Blog – Michael W Lucas

March 19, 2026

Talking at NYCBUG 1 April 2026

A few days ago, Patrick McEvoy said that NYCBUG had no topic for their 1 April meeting and asked if he could persuade me to present something, anything. Anything at all.

Anything? ANYTHING? On April Fools’ Day? The day I’m launching my next Kickstarter? The fact that I had absolutely nothing of worth did not dissuade me–indeed, it never has.

I’ll be presenting “What’s Changed Since The Last Time I Came this Way – a talk that was supposed to be about OpenZFS.”

Michael W Lucas and Allan Jude are busy working on a new OpenZFS book, which means not only documenting everything that’s changed in the last 12 years but discovering everything that they got wrong the first time. The quest for accuracy has taken Lucas deep into mailing list archives, Usenet, VAX installation manuals, the Kremlin’s first Internet connection, the United Nations’ effort to merge the BSD projects, and the ULTRIX and S51K filesystems, and left MWL more convinced than ever that filesystems are nothing but a April Fools’ prank. This hurriedly conceived and hastily assembled talk will update you on new OpenZFS features, but will also try to determine if it’s a good prank–or not.

Michael W Lucas’ name may ring a bell for some in the BSD community. He’s written several shelves of books. But for anyone who has seen him speak in public during Ante COVID days, it was clear they are mere transcriptions of his rambling presentations. For this NYC*BUG meeting, he is unlikely to edit out any of his expected corny jokes we endure during his conference presentations.

More likely, you know his name from his grotesque horror fiction. In the same way his technical books are just transcriptions of his presentations, his fictionaal horror is just a simple reflection of someone who lives in a haunted house filled with (pet) rats in Detroit.

18:45 EDT or 22:45 UTC. The talk will be streamed, so you can catch it from anywhere. Instructions are on the NYCBUG web site.

115: Both Sides of a Mirror Have Errors

I’m working on OpenZFS Mastery’s discussion of self-healing with a completely plugged ear, so I have no idea how this sounds.

OpenZFS uses hashes almost everywhere. A hash is an algorithm that takes a chunk of data and computes a fixed-length string from it. The interesting thing about a hash is that minor changes in the original data dramatically change the data’s hash. Each block of storage includes the hash of its parent block, while each parent block includes the hash of all its immediate children. Whenever the system accesses data, it verifies the data’s correctness using these hashes. Upon discovering an error, OpenZFS corrects or self-heals them. If the underlying VDEVs have redundancy, ZFS either reconstructs the damaged block from RAID-Z or grabs the intact copy from the mirror. If both sides of a mirror have errors, ZFS can recover the files so long as the same blocks are not bad on both disks. If the VDEV has no redundancy, but a dataset has extra copies of the data (see Chapter 4), ZFS uses those extra copies instead.

OpenZFS Mastery is still open for sponsoring.

March 17, 2026

FreeBSD security report on successful logins

By default, FreeBSD sends a daily security report listing all sorts of good stuff, and failed logins.

I don’t care about poorly-programmed password gropers fumbling at a service that doesn’t accept passwords. I don’t want to read pages of stupidity. Over the years I’ve trained myself to skip the stupidity, which is bad practice. If I get automated email it better contain only things I care about.

I care about successful logins. The number of folks who log onto my hosts is minuscule. I want to skim a short list of logins, recognize them all, and move on with my day.

I’ve trivially modified the failedlogin script to recognize successful logins. No, I’m not going to put this on github. I quit using github several years ago.¹ Drop it into /usr/local/etc/periodic/security and enable it in /etc/periodic.conf.local.

security_status_loginfail_enable=NO security_status_loginsuccess_enable=YES

This only catches SSH logins, though. If anyone has suggestions for improving the regex catching assorted logins for the services you use, I’m open to it.

Will I submit it as a PR? Uh, maybe? Depends if anyone cares.

March 12, 2026

Original N4SA2e cover art for sale!

