David's blog - Part 20

Minor traffic accident

No injuries, thank God. But some serious resentment at the old loser guy on the bicycle. First, he chose to deliberately cut off the kid in the minivan; then, he laughed at the kid when the kid honked at him. This infuriated the kid, but that was bad, because the kid’s attention was no longer focused on where the minivan was heading.

I happened to get a dash cam for Christmas, so here’s the video.

Full screen is good, because I figured out how to highlight the bicyclist while he was still on the sidewalk.

My little scream at the end is freaking hilarious. I’m sure to be a chick magnet now.

My car is pretty hurt. The fender was just barely not rubbing on the tire (and sometimes it was). The steering wheel needed to be at about 2 o’clock to drive straight down the road. I didn’t go faster than 25 MPH the whole way home (which made people behind me wonder).

Bitnami phpmyadmin

Just a quick note for me to easily find and remember how to access PHP My Admin on a Bitnami WordPress instance

From the command line on my local machine:

ssh -4 -N -L 8888:www.gerisch.org:443 -i $insertpathtopemfilehere nottheadmin@gerisch.org

And then in a browser:

https://www.gerisch.org:8888/phpmyadmin

Lastly, remember that the login name to phpmyadmin is root (not the Bitnami application password, or any other user name).

Because public Internet access to PHP My Admin would be a Very Bad Idea, the Bitnami WordPress image is configured such that PHP My Admin refuses to run, if the requests don’t come through www.gerisch.org

This is a good idea.

But what that also means is that I need something listening on my www.gerisch.org address, that can forward the network traffic to the remote web server.

ssh -4 says use IP v4 addresses only (suppresses IP v6 errors if your machine doesn’t have that).

ssh -N says do not execute remote commands (all we’re going to be doing here is port forwarding).

ssh -L says local to remote port forwarding will be done.

8888:www.gerisch.org:443 says the local port to listen on is port 8888, the local address to listen on is the home address of www.gerisch.org, and when listening on the “server” www.gerisch.org, know that it will be listening for port 443 traffic (https instead of http). Another way of thinking about this is that your web browser that is throwing HTTP GETs and PUTs will be throwing them at port 8888, since that is the port the service is listening on. But when the traffic is thrown across the Internet, ssh is going to throw the traffic to www.gerisch.org port 443. Yet, www.gerisch.org:443 is really just a front for gerisch.org:443

ssh -i says to use a public/private key pair for logging in (instead of a password). $insertpathtopemfilehere is the variable that holds the path to the .pem file.

ssh nottheadmin@gerisch.org is the actual remote login name and server name.

April 2020 “May you live in interesting times”

Apocryphally there is an ancient Chinese curse that says “May you live in interesting times”. The idea is that it’s a curse (thus bad for you), and that the bad thing that is happening is that everything around you is uncertain, in turmoil, rapidly changing, and otherwise so off-balancing that one must pay close attention to avoid a fall into danger.

Well, April of 2020 is definitely interesting times. Reality is that much of commerce is shut down due to shelter-in-place orders by government. There is zero chance that many of people will be unhurt.

A few questions that surround the COVID-19 pandemic are:

Is it a real danger, or exaggerated for particular gain?
Is it both?
If it’s exaggerated for particular gain, what are those gains?
What evidence contradicts the real danger argument?

The first question, “Is it real?” Well, yes, 23,000+ dead in Italy seems like an obvious problem. Spain and France death totals are climbing, and New York City is up to 14,000+ dead. But is that more than the normal count of dead who expire during flu season? And here we have uncertain / in turmoil data.

Certainly, I don’t want my mom to die; and she is in her early 80’s. If the influenza virus, or the COVID-19 virus were to kill her, and I didn’t do all I could to reduce it’s spread, I would feel remorse.

But if the flu kills one half of a million people every year: is the 2020 death-by-influenza-like-virus count really going to be all that greater than the 2019 count? That count could be lower, actually; which would be due to the shut down of commerce.

But the second second part of the first question is perhaps re-written as “Is the declared pandemic due to COVID-19 exaggerated for particular gain?”

