Yes, after silence here for years, I am actually writing for the second day in a row. It has been 4 days since Hamas launched its attack against Israel and I’m really conflicted. I hear politicians say “I stand with Israel” and I certainly stand with the innocent Israeli citizens killed and injured, but it isn’t quite that simple either, I also stand with the innocent Palestinians who have suffered under the apartheid confinement for 50 years. I happened across this post by Jon Pavlovitz that I thought said a lot of it fairly well. The Israeli government over the last 75 years (and especially the last 20 mostly under Netanyahu) has lied, expanded the illegal settlements in the West Bank, and treated the Palestinian people as subhuman. They’ve confined them to apartheid ghettos in Gaza and the West Bank and they wonder why the Palestinians get frustrated and occasionally fight back. Let me be clear, I think the Hamas attack was barbaric. That said, there is plenty of blood on the hands of the terrorists on both sides of this conflict. I think the leadership in both Israel and Palestine needs to go. I wish I had some realistic belief that the cycle of violence could be ended, but those in power on both sides have too much invested in it. And, I read that last sentence and think that some will think this is a simple both sides issue like what the media has been trying to do with the 2 major political parties here in the US and that isn’t really what I’m saying. Keith preached this past Sunday on Matthew 22:34-40 and that is why I will always come down on the side of the oppressed, so my heart is with the Palestinian people, but killing innocents on the other side isn’t the way to fix anything. I’m heartbroken and am not sure what to do with that.
Author: Jim C
Ubuntu unattended-upgrades
I have administered Unix/Linux systems for over 40 years now. For the last 25 or more, I’ve been very interested in automation and repeatable configuration. I started playing around with cfengine
in the late 1990s as a tool to make it easier to administer a large number of systems with a small number of admins. Recently, I’ve used ansible
for that due to issues with having to do push rather than pull (firewalls that won’t allow systems to reach back “inside” to get updates).
For the last 15 years or so, I’ve administered a lot of Ubuntu systems for my own personal use (and also at various paid and unpaid jobs). At a few previous jobs, I would schedule change windows every quarter to apply patch bundles, and that worked in those environments, but it meant the critical patches either didn’t necessarily get applied in a timely fashion or required emergency change controls. Okay, for systems that require 24×7 uptime, that is an issue anyway, but many of the systems I’ve managed over the years, could afford a few minutes of downtime in the middle of the night without anyone really noticing. I’m a big fan of Debian/Ubuntu’s unattended-upgrades
, a package that allows the systems/servers to download (and potentially apply) upgrades on their own every night. Whether or not I allow the reboots every night depends on the system (and whether I’m working any cases at the time).
To get back to the actual point of this post, when I add packages that don’t come from the standard repositories, I add them to the /etc/apt/sources.list.d/
directory which works fine for the initial installation, but doesn’t necessarily add them to the packages that get the automatic treatment from unattended-upgrades
. Somewhere over the last few years, I found a post somewhere (I have no idea where, my attempts to find it again have been spectacular failures). So, I figured I’d write it down here because if I don’t do it for a while, I forget the command line. So, if I want to have the new package automatically upgrade as new versions are released I need to add the package to the Unattended-Upgrade::Allowed-Origins
in /etc/apt/apt.conf.d/50unattended-upgrades
(or add a 99local
or similar to that directory). The problem that I’ve had is figuring out exactly what needs to go into the allowed origins section. So (wherever it was that I found it before), the magic is using the apt-cache policy
command to figure out the magic.
And the answer is in that release line. What I need is the o=
and a=
pieces. So I actually, just run apt-cache policy | grep -i release
(I actually, used to grep for the o=
and a=
, too, but since those only appear on the release
line, that grep was redundant) and find what I need
Then I take the o=
and a=
parts and add them to the Unattended-Upgrade::Allowed-Origins
. So, I have the following
Or, in most cases I add that to an ansible playbook that I then apply to all the systems of that type, so that I can maintain the consistent configurations. And, there you have it (and I can find it again the next time).