The original cover painting for Networking for System Administrators, 2nd edition is on sale at my bookstore.

Minimum price is $600, but I’m sure Eddie would appreciate a couple extra bucks if you’ve got them.

I make nothing on this. Your entire payment (minus processing fees) goes to Eddie and he ships you the painting.

There’s only one, so grab it quick if you’re interested.. As an aside, this is the first time I’ve enabled stock management on my store. Supposedly this will disappear immediately when someone buys it, but I’ll be watching on the off chance it doesn’t.

114: 98% Free from Arthropod Infestation

My new FreeBSD Journal column just went to the editor.

Oh AWOL, my succulent summer child,

You’re the latest model of Human(tm), a digital native, theoretically enlightened by access to the collected wisdom of our species. Are your sources of wholesome, cogent, and actionable advice so limited that reaching out to a grizzled sysadmin seemed wise? True, this is an advice column. I offer advice. I also offer trepanning and experimental epidemiology but you don’t see people queuing for either of those do you? The Internet has Captain Awkward and Doctor Nerdlove and Dear Prudence and Ask A Manager and Dear Abby and you decided that no, you want to live abhorrently so you’re beseeching a grant of “wisdom” from a system administrator known for enhancing rat operated vehicles with nitrous oxide boosters. If you’re from a civilized country you even have health care so you could access counseling, or perhaps I should say intensive counseling because a few minutes into your first session the therapist would hit the big red button and you’d have a comfortable new home with three hot meals a day, your own bed guaranteed 98% free from arthropod infestation, and a meticulously personalized medication regimen because, after all, you think that sysadmins dispense sensible advice for a better life.

For more of my ill-advised advice, grab a copy of Dear Abyss.

March 9, 2026

Fundraising Auction Over

The fundraising auction is over.

Seth Hanford won with a bid of $777. I wouldn’t normally declare 777 to be a suitable solution to any problem, but I am compelled to sign off on this one.

Seth, send me your receipt and you will get your ~~pig in a poke~~–uh, your prize. I don’t care which of the suggested charities you donate to, they’re all worthy.

By the way, spectators and other bidders: the anonymous person who bid $550 also donated their bid to charity. If you felt like doing the same, they’d appreciate it.

113: Destroying Performance

Talking pools in OpenZFS Mastery, which means yet again talking about blocks and sectors and alignment.

GPT partitions fill a number of sectors. If you partition a drive assuming 512-byte sectors, you can easily create a partition that would not cleanly start and end on 4K sector boundaries. Take a drive that has 4K sectors, but claims to have 512-byte sectors. Create a partition that fills, say, seven 512-byte sectors, then add another partition that fills the rest of the drive. Make a ZFS pool with 4K blocks on that large partition. Each filesystem block touches two physical sectors. The misalignment causes write amplification, destroying performance. For average spinning drives, assuming that all your disks use 4K physical sectors is safest. Certain SSDs also expect partitions to be aligned along 128 KB or 1 MB boundaries. Some enterprise drives use 8K sectors, however, and a handful of specialty devices even larger.

Avoid alignment problems. Make all GPT partitions begin and end on megabyte boundaries.

My whole stupid career is built on filesystems. You can still get your name in this book, though.

March 2, 2026March 9, 2026

Kansas or Minneapolis Fundraiser

My country is in trouble, and I’m just a tiny ~~rat~~ dude making a marginal living writing about stuff very few folks care about. Not much I can do directly.

My 1 April Kickstarter required some unusual tests, so I produced a physical artifact of interest to a certain subset of sysadmins. I have that artifact. It’s a real thing. I have to make a couple tweaks and add tidbits here and there, but the thing exists.

You want proof it’s real? Here you go!

Mildly redacted to preserve the surprise. Also, this photo is legitimately a hint.

Folks have started asking what it is. I’m not saying until the Kickstarter launches.

I am, however, auctioning off the prototype for charity.