It’s not obvious to me that the the answer is no. I would like to be able to say that “The declared pandemic due to COVID-19 is not exaggerated by the media and government bureaucrats who use the media for manipulation.” I do not think that’s true, though.

The second question, “Is it both?” I’m inclined to say yes.

The third question, “If it’s exaggerated for particular gain, what are those gains?” Well wow, there are a lot.

Old school mass media is dying; good riddance. But the Oh-My-God-A-Pandemic!!! keeps the mass media on life support for a little bit longer.
There is a bureaucratic axiom: Never let a good crisis go to waste. Certainly this pandemic has given bureaucratic bullies ample opportunity to exert additional authority.
Social / technological progress: companies which would never before have considered a remote workforce are implementing it. And the air is cleaner for it.
A majority of old school mass media is still butt-hurt that Donald Trump got elected President. He’s going to win again, unless something can be created to discredit him. A ruined economy might do the trick.
Other topics that the mass media should be focusing on go by the wayside while the Oh-My-God-A-Pandemic!!! story stays top center. By the way, Jeffrey Epstein did not kill himself.
- Joe Biden is running for President, which is an automatic loss unless the plan is to use him as a false front. If the plan is that Joe will die / be medically retired shortly after election, then the selection of Vice President becomes crucial. I’ve heard Kamala Harris floated as the candidate. I think it would be very difficult to find a candidate with worse “insider” attributes. She is a protege of Willie Brown, and Willie Brown’s picture ought to be in the dictionary next to the phrase Corrupt Politician. The point is: it’s to the Democratic National Committee’s benefit for people to not be looking at their candidate for VP too closely or for very long. The more time spent looking at their candidate, the more time to find something wrong. If they had a good candidate, we would have seen it by now.
- Senators saw the pandemic coming, and profited: Richard Burr, Kelly Loeffler, Dianne Feinstein, and Jim Inhofe. These people should be prosecuted and jailed.
- The EARN-IT Act, designed to break privacy of all Internet users.
- The Hong Kong protests, as people there want independence from communist China, and Hong Kong is a bright jewel of capitalism. Just how much force should governments use against their citizens?
- Brexit / no- Brexit – the saga of a government doing stupid things continues.
- Equifax breach. Not only did they fuck up their data security, they made a profit off it. And government prosecuted no-one (really).
- A local issue for me is the California High Speed Rail debacle; $77 billion of waste and no politician with the integrity to kill it. $2,000 per man, woman, and child in California (tax dollars) right into the shitter. Stop it!
The point of all the above sub-bullet points is that government at the grand scale is often incompetent or malevolent (perhaps accidentally, but not always), and if we weren’t looking at the pandemic, the media couldn’t help but look at government. But the mass media likes government; it holds their leash, and they provide content to wrap the ads around.
Government spending: every politician loves to be the hero, spending your money to rescue somebody from a problem. A pandemic is a wonderful excuse to spend money with little or no oversight. All these government workers working from home: you didn’t expect them to use their personal cell phones, did you? And from a legal discovery point of view: you don’t want personal and government business mixed on the same device. That wasn’t a concern when their contact phone number was the office phone number; but now we need call-back numbers and they sure as heck should not be the personal home phone number of the case worker. Other spending opportunities: schools with Chromebooks, Zoom teleconferencing, webcams, SAAS in The Cloud. All of these are excuses to buy stuff we could have done without (and kept expenses lower) but; now is a great excuse to spend, spend, spend. We’re stimulating the economy!
Congressional spending: the funding bills had all sorts of pork / unrelated administrative bullshit attached. Many of the ideas would never have flown, had they been reviewed on their own merits alone. Never let a good crisis go to waste.
Putting people in their place, by removing the government service of the public school system. Some of you did not appreciate what a little rat-asshole your little angel is, until the little angel was sent home to live with you for a couple months. You should fix your kid. Fixing your kid has always been your job; never the teacher’s. Long term, it would be best for your kid, too. Sending your kid home to you confronts the issue in a way your kid’s teacher (or even school district) never could.
Conditioning people to be even more dependent on government services. If you understand that every dollar the government spends comes out of your wallet, you’d rather they spend less. But if the government bails you out, you are the welfare recipient now. It will be that much more difficult for you to complain about excessive government spending when you were one of the recipients. Hypocrisy much? No – you have more integrity than that; unless (pandemix).
Unifying disaster: the pandemic. It’s no secret that there has been an increasing divide between people who earn their self-worth, and people who feel entitled. This divide became wider during the Donald Trump versus Hilary Clinton presidential campaign. The pandemic resets expectations. Trivial childishness is seen for what it is. What about the barber, shut down, who can no longer feed his family of four? That’s important.