Year 15
I really have hardly written anything here except flight and ride logs (with maybe 4 or 5 exceptions) since about 2010. I’ve never really posted much (maybe anything?) here about work or my infosec/blueteam/DFIR interests. However, today, mostly because I was trying to remember when the Tour de Donut ride was that I got the t-shirt I’m wearing today, I did a very quick run back through the history of this blog. When it started it was over on Blogger, I moved it to my own server when Blogger went through some changes that made it more of a pain to use. It has been running on a VPS for quite a few years now. But, while looking through all those old posts, I realized that I actually started this (and the church blog) in January of 2008, which means this blog is now 15 years old. I don’t know if I will ever get back to writing much here. I am so frustrated with politics these days that I feel like I should just to get it off my chest, but I can’t bring myself to go to the effort of actually writing it up. These days, when I see what has become of the Republican party that I belonged to for more than 25 years, it makes me sick. Tonight will be the President Biden’s State of the Union address, which, honestly, I probably won’t watch, and which will be followed by some vacuous meanderings from Sarah Huckabee Sanders. Kevin McCarthy has sold his soul to become Speaker of the House and will soon manufacture a debt ceiling crisis without having any sort of plan for how to deal with the debt he suddenly claims is the most important issue of our time. I know that the Democrats aren’t saints, but at least they are willing to talk about real issues that effect real people, and have some sort of a governing philosophy. The Republican party simple exists to blow stuff up. And, that make me very sad. So, I’ll probably go quiet again for months or years after this post, but I am still here. I am still thinking about these things. These days, I mostly just like or retweet posts on twitter that are in line with my political/religious/spiritual leanings, but as I said, I just can bring myself to expend the energy to put them in my own words.
I haven’t posted a Year in Riding or a Year in Flying for several years because I have done very little to none of that for several years. I’ve kept my FAA 3rd class (well, Special Issuance) medical current, but haven’t actually operated the controls of an airplane since 2016. I hope to rectify that this year, but I thought the same last year. I didn’t even get 100 miles in on my bike last year because of another herniated disk. I was doing well and thought that 2022 would be a better year, right up until the Friday before Easter. That day, I was mowing the lawn and got the zero turn mower stuck in the mud (not all that unusual an occurrence, especially in the spring). I stood up to step off the mower and pull it out of the mud and had excruciating pain in my lower back and running down my left leg. I suffered through the weekend and on Mon went to my chiropractor since he had gotten me through a similar incident back in about 2014 or so by using the traction machine. This time, though, when the “decompression” finished I was in so much pain I could barely get off the table and could not sit down. I immediately went across the street to the OrthoNeuro Urgent Care (which closed a few months later). To make a long story short, I was using a cane to get around for the next 2 months. I got 2 steroid injections in my back. One in May, the second in June, which helped tremendously. I was able to ditch the cane in late-June or early-July and the pain finally completely disappeared in mid-to-late Nov.
I also never posted here about finally becoming a SANS Certified Instructor which occurred during the pandemic (Sep 2021). The last half of 2022, I finally was able to teach in-person classes again and got to travel on SANS’ dime as I taught in Austin, TX; Sydney, Australia; Prague, Czechia; Tokyo, Japan; and Paris, France in the last 5 months of the year. In fact, I had 9 trips of 7+ days in the second half of 2022 including the 2 annual visits to the parental units in Durham, NC in July and Dec. After the latter, I finally fell victim to Covid despite having a total of 4 shots for it (the second booster, the bivalent one in Sep shortly before the beginning of the international travel). I’ll be traveling again (including internationally) to teach in 2023, but not at the same pace as those last 5 months of last year.
I’m pretty sure that no one but me actually has read anything there that I didn’t put a link to on Facebook or some other social media site, but Happy Birthday to me (well, my blog anyway).
