THe cloud image is shipped as a qcow2 file. It has about 3 GB of usable space. I need more.
Continue readingCategory Archives: Sysadmin
Network setup for a custom Qemu Virtual Machine
After building a custom Qemu, there are a couple ways to run a VM to get to it. The older approach to VM management is to create a block device, run the VM with a boot device, do a full install and log in to the serial console. However, if you run the Qemu/KVM machine from the command lilne, hitting control C will stop your VM, and this is annoying. I have found it worth while to set up networking and then to SSH in to the machine.
My notes here suck. I am going to try and document what I have here working, and, over time, reverse engineer how I got here.
Edit: here are the steps
Limiting What an Agent can do
I do not work with AI tools. This is not advice from experience of working with AI. It is advice from working with access controls in general.
Any agent has responsibility and authority. Responsibility is what it is required to produce. Authority is the set of resources that you provide to that agent. This does not change if the agent is human or automation, and AI agents fall in to that later category.
Qemu code format in vim
My defaults are set for Linux Kernel development, but I have been in Qemu land lately and these values make it easier to format.
set shiftwidth=4
set expandtab
set tabstop=4
retab
Tracing how much time the kernel spends in a function
Using ebpf and the bpftrace command line utility, you can perform simple reporting on function calls. Here’s an example:
Continue readingTools First
I have wasted a lot of time as a developer waiting for long running processes to complete. Whether it is a Linux Kernel compile, and Ansible Playbook tearing down and recreating a system on a remote server, or a gitlab pipeline building and testing code, the common problem is that my head is in the problem being addressed there, but I cannot do anything to verify hypotheses until the process completes. I often get distracted while waiting, and find that what could have been a 5 minute turn around has become a 2 hour turn around.
Continue readingvim windows
I tend to want to work with three windows side by side. Two have the code I am working with, often production code on the left, test code on the right. The third window is the output from running commands to test the code.
I recently have decide to go all-in on vim, and it is progressing nicely. Thank you the Jake Worth for inspiring this. In Vim, the meta key for for doing windows operations is Ctrl-W. Here are a few commands I have gathered up from the internet. I will collect up the links where I get them at the bottom
Converting a Shell Script to Python
We have a build system that has grown organically. It started as a shell script. We needed to run it from gitlab, so we wrote helper scripts to insulate our code from gitlab. Then we added some helper functions to mimic the gitlab interactions when working with them from the comand line. The helper functions grew until you could not practically run the original shell script without them.
It is a mess.
I want to refactor it.
Refactoring Shell is painful.
I want objects. I want python.
So I am rewriting the gitlab and functions layer in python with an eye to rewriting the whole thing. Here’s what I have learned;
Continue readingFreeIPA: whoami via curl
Assuming PRINCIPAL is your Kerberos principal and $IPASERVER is the FQDN of your server, you can query your identity on the IPA server via curl:
kinit $PRINCIPAL
curl -k -H referer:https://$IPASERVER/ipa -H "Content-Type:application/json" -H "Accept:applicaton/json" --negotiate -u : --cacert /etc/ipa/ca.crt -d '{"method":"whoami","params":[[],{"version": "2.220"}],"id":0}' -X POST https://$IPASERVER/ipa/json
{"result": {"object": "user", "command": "user_show/1", "arguments": ["ayoung"]}, "version": "4.5.4", "error": null, "id": 0, "principal": "ayoung@YOUNGLOGIC.COM"}
This is handy if your system is not registered as an IPA client.
To fetch by username:
curl -k -H referer:https://$IPASERVER/ipa -H "Content-Type:application/json" -H "Accept:applicaton/json" --negotiate -u : --cacert /etc/ipa/ca.crt -d '{"method": "user_show", "params": [[ "ayoung" ], { "all": true, "rights": true } ]}' -X POST https://$IPASERVER/ipa/json
What Processor do I have?
dmidecode -t processor | grep Version
Version: Ampere(R) Altra(R) Processor
Version: Ampere(R) Altra(R) Processor