The fourth question is “What evidence contradicts the real danger argument?”

I think another way of asking this is “If this danger is so real, what orders are examples of actual safety, and what orders are bullshit to make the bureaucrats feel powerful?” The orders are Shelter In Place also known as Stay Home and Keep Socially Distant.

I see the value in keeping everyone separate. If the transmission process is an infected person exhales, and a non-infected person inhales (which is the typical infection path for influenza-like viruses), then Shelter In Place / Stay Home and Keep Socially Distant makes a lot of sense. And in the first week, a ton of people did it.

We’re putting up with the destruction of commerce for the little guy because it’s all about keeping people from an early death. Right?

And then a week later, the ice cream shops were suddenly essential services and open for take-out. What the hell?

I’m still getting junk mail. A printer at the junk mail printer could be coughing all sorts of germs all over the crap that gets delivered to me. What is so essential about me getting sales crap to tell me to buy shit I don’t need, and which is obviously immediately going into the trash.

Are the politicians going to barbers / hair dressers? Is a barber / hair dresser suddenly an essential service when it’s a bureaucrat who needs a hair cut?

Let’s cut to the chase: is looking good an essential service?

Are politicians and/or bureaucrats to be excused from breaking Shelter In Place / Stay Home and Keep Socially Distant if they get that essential service of looking good? Because it’s all about keeping people looking good on TV, right?

Your grandparent or parent or cousin may have died, and you are prevented from going to the funeral because a large gathering of people might increase the pandemic; but Gavin Newsom needs to look good, right? He needs to be able to go onsite for the television appearance, because his speech means more, if the background is out in public, right? You have to Shelter In Place, but the governor, well he’s not a peon that ought to follow the peon rules.

Which makes me wonder about the validity of the rules at all.

Perhaps the rules are good, and good decent people are doing Shelter In Place. Maybe it’s only the politicians and bureaucrats holding press conferences who aren’t many weeks past that last haircut who are the hypocrites. But nothing about that causes me to gain respect for them. And if I don’t respect them, then I do question their motives.

May you live in interesting times, indeed.

COVID-19, new water heater, WordPress annoyances, Zoom meetings, oh my

Wow a lot of stuff has happened since my last post. I’m still catching up; but, I didn’t want to go too long without pointing out I’m still alive.

COVID-19: John Hopkins University has some computer science students who are doing data gathering and mapping that on to ArcGIS. The web page works as a status report of where we are today. Thanks to Ars Technica for the original article.

Today, Italy went over the 10,000 dead mark.

New Water Heater: I went two weeks without hot water. I am grateful this was before COVID-19, because I used my gym membership for my daily hot shower. In fact, a friend of mine, way back when, pointed out that if you ever go homeless, a gym membership is a way to stay human for around $20 per month.

And now the gyms are closed due to COVID-19. Well that hurts the homeless even more.

The whole water heater debacle deserves a post of it’s own, so I will do that, later.

WordPress Annoyances: there are things that don’t work, and, the WordPress Support Forums are a mass of dead and empty posts of people asking for help. Other forms of help don’t seem to be, either.

I want to migrate between sites, and from single-site to multisite, but man this stuff just does not work.

Zoom Meetings: Man oh man, I wish I had listened to my stock picking guys when they said Zoom was the new hotness in video conferencing over the Internet. Zoom stock price has nearly doubled since then. And now, even I use Zoom, and I know of three people who signed up to pay a monthly subscription. By the way, Discord is pretty cool, too.

