Blog

Posted on

Proof You Should Not Run My Code: my SNMP agent

I’ve included bits of code in my books, sure. Always with warnings to not run it in production, as I am a firm devotee of fault-oblivious computing. You should not follow my example. But after a Fediverse (Mastodon) discussion last night, I’ve decided to share the code of a program I wrote and deployed. In production. When writing SNMP Mastery, I needed to understand how to integrate a custom agent into net-snmp. I also needed to go through the process of getting my own enterprise OID. I submitted the OID request right before Christmas 2019, and 55030 was assigned the next day.

So I promptly wrote my own SNMP agent, use top-notch state-of-the-art Perl 4. There’s some compatibility glue to make it run under Perl 5, but it’s basically Perl 4. Yes, there’s other languages–but Perl is eternal and timeless. Like Cobol and SNMP, that is not dead which can eternal sleeping lie.

This agent is the single source of truth for my published bibliography. Instructions for accessing it are in the SNMP book, but if I’m sharing the code I should provide context.

Browse to https://cdn.mwl.io/snmp/ and you’ll find the MIB file TWP.mib. Put that in your SNMP browser or MIB directory. If you’re running net-snmp you can pull the table with:

$ snmptable -v2c -c megadweeb snmp.mwl.io mwlBooksTable

The file agent-TWP.pl includes the agent proper.

This code has been called “comically evil,” which warms my bitter heart. Yes, I could use a database. But why? The data changes 3-4 times a year, if I’m productive. And yes, the data is in columns, not rows. SNMP doesn’t do rows. It doesn’t really do tables. It only has columns, which you could choose to arrange side-by-side, but that’s a feeble human thing and irrelevant to this primordial protocol.

In writing this I had to choose between complex code and simple data, or simple code and complex data. Given that updates consist of adding an entry to the end of each column, I chose simple code. Yes, there’s an occasional painful update where I realize that I missed one of my old books, but those are increasingly rare.

Anyway. If you want a truly complete checklist of what I’ve written, here it is. Other writers have spreadsheets or text documents or perhaps, if they’re truly prolific, desktop databases. But noooo, I had to do this.

TLDR: do not run my code. That’s one reason I don’t use github; this is not a sample or example, it an inspiration for you to recoil in horror and do better. (I also insist on controlling my platforms, and I don’t control github.) I’m certain this will be presented as an exhibit in my inevitable, eventual sanity hearing.

60 Seconds of WIP, 7 September 2023

Run Your Own Mail Server has finally forced me to write a bit about netcat versus telnet.

Netcat is a flexible network tool that, among other things, allows you to connect to arbitrary TCP/IP ports. We’ll use it for testing services. Over the decades netcat has been forked, reimplemented, and served as inspiration for other programs that also call themselves netcat. These variants made no effort to make their added features compatible with other variants. Your Unix might provide a netcat-alike such as ncat or socat. Long commands are not very Unixy so netcat, ncat, and others often get installed as nc. If you have a problem using netcat focus your investigation on your exact version, and not netcat in general.

With all these issues, why use netcat and not telnet? If you think netcat has been forked, wait until you get a look at telnet. Telnet mingles standard output with standard error, and silently modifies text for compatibility with interactive shells.

If this book interests you, or if you want to encourage me to wreck my life by writing it, please consider sponsoring it.

Posted on

“Apocalypse Moi” ebook out!

The official release date for Apocalypse Moi is 26 September 2023. If you want to get it from one of the big bookstores, you’ll have to wait. (I’ve been accused of hiding the big point, so: this collection contains a previously unpublished Prohibition Orcs tale.)


It’s already available at my ebookstore, though. If you believe that I’m deploying a sophisticated, subtle strategy to steer people to buying direct from me rather than via Amazon, you would be incorrect. It is neither sophisticated nor subtle.

Also, The Full Michael and the All The Novels and Collections bundles have been updated. The price of All the Novels and Collections has not changed: you now get four books free. The Full Michael has actually decreased in price, because buying Apocalypse Moi is less expensive than buying the chapbooks.

Some poor bastard who shall remain nameless bought The Full Michael five days ago, right before this came out. I sent him a copy of Apocalypse Moi because I’m not a monster. Okay, I’m not that kind of monster.

I’ve unpublished the assimilated chapbooks everywhere, reducing my maintenance load. Huzzah! The anthologies the other stories come from will remain in print, but maintaining them is not my dang problem so that’s fine.

And for the record, the branding on The Full Michael will remain until it ceases to amuse me.

Posted on

August’s Aghast Sausage

(This post went to Patronizers at the beginning of August, and the public at the beginning of September.)

The most exciting thing this month is probably the Writing Chariot.

I have written at a standing desk since about 2010. I find it much more sustainable than a standard desk, and it lets me pace more easily when my brain logjams. I have no idea when I started using split keyboards, but it’s been many years. Split keyboards let me open my shoulders naturally and keep my wrists straight, which relieves a great deal of my tendinitis and my mild-but-annoying nerve damage.

