in the future. I had a bunch of random scripts I wrote myself to try to keep things in sync, turns out most of the work is already all done for me.

On the source host you want to clone:

dpkg --get-selections > file

On the destination host:

dpkg --set-selections < file
apt-get dselect-upgrade

Now your machines should be identical, package-wise.

Typically, updates on the open source packages work without a hitch. However, my upgrade last weekend on my servers from Ubuntu Hardy to Intrepid wound up creating a couple major headaches, and at the same time, I noticed a handful of other snafoos happening to open source packages I use daily.

This wound up in server instability, client annoyance, and 20-30 hours solid of trial-and-error compiling, testing, debugging, etc. Even right now, if I forget to hold back the libgpac-dev package from being updated, all videos being converted lose their sound due to MP4Box crashing.

• NFS broke - on only *one* of six identically configured machines. For the time being, running 2.6.24-16-server has been my only workaround. Trying all three kernels in the Ubuntu repository (2.6.27-7-server, 2.6.27-10-server, and 2.6.28-2-server) all suffered from this issue. Sadly, could not provide much debugging or relevant information to anyone, the machine is in production and I've got nothing in logs to go off of. Five of the six servers are running the newer kernels without an issue, which is what is odd.
• ffmpeg broke resampling of a common audio type - oddly enough, this can be fixed by issuing two separate ffmpeg commands. There is a patch on the mailing list, but still not implemented into SVN.
• MP4Box no longer works on Ubuntu, due to an issue with libgpac-dev - still no fix available, have to force using an older libgpac-dev version.
• nginx releases 0.7.25, a new feature in 0.7.25 had a bug, 0.7.26 comes out - luckily, Igor's fix was quick and effective, before I even had a chance to run 0.7.25.
• PHP 5.2.7 comes out with a somewhat critical "security" issue (magic quotes was broken), has to release 5.2.8 shortly after - I have to wait for Suhosin and PHP-FPM patches before I can adopt a new version of PHP; otherwise, this may have caused some headache for me.
• MySQL 5.1 comes out with crashing bugs - I stick to using MySQL from the standard Ubuntu repositories, which usually has a decent lag while seeking "stability" - thank God for that.

I dislike wikis. At work we were using them. Now we're changing from wikis to an article management system. The idea on paper sounded great, but I'm realizing the pitfalls about the implementation.

There are some traits that wikis have that I like. There's also plenty of bad traits. Also, I'm thinking of MediaWiki when I say this stuff.

Pros:

• Interlinking and updating
• Anyone can edit pages by design
• Templates and categorization can be done by anyone, inline
• Every page has a discussion option

Cons:

• Lots of overhead
• Semi-proprietary syntax (= makes h1, == makes h2, * makes one level lists, ** makes it a two level list, etc.)
• Inconsistent syntax - some HTML works, some bbcode-ish wiki stuff works, some __HEREDOC__ stuff works
• Forces everything to be CamelCase
• No attachments per page, only global
• By default, wikis have no page-level security, since their mantra is "anyone can edit"

So now that I've said that - I have to say that the ideal approach would be to take the existing CMS approach but add in a few wiki features. Specifically the interlinking. We already have a comment feature on every page. Attachment management is per-page too.

Late night half dazed thoughts:

Link syntax couldn't be something like foo:bar - since javascript:foo would conflict. Perhaps something like [foo:bar] would be a good idea? For links to file attachments, [file:fileID] or [article:slug-title]. This would make life simpler for tracking what files are orphans, can display information about the file in-line in the documents (file type, size, etc.)

One thing most places forget to mention, at least clearly, is the need to update the LU tools before you run the upgrade.

This assumes you have the DVD .iso already on the system, and you are mounting it to a directory (in this example, /export/loop)

First update the LU tools off the new disc. This process wasn't really included in a lot of blogs I read:

mount -F hsfs /path/to/sol-nv-b101-x86-dvd.iso /export/loop
cd /export/loop/Solaris_11/Tools/Installers
./liveupgrade20

*Now* you can run all the LU commands:

lucreate -p rpool -n snv_101
luupgrade -u -n snv_101 -s /export/loop
luactivate snv_101
init 6
shutdown -i6 -g0 -y  (if init 6 doesn't reboot - maybe I was impatient)

P.S. Don't put the .iso on your root pool or it will be included in the filesystem forever and you won't be able to get that space back. Thanks Tim 🙂

I comment on a lot of random sites and blogs. I usually write down the URL in a text file and hope that someday I'll remember to return to see if there's a reply.

I believe a service exists - I know that "page change notification" services exist, but I'd rather be able to subscribe to an RSS feed of reply notifications - i.e. I post on a blog, I dump the URL into a textbox, and it monitors the site every so often for changes (probably the specific post's comment feed is the only thing that is worthwhile) - even better, someday maybe even automatically adding the URL when the browser notices I've commented.

Anyone got a site out there that does this yet? I've had this on my mental radar for a while. Of course, that doesn't really do anything if I can never get around to finishing anything.