Microsoft should be ashamed of themselves that they couldn’t leverage their leadership with Skype and Teams into being the industry leader. Of course Google had a shot way back when with Hangouts, too. Google though is just kind of a big failure to get anything done since merging with Doubleclick and abandoning the whole “Don’t be evil” motto.

New site steps

Note this is for a new WordPress Multisite

Log into AWS Management Console
Lightsail → Create a new instance (Linux, WordPress Multisite)
Create a new static IP address
Assign the static IP address to the new instance.
Buy a new domain name (if I don’t have one available) – in this case, gerisch.org
Update DNS with the new static IP address
ssh – i path-to-pem-file-for-AWS-instances bitnami@gerisch.org
Make Ubuntu like OpenSUSE
Log out, and log back in (get the benefits of pageup for history search, and .. as the cd .. alias)
cd /opt/bitnami/apps/wordpress
sudo ./bnconfig --machine_hostname gerisch.org
sudo mv bnconfig bnconfig.disabled
sudo apt upgrade
sudo init 6
wait for reboot to finish
ssh – i path-to-pem-file-for-AWS-instances bitnami@gerisch.org
sudo /opt/bitnami/bncert-tool

At this point, I get a warning:

Warning: Custom redirections are not supported in the Bitnami WordPress Multisite Stack. This tool will not be able to enable/disable redirections.
Press [Enter] to continue:

An updated version is available. Would you like to download it? You would need to run it manually later. [Y/n]:

sudo /opt/bitnami/bncert-tool

Welcome to the Bitnami HTTPS Configuration tool.

Domains

Please provide a valid space-separated list of domains for which you wish to configure your web server.

Domain list []:

gerisch.org

The following domains were not included: www.gerisch.org. Do you want to add them? [Y/n]:

The interesting thing here is that (if I’m interpreting things correctly) that WordPress Multisite really does not want one of the subdomains to be www.gerisch.org – yet here, Bitnami, through the Let’s Encrypt really does want one of the domains to be www

I hit <Enter> which signifies yes

Changes to perform

The following changes will be performed to your Bitnami installation:

Stop web server
Configure web server to use a free Let’s Encrypt certificate for the domains:
gerisch.org www.gerisch.org
Configure a cron job to automatically renew the certificate each month
Configure web server name to: gerisch.org
Start web server once all changes have been performed

Do you agree to these changes? [Y/n]:

I hit <Enter> which signifies yes

Create a free HTTPS certificate with Let’s Encrypt

Please provide a valid e-mail address for which to associate your Let’s Encrypt certificate.

Domain list: gerisch.org www.gerisch.org

Server name: gerisch.org

E-mail address []:

I put in my personal email address

The Let’s Encrypt Subscriber Agreement can be found at:

https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf

Do you agree to the Let’s Encrypt Subscriber Agreement? [Y/n]:

I hit <Enter> which signifies yes

And after a bit of work, the configuration of my new web site to be SSL protected is complete.

More power sleep Linux stuff – or how to set permissions to make a keystroke out of it

This command does successfully put the computer to sleep (and thus the screens eventually go dark and no longer light up the room like stadium lighting):

echo freeze > /sys/power/state

But mere mortals don’t have permission to do that.

I added a script in /etc/init.d which does a chmod 666 /sys/power/state on startup (see the previous post about editing /etc/init.d/after.local)

Credit where credit is due: a gentleman named Aaron Ball posted this at his web site oper.io – clever logo, too, to combine the power switch icon as “.io” – but I digress.

Then another tiny script that simply does the echo command for me:

#!/bin/sh
/usr/bin/echo freeze > /sys/power/state

I had started to go down the road of a sudoers file entry, which would give anyone permission to run this script; but the problem isn’t who runs the command. The problem is that the target of the echo command, /sys/power/state, isn’t going to allow writing by a script (even if run by sudo).