Ideally, though, I would write with my arms hanging limp at my sides. I’ve been contemplating some sort of belt arrangement where I could wear keyboards at my hips, gunslinger-style. I don’t have experience working with cloth, however, and stabilizing the keyboards is an obvious challenge. I discussed the issue with my father-in-law, and he promptly whipped up this… thing.

I attach each half of the keyboard to one of the arms and stand between them. In theory, my hands can dangle at my sides as I type. It’s not exactly neutral position, but it’s pretty close. The arms can be adjusted up and down, and there’s a peg to hold them in place. I’m not using the Writing Chariot yet—it needs another adjustment, so I need a second person to drill the hole. But my initial tests show that it’s usable. Time will tell if it fubars my shoulders even further, or if it relieves the stress. If this doesn’t work, the next step is the Keyboard Gunslinger.

In other excitement, my next Kickstarter is live. Apocalypse Moi is a collection of my short fiction, all with the theme of “doom.” The video features my missus, She Who Must Be Obeyed, as well as the inimitable Zig Zag Claybourne. Many of you will get the book for free as a Patronizer benefit. There is no need for you to back the Kickstarter. As you might guess, though, I’d still appreciate if you told folks that they should back it.

Before you ask: no, this book doesn’t have a leather-cased edition. The cased Prohibition Orcs did well, but the cased Devotion and Corrosion, not so much. More than one person told me that they were not allowed to buy two $200 books from me in the same year, and I can’t blame them. This will be my last fiction Kickstarter for 2023, I’m sure, and it will clean up my short story inventory. This has already changed the cash flow of running a Kickstarter, though. Prohibition Orcs funded in under fifteen minutes, because two folks bought leather-cased editions. That money was, in some ways, bogus. The leather cases bring in the most revenue, but they’re also the most expensive to fulfill. Apocalypse Moi took about ten hours to fund, but the profit/expense ratio is better.

Previous Kickstarters demanded excessive mental energy, because I loathe asking for money. Even with you folks, I’ve taken pains to declare that the Patronizer program is a terrible deal. This time, I’m trying a few techniques to lessen the mental load. First, there are no complicated rewards. I’ll deliver ebooks, order books from printer, and ship signed books—done. Second, with every promotional post I’m including a link to my free stuff. Balancing asking for money with an offer of freebies relieves some of my discomfort. Last, I’ve figured out a theme for my promotion. This is an apocalypse-themed collection, so I’m doing a “Thirty Days of Doom” social media promotion. It’s much easier for me to say “here’s this cool doomsday some other artist created, and by the way please support my little apocalypses” than to come up with a naked plea for money every day. Look for the hashtag #30DaysOfDoom on Facebook and the Fediverse.

I had hoped to have Run Your Own Mail Server finished by now. That’s obviously not happening. Once Apocalypse Moi arrives, I will bundle it up with Devotion and Corrosion and ship to print-level Patronizers. I probably need to ship fiction on its own, rather than bundling with tech books. In theory, tech books should not take this long to write—but they do, dammit.

A couple folks asked about my decision to publish short stories only on my website. Years ago, I said that I could publish a short story and make a few hundred bucks pretty quickly. Last month, I said that short stories are not worth my time to publish. These are contradictory, but only because they’re separated by time. My short story buyers are overwhelmingly my Patronizers. The stories are included in your so-called “rewards.” I traded those occasional bursts of cash for a steady trickle of income, and I thank you for it.

The flunky I hired to polish my web site is working out so far. I’m kind of surprised, but only because I always expect everything to fail unpredictably. He’s just under the $600 “I have to file tax paperwork on you” limit, so before long we’ll have to discuss if he wants to continue or not.

Run Your Own Mail Server is coming along, generally several hundred words a day. This is the most difficult book I’ve ever written. I’d say “the next book will be easier,” except I know better than to promise myself that. They make nipple clamps for people like me. But today I’m writing about SPF and MX records, so the book has achieved “functioning mail server!” (Of course, you can’t tell people to mail you at that domain yet. There’s no spam protection, you’ll drown.) Once I get these basics down, though, it’s basically “configure rspamd” and the related DNS records for DKIM and DMARC, plus a DMARC aggregator. Oh, and postfixadmin. I have to configure things the hard way before setting up postfixadmin, though, because without that understanding you can’t troubleshoot failures. But still, most of that is either straightforward procedure or small concepts that aren’t tightly integrated with the rest of the ecosystem. You can run email without DMARC or DKIM. Nobody will accept your messages, but you can run it.

Anyway, I’ve got to get to work. The Writing Chariot isn’t going to adjust itself.

60 Seconds of WIP, 31 August 2023

Today’s reading is from the Kickstarter-supported afterword from Apocalypse Moi. I have no idea if this will make it into the final book. I write things that are about things. When I try to write about the things I’ve written about things, my brain immediately enters a recursive death spiral. I offered this Kickstarter stretch goal in part to force me to learn to write them.