Yes, I’m asking folks to give money for a sysadminny thing sight unseen. The money doesn’t go to me, however! I want you to support a worthy cause. I have a choice of worthy causes: supporting Minnesota folks trapped by ICE, or helping trans folks in Kansas.

What do you get?

When you send me the receipt for your donation, I will mail you the thing and send you a Kickstarter preview link. I will also include a letter declaring that your direct financial support of charity grants you moral superiority. Once the final product escapes, I’ll ship you one of those. So really, the physical good will be unique for only a few weeks.

Intangibly, though? Ah, the intangible benefits! BRAGGING RIGHTS. You’ll know what the thing is before anyone else! You’ll have grounds to call me a dumbass before anyone else! People will call me a dumbass anyway, but your comments will be evidence-based and thus folks will take you seriously.

I will pay for standard Priority Mail shipping. That’ll be three days within the US, and a couple weeks overseas. (If you’re outside the US and want fast shipping, I’ll ask that you send me a few bucks for the upgrade. Sorry, but overnight to Germany or Australia ain’t cheap.)

All I ask is that you don’t ruin the surprise for folks. If you blab, I can’t do much. Sure, I’ll never do a fundraiser like this again and I’ll call you a jerk, but that’s about it. Unless you live within wedgie distance.

I am, of course, perfectly fine if you post something like “holy crap Lucas is a jerk this thing is a total ripoff like I’ve never seen before don’t you dare go to https://mwl.io/ks and follow it you’ll only encourage his next lame travesty.”

Bid by leaving a comment on this page.

The auction runs from now until 5PM EDT on 9 March 2026. If the bidding goes nuts in the last few minutes, I’ll leave it open until it settles down. There’s no sniping this auction at the last moment, as I want bids to escalate beyond all sensible limits.

The winner gets to pick a charity off of https://www.standwithminnesota.com/ or Trans Continental Pipeline and donate their bid. Send me the receipt and I’ll send you the thing. I want you to be able to enjoy knowing the secret for as long as possible, so I’ll ship it ASAP.

Bid early! Bid often! Bid to be the first one disappointed!

112: A Special Uberblock

OpenZFS Mastery is staggering along. Here we talk about how ZFS maintains uber-integrity.

Not having dedicated special index blocks sounds great, but every data tree needs a root. ZFS stores a pointer to the filesystem root in a special uberblock. Every pool has a queue of 128 uberblocks stored at algorithmically-predictable locations. In keeping with the copy-on-write design (Chapter XXX), uberblocks are never edited. Every time a new transaction group gets written to disk, ZFS records the new root information in the next uberblock in line. When the 128th uberblock is used, ZFS loops back to the beginning. At boot, the system searches for the uberblock with the highest transaction group number and uses that to find the pool’s root. If the newest uberblock appears damaged or incomplete, ZFS falls back to the newest usable uberblock. A badly timed failure might cost you the latest transaction group’s worth of data, but the pool itself will be coherent and will not require an integrity check.

OpenZFS Mastery is still open for sponsorship.

111: Artifically Prolonged, Unnecessarily Stressful

Here’s OpenZFS Mastery on physical labeling. I have strong feelings on this.

Develop a consistent naming and numbering scheme for your storage arrays, and use it dogmatically. Many storage arrays have a standard naming scheme, often printed on the equipment. If your equipment already has numbered shelves, use that numbering. Otherwise, make simple rules like “shelf 0 is always at the top and disk 0 is always at the left.” You might use the prefix “f” for the front and “b” for the back, or whatever works for you.

Record the serial number of each drive as you install it in the array. Physically label each drive tray with the drive serial number and physical location. Use good labels that remain stuck over years of being ignored in a dry, dusty datacenter. Yes, this is tedious—but when a drive fails you must have this information. You can do this work in peace and quiet at your own pace, or you can desperately rush through it during an artificially prolonged, unnecessarily stressful outage.

OpenZFS Mastery is open for sponsorships.