Last step was to add a keystroke to my KDE shortcuts. System Settings –> Custom Shortcuts –> Edit –> New –> Global Shortcuts

Name the action, assign the keystrokes to invoke it, and make the action the tiny script above. Works like a charm. 🙂

AMD Ryzen 1700 and power sleep failure

I had bought all the parts for a new system at the end of 2017, and was mostly happy with it. The motherboard was an AS Rock Taichi and the CPU was an AMD Ryzen 1700. I bought the highest MHz AMD Ryzen I could get except I avoided the 220 Watts TDP; power draw on this chip is about 65 Watts TDP.

Certainly, I was thrilled with system performance, and very reasonable price. But sleep states were a problem. The system would go so deep into sleep, it would never wake up. I would have to press and hold the power switch to get it back: not good. Once in a while, the box would freeze hard too; usually while scrolling a Facebook page. So I had this sense of unease that I’d made a mistake buying the AS Rock Taichi X370 and trying to run Linux on it.

This last birthday, I bought myself a replacement motherboard: an MSI X470 Gaming Plus. I spent my birthday pulling out the Taichi motherboard and putting in the 470GP.

And my ACPI sleep problems did not go away. Rats!

I’ve taken some vacation time, and looking through the log files, I did find an error message that lead me to some vital information. The AMD Ryzen 1700 has an ACPI sleep state – C6 – which Linux doesn’t play nice with. A patch was offered to the Linux maintainers, but not accepted. I don’t know why, and I’m not sure it matters, either.

But what someone did, is make a Python script that pokes and prods the correct bits in the Ryzen 1700 to have it declare that ACPI sleep state C6 is not available / should not be used.

I haven’t had a sleep state problem with this rig since. 😀

First, I needed this: Github ZenStates. I saved this script as /home/myhomelocation/zenstates.py

Then I needed two bash scripts to run it after system startup:

/etc/init.d/after.local

which contains (and is executable):

#!/bin/sh
/etc/init.d/set_c6_acpi_state_disabled.sh

/etc/init.d/set_c6_acpi_state_disabled.sh

which contains (and is executable):

#!/bin/sh
# ScriptName=set_c6_acpi_state_disabled
/usr/bin/python /home/myhomelocation/zenstates.py --c6-disable

In theory, this could be a single script: after.local could be the script to run the Python script zenstates.py. But what if I find I want more than one script to run after system startup? This way, I just add another line to after.local

This week I talked with my brother, who found a relevant piece of information (while researching something else). Apparently AMD will give me a new CPU that doesn’t have this problem, as a warranty repair. So I guess this is AMD being honorable enough to admit they made a mistake here; that is nice. The caveat is, they cannot trust people to not fry their CPU and use this as an excuse to get a replacement under warranty. So the drill becomes: get an RMA from AMD, remove the Ryzen 1700, ship it (at my cost) to them, they test the CPU to make sure it’s not fried (is otherwise good except for the C6 power state problem), and then they ship a replacement. Total turnaround time is probably one month.

Do I want this, my main system, to be down for a month until the AMD CPU RMA SOP EOP FTW? The warranty on the CPU is three years, and I bought it two and a quarter ago.

I think I’m good, with just a software patch. I’m just happy that r4m0n found and supplied a patch.

Thank you r4m0n. 🙂

AT&T bill – something that (seems to me) should be illegal

I received my bill in the mail on Friday, February 7th, 2020. The bill says it should be paid by February 15, 2020. Trying to squeeze people into late charges much?

The bill says it’s Issue Date is January 25, 2020 – two weeks prior to delivery. Of course, it’s prepaid bulk mail, so there is no actual postmark.

I remember the Post Office doing some new initiative where they get mail to us in 24 hours (although I assume that applies to local delivery only). I don’t think this is a post office problem. My guess is that AT&T is just being a shitty company. Hard to prove, though.

Way back when, I remember a consultant telling us of a mainframe that printed checks on the other side of the country. ZIP code starts with 9? Print it on the East Coast and mail it from there. ZIP code starts with 0 (zero)? Print it on the West Coast and mail it from there.

This could be something similar. Or, it could actually be that they just put a pallet full of paper bills on a storage rack for two weeks, and then sent them out.