This book contains revelations. Some of them destroy the world. In one, the world has already been destroyed and everyone’s dead, which presents problems for the things that remember being people. But throughout, life-changing revelation. Apocalypse is not discovering there’s a slice of pie left in the fridge. It’s discovering that someone loves you enough to leave you that slice. The mildest apocalypse is love, leaping out from behind the curtain and shouting Boo! Apocalypse-as-revelation offers wisdom, improves our lives, and offers paths to a better life and world.

We all hunger for that.

Some folks out there are so desperate for revelation that they declare their bigotries and phobias to be sacred truths that must be shared. Every one of those ideas is built on loathing and selfishness. None of them improve lives. I mourn for people infected with them, but not so far as to let them have their way.

Posted on

Finding a way to “Speak the Truth”

One of my biggest rules for writing nonfiction is “speak the truth.” It might be *my* truth, others might disagree, but that truth is absolutely necessary.

A book I’m planning to write after Run Your Own Mail Server really needs to use Debian as the reference platform, for reasons I’m not gonna get into here. But my heart is obviously and publicly in BSD-land. How could I write this and be truthful?

I’ve been chewing this over for a while, but the obvious just hit me: it’s about voice and theme.

I need to write this book with a motif and theme that fits the topic. I’d been pondering using a Trek motif, but this specifically needs a DS9 theme.

Specifically, a “O’Brien managing Terok Nor” theme.

NOW I can write this book and be truthful. (bang)(clang)(grind) (BOOOM)

The detail that this requires a DS9 rewatch is purely incidental.

60 Seconds of WIP, 24 August 2023

Today’s reading is from an as-yet-untitled Christmas story. Yes, I write Christmas stories. And I sell them to anthologies.

We go through a lot of coal. The Workshop has geothermal heat, sure, and there’s the big solar farms for the nightless summers, but certain people don’t have real friends—friends who will tell them the truth. You might be one of the richest people on Earth, surrounded by sycophants and lickspittles who cheer your every whim as unquestionable moral excellence, but it doesn’t matter how many yes-men you have or how good your security is. That inexplicable lump of coal on Christmas morning declares that you haven’t fooled Mister Jolly and he is here to call you on your bullshit.

Not many people need that reminder. But one percent of eight billion is eighty million, and each lump is about a hundred grams. That’s eight thousand metric tons of coal to pull out of the walls and load, eighty hoppers behind a modern industrial locomotive, and us with pixaxes and push carts and a damn choo-choo.

One day I’ll publish a collection of bitter Christmas tales, but for 2023 you’ll see at least one new holiday story from me.

60 Seconds of WIP, 17 August 2023

Today’s snippet is from Run Your Own Mail Server, discussing Dovecot’s password algorithms. You also get a footnote.

What are all these algorithms, and why do you care? Most often, you don’t.

You just need to pick one.

Dovecot’s documentation declares that ARGON2I or ARGON2ID are the preferred algorithms. Blowfish (BLF-CRYPT) comes next. In 2010 the NIST recommended the PBKDF2 algorithm, although in 2023 NIST declared they would be revising their recommendation. If nothing else, the salted SHA512 scheme, SSHA512, is supported almost everywhere.¹ Many of the other algorithms supported come straight from OpenSSL, and are not suitable for production use. Do not use them unless your organization’s security policy insists you follow dangerously outdated standards.

¹ Please do note my anti-recommendation for the LANMAN algorithm.

If you wish to follow my bad example, please consider sponsoring the book. Or perhaps look at the Kickstarter for my next fiction collection.

60 Seconds of WIP, 10 August 2023

Today’s snippet is from Run Your Own Mail Server, discussing local databases in Postfix.

We discussed the aliases file back in Chapter 1. An alias is a system-wide message forwarding, so that email sent to one address on the host can be redirected to a real account. Whenever you update the aliases file you must run newaliases to regenerate the database. This is a classic Unix feature, but Postfix lets you follow that example and store most tables as local databases.

You’ll often hear these local databases called hash files. Originally a hash file was a specific format, but over decades that term has been catastrophically distorted until people apply it to almost any type of local database file. There’s the primordial Berkeley db file, btree files, DBM files, SDBM files, and more. Over drinks one might credibly argue that sqlite is backed by a super-hash file, but at that point someone pulls a blaster and the whole bar erupts.

If running your own email intrigues, please consider sponsoring the book. Or check out the Kickstarter running for my next fiction collection.

Posted on

Patreon update: I got paid, mostly

The subject says it all, I guess?

Patreon appears to have sorted out their latest kerfuffle. I lost a few Patronizers, but I’m nowhere near as badly impacted as some creators.

Blaze Ward’s latest Milestone Publishing Newsletter talks about the importance of owning your platform, as greatly as possible. I mostly agree with it, except for the part about moving to Shopify. They’re an external vendor, they will enshittify. I can do everything with Woocommerce and Bookfunnel that Shopify can do, and Woo’s open code makes it enshittification-resistant. I can replace Bookfunnel if need be.

Anyway, own your platform. Have multiple streams of revenue, even if some seem redundant.

And if Patreon unsubscribed you from me, I can promise that my platform won’t do the same. Or, if something goes wrong and it does, I’ll have the data to fix it.