Category: Nonfiction Books

Now that PAM Mastery is out, I’m starting work on my next project.

I’m taking a break from anything filesystem related. Yes, I want to do FreeBSD Mastery: Jails, but that involves a lot of filesystem stuff, so that goes on hold for a bit.

Instead, I’m starting a book on OpenBSD’s web stack. Between httpd, relayd, and CARP, plus assorted surrounding infrastructure like acme-client, OpenBSD’s got a pretty solid offering for its environment. It doesn’t do everything–but most of us don’t need everything.

And yes, while the reference platform will be OpenBSD, I’ll also mention the FreeBSD support.

This book should be easier to write than the PAM book. Which is good, because I’m still fighting anemia. I have no idea when this will be done.

I will offer sponsorships once I have enough of the book done that I’m confident I can actually finish it. And I have some novel ideas for this book, but that’ll also have to wait a bit.

cue Movie Voice Over Voice

They thought they knew PAM. They were wrong…

My long-dreaded PAM book is now available, in both print and ebook.

You can grab it at all the usual suspects–I mean, bookstores.

Get it before it gets you. I’m still waiting for Apple to get the book up in iTunes, but it should be there within a day or two.

Print proofs are on their way to me. If they look OK, you’ll be able to get the book in print next week.

If you want both Kindle and print versions, buy the print first. You’ll then be able to get the Kindle version for $2.99.

My long-dreaded PAM book now exists as a complete first draft.

I’m sorry.

I’ve somehow persuaded Dag-Erling Smørgrav, author of OpenPAM, to do a technical review. DES knows PAM, to his eternal regret, but I really could use more people to review the manuscript before it hits print.

If you know PAM, and would be interested in pointing out my errors before the rest of the world gets a chance, drop me an email with the subject PAM review. Tell me your familiarity with PAM, so I know the context of your feedback.

I’d need any feedback by Monday, 8 August 2016. That’s about four weeks. Given that this book is longer than Tarsnap Mastery but shorter than DNSSEC Mastery, that should be enough time.

I should say, though: this is a book on PAM. It’s not on LDAP, or SSSD, or Kerberos. I cover several add-on PAM modules, but all in the context of illustrating and leveraging PAM.

With luck, the book will be available Septemberish.

Two blog posts in one day, after a few weeks of silence? It happens. Weirder still, there will be another tomorrow. I’m asking for help from my tech book readers here.

Some things are such an integral part of my life that I can’t imagine others are unfamiliar with them. I’m considering using one of them for “PAM Mastery,” but I must consider that perhaps not everyone understands it. I don’t want to say what particular part of my life I’m talking about, as that would invalidate the test here.

So, with the following text, do you:

1) get the reference
2) if you do NOT get the reference, do you understand it anyway?

A chain of PAM controls don’t resemble the strict allow/deny syntax you’ll find in applications like packet filters, web servers, and other Access Control Lists. They’re more like a long-standing committee in a centuries-old educational institution steeped in tradition and ritual, where each member has an unusual name, baroque responsibilities, and unusual privileges.

This committee votes on authentication in a specified, stately order. Each member has specific ways they can vote. Perhaps the Archchancellor starts the vote, and can either say “yes” or reject the whole proposal before anyone else gets a chance. The Dean can vote “no comment” or “no,” but doesn’t actually get to vote in favor of anything. The Senior Wrangler can vote either “no” or “yes, so long as nobody else objects.” If voting reaches as far as the Lecturer in Recent Runes he can either stay silent or declare, “yes, dang it, and the vote’s over, I win!”

Meanwhile, the Librarian has a seat at the table but can only take notes.

I return from my literary forced death march writing class in Oregon to find this.

Which I have partially transformed into gifts for the folks who were kind enough to sponsor FreeBSD Mastery: Advanced ZFS.

I’m heading for the post office now, to relieve myself of the responsibility for these.

Mind you, one of these gets delivered to Perry, Michigan, about a 90 minute drive away. It did occur to me to drive up there and hand-deliver the book. But that a) is stalkery, and b) uses up time I need to finish preparing for the Lucas track at Penguicon this weekend.