Yet another update, welcome 2022
Okay, so it has been 2 years since I last posted anything there. I am still alive, but I haven’t posted any “Year in riding” or “Year in flying” posts because, mostly thanks to covid, I haven’t done much riding or any flying in the last 2 years. I am hoping to rectify that this year. I do have a few things that I will post shortly, but I probably will never post as much here as I did leading up to the 2008 election. I simply am not as willing to share my thoughts and feelings these days. Anyway, if anyone is actually still following me, look forward to a few posts in coming weeks.
I’m still alive
I know I haven’t posted anything in forever. I am still alive. I’ll even do a “year in riding” post at some point. This is just to let you know that I’m still here and I’ve moved the site from a VPS where I couldn’t update the OS and therefore couldn’t update PHP (and therefore couldn’t update WordPress) to Digital Ocean. This looks to be quite fast and not really anymore expensive than the old provider. More to come soon.
The Year in Riding (2018)
Unfortunately, due to continuing problems with my feet and lots of traveling, I didn’t get to ride nearly as much as I would have liked (again). This is the fewest miles I’ve ridden (including the year without major heart issues) since I first got back on my bike 7 years ago. Also, I was the heaviest I’ve been in a long time, I never got below 220 the entire year (I usually get down around 205 by Aug), so there was that, too, which contributed to the lower than usual average speed.
I rode only 1 organized ride this year. The Tour de H2O and I only rode the 25 miler rather than the half- or metric century because I had no real base built up. I also registered for, but did not ride, the Ride 2 Recovery Honor Ride (making the 2nd year in a row I missed that.
- Tour de H2O – 25.13 mi (40.44 km) in 1:41:08, avg – 14.91 mph (24.00 km/h), max grade – 6.3%, total climbing – 471 ft (144 m). Nasty hill and headwind the last 2 miles.
- Total number of rides = 21
- Total mileage – 391.59 mi
- Total time – 28:26:06
- Total climbing – 8,553 ft
- Avg speed = 14.26 mph (22.95 km/h)
- Avg time of ride = 1:22:18
- Avg length of ride = 19.58 mi (31.51 km)
- Rides over 20 mi = 10
- Rides over 29.75 mi = 1
- Rides over 50 mi = 0 (for the second time since 2012)
- Rides over 1:30:00 = 8 (up 1 from last year)
- Rides over 2:00:00 = 1 (down one from last year)
- Rides over 3:00:00 = 0 (for the second year in a row)
The Year in Riding (2017)
Note: Just realized that I wrote this in Feb, but it was still in draft state until now (31 July). Sigh…
Running a little late, but I need to do my normal year-end wrap up of my time on the bike in 2017. Unfortunately, due to a foot injury and lots of traveling, I didn’t get to ride nearly as much as I would have liked. This is the fewest miles I’ve ridden (in a year without major heart issues) since I first got back on my bike 6 years ago.
I rode 4 of the 6 organized rides I paid for this year. The first one was the Tour de Forest which I registered for, but didn’t ride last year because it was just too friggin cold, This year it was warmer, but it poured down rain during the last half of the ride. I missed the Honor Ride for the first time in 4 years due to a flat tire that couldn’t be repaired without buying a new tire. I also was off the bike for 5 weeks at the peak of the season (early-July to mid-Aug) due to a foot injury that resulted in a Doctor prescribing orthotics due to what is apparently arthritis in the ball of the left foot.
- Tour de Forest – 29.22 mi (47.03 km) in 2:21:02, avg – 12.43 mph (20.00 km/h), max grade – 19.4%, total climbing – 1590 ft (890 m). I ended walking up significant portions of 2 of the hills.
- London Strawberry Festival Ride – 44.10 mi (70.97 km) in 2:57:28, avg – 14.91 mph (24.00 km/h). Headwinds and the climbs (such as they were) in the first half had me averaging only 13.7 mph (22.0 km/h) at the 23 mile mark. Strawberries at the rest stops, but not at the finish.