New OpenSuSE installation – Facebook videos / GIFs don't play

This is just a reminder to myself that when I install fresh OpenSuSE, that when Facebook videos don’t play (but Youtube does), the solution is to go into software management, and to add libxmp4 and MP4Tools. I think that was it. It was important to allow vendor change, and I had to do a lot of acknowledgments for that.

I see that I changed:

libxmp4
libwx lots of stuff
bento4
MP4Tools
ffmpeg-4

Previously, I had added the Adobe Flash stuff, and that had fixed some of the trouble, but not all of it.

New motherboard

For my birthday, I bought myself a new motherboard. The previous motherboard was speedy; but, not stable. I pulled out an ASRock X370 Taichi and put in an MSI X470 Gaming Plus.

I kept everything else the same: RAM, video card, storage. So far, the MSI motherboard is performing admirably.

Three little snags I ran into:

Backups were a pain.
Sound card appeared to not work (but probably did).
Btrfs is not reconfiguration friendly.

I never did get Clonezilla to work as a backup. I’d bought an external USB hard drive from Costco last year I think. No matter how many times I tried to put a partition on it, it would err out. I think this was because the drive had an MBR (Master Boot Record) config on it instead of GPT (GUID Partition Table). Ultimately, I booted off of a GParted live DVD, and wiped the external USB that way. Then created an ext4 partition for the whole 5 terabytes. From there, rebooted back into OpenSuSE and used rsync. Specifically:

su -
mount /dev/sdc1 /mnt
rsync -aAXv /home /mnt

That took a while. But after I got a backup of my home directory, I was free to start taking apart hardware. 🙂

But yeah, I started around 9:00 AM, and only got the good backup going by 11:30 AM. Cryptic error messages are cryptic.

The Taichi motherboard removal actually went reasonably easy.

What did delay me a little bit was that when I first installed the Noctua NF-S12A PWM system fan, I installed it 90° off; the cable from the fan was about a finger’s width too far away from the motherboard connector. Although it was super easy to remove the Noctua – it has rubber posts and grommets instead of screws (which make it super quiet) – putting it back in to the case was slightly difficult. During the initial build, the fan went in first, so using the needle nose pliers to pull on the stretchy polymer posts was easy. But this time, the power supply and motherboard are already in there, and I don’t really want to have to pull all that out for one corner of the fan mounting. Eventually I got it, but it wasn’t easy.

Boot the machine up, and things are looking pretty good. But I have this fear that sound and Linux are enemies, so I go in to YaST and test the sound. The sound tests fail. Following instructions though, SDB:Audio troubleshooting specifically this test:

speaker-test -c2 -l5 -twav

did produce sound! So sound is working after all. It’s just something in YaST the fails to to produce the test sound. Apparently.

All I really know is that I got to the point where I disabled the second sound card (it’s built into the video card), rebooted, and decided to just try Youtube. Youtube worked. I had sound and everything. I’ll call that a win.

HOWEVER, now it’s time to bring in my files for my home directory, from my backup. And I had forgotten to do some manual partition work during the initial install. I had wanted to wipe both /dev/sda and /dev/sdb so that during the initial install, hardware detection would find what is in the MSI X470, with no previous crud from the Taichi motherboard be hanging around.

But I had not bothered to manually change the partitioner to make /dev/sdb the /home directory. I figured I could do that later. I figured wrong.

Under previous systems, it was pretty easy to delete /home on /dev/sda3 and then configure Linux to mount /home on /dev/sdb1 instead.

Btrfs was having none of that. And if I thought the gparted errors about the external USB partitions were cryptic – this took obfuscation a whole new level.

The good news is that I’d already done all the copies to /dev/sdb1 (from the external USB backup on /dev/sdc1 ), so that work wasn’t wasted.

And indeed, it was easier to just wipe /dev/sda and install all over again. This time, during partitioning, I specified the existing /dev/sdb1 to be mounted as /home and Btrfs left it’s grubby mitts off my home directory disk.

Finished the reinstall, deleted the second audio, and et voila – my machine seems almost exactly like it was this morning when I woke up. I almost can’t tell I did a whole motherboard swap out underneath; except so far no spontaneous reboots. 🙂