- Tour de Buckeye Lake – 25.41 mi (40.89 km) in 1:49:45, avg – 13.89 mph (22.35 km/h). Some hills and some wind. This is a brand new ride and was kind of fun. Not sure if I’ll ride it next year (kind of depends on when it is), but the food at the winery was really good.
- Ox Roast Ride – 29.27 mi (47.11 km) in 1:56:37, avg – 15.01 mph (24.16). I actually missed a turn (and had paused the GPS and forgot to restart it after the last rest stop). It was actually every bit of a metric half-century at right around 2 hours. I couldn’t wait for my ox sandwich this year though.
- Total number of rides = 25
- Total mileage – 540.53 mi
- Total time – 35:32:09
- Total climbing – 10,499 ft (36.2% of the way up Mt Everest)
- Avg speed = 15.21 mph (24.48 km/h)
- Avg time of ride = 1:25:17
- Avg length of ride = 21.62 mi (34.79 km)
- Rides over 20 mi = 15
- Rides over 29.75 mi = 3
- Rides over 50 mi = 0 (for the first time since 2012)
- Rides over 1:30:00 = 7
- Rides over 2:00:00 = 2
- Rides over 3:00:00 = 0
Strawberry Festival Ride 2017
Head wind (and the worst climbs) in the first 23 miles (37 km). I was only averaging 13.7 mph (22.0 km/h) at the turn, but averaged 16.4 (26.4 km/h) over the last 21 mi (34 km, 1:16:23 of riding). Temp (min/avg/max) – 66.2/72.9/80.6°F, wind from SW @ 7, max grade – 6.4%, total climbing – 695 ft (212 m), cadence (avg/max) – 74.9/92, HR (avg/max) – 159.8/180, HRM zones 3-5 2:08, power (avg/max) – 149/556W. 44.10 mi (70.97 km) in 2:57:28, avg – 14.91 mph (24.00 km/h), max – 26.8 mph (43.1 km/h). Unfortunately, the actual Strawberry Festival is in 2 weeks, but they did have strawberries at the rest stops, just not at the finish 🙁
;
Tour de Forest 2017
My first organized ride of the year, this past Saturday, was likely the hilliest ride I will do this year. This is a ride I signed up for last year, but then didn’t actually ride when it was 48°F and raining that Saturday morning. This year it was warmer (by about 15°F), though it rained on the ride down to Nelsonville and during most of the last half of the ride (including absolutely pouring right at the end as I pulled into the parking lot). I missed a turn early and ended up riding out and back on the back half of the course which is fine, it probably saved me 600 ft (183 m) of climbing. I ended up walking much of 2 of the hills. Temp (min/avg/max) – 59.0/61.1/64.4°F, no wind, but lots of rain, max grade – 19.4%, total climbing – 1590 ft (485 m), cadence (avg/max) – 67.8/98, HR (avg/max) – 148.4/183, HRM zones 3-5 2:00, power (avg/max) – 131/1351W. 29.22 mi (47.03 km) in 2:21:02, avg – 12.43 mph (20.00 km/h), max – 40.3 mph (64.9 km/h). According to mapmyride.com, 2 cat 5 climbs, one 0.8 mi long, the other 1.0 mi long, and note that max grade up there.
Site refresh
For anyone out there who actually reads this, you no doubt noticed, I changed the theme for the site. I still intend to do my year in flying wrap up for 2016 and publish my Martin Luther King, Jr. Day letter, but things have been a bit hectic. When I started the blog (on blogger.com), I posted a lot more of my thoughts here. For a while, I moved that to Facebook. Then, frankly, I started keeping them to myself. The current turn of political events may cause me to reverse some of that, but I’m not entirely sure yet. I do have some thoughts that I don’t exactly know where to share a the moment, so I may start making more use of this platform for technical stuff, too. We shall see. I suspect 2017 will be a more interesting year in many regards.