Sitting on an almost well configured host, I experienced some authentication issues the last few days…
Mmh, that is crap. My workaround to temporarily avoid this problem: Connecting to another host via SSH, running xtrlock within a GNU screen session ;-)
But that’s no solution for a longer time… So I started debugging. First of all I grabbed the sources from the apt repository and searched for this error message. Turned out to be this piece of code (beginning with line 94 of
Ok, seems that the provided password(-hash) is shorter than 13 characters… Going on debugging, the content of
pw comes from
getpwuid(getuid()) and seems to be ok (matches my users profile like it can be found in
/etc/passwd ). At this time (line 1)
pw->pw_passwd contains only an single
x , more information can’t be retrieved from the
Next the code checks whether
SHADOW_PWD is defined, means whether we use an additional
shadow -file. Since thats the case this code is executed and the variable
sp gets the broken-out fields of the record in the shadow password database that matches the username
pw->pw_name (validated, my user). Checking this
sp variable I recognized that it is
null ! So
pw->pw_passwd won’t be updated and still contains the single
x from the passwd entry…
First I thought about a bug in the
getspnam () function, such things might happen due to the Debian unstable release I’m using, but after some further thoughts I checked the shadow file itself:
In comparison with other systems with working xtrlock instances I figured out, that this file shouldn’t only be owned by root. Instead the group has to be shadow! So here is the solution to this issue:
And everything is working fine again. Have no idea what or who changed the permissions for the shadow-file…
By the way, afterwards I tried to use Xscreensaver instead of xtrlock, but I wasn’t able to unlock the screen when the shadow rights are wrong. The
/var/log/auth.log held messages like that:
But this is just for google-searchers ;-)
He send some saliva to 23andme, they analyzed his DNA and provided his genetic code to him (let’s neglect the discussion whether data from 23andme-chips represent a fully sequenced genome..). This process is very smart and not expensive, so this part of his announcement is not spectacular. Lot’s of people are doing so.
The interesting part of this article: He published the results (roughly 1 million SNP markers) from 23andme as open source project to github, licensed under CC0! So he has released all his rights on this data.
In general a very impressing step, he might be the first person who published its DNA under such a license. His intentions are more than exemplary, providing access to genetic data to everyone that wants to work with it, i.e. researchers.
So far, so good, but there are some disadvantages, he still dealt with some of it. For example, what if anybody uses this information against him? I.e. healthcare provider, they might deny him to avoid high costs because they detected some pre-existing conditions in his DNA. It may also affect employment and can lead to discrimination. His reaction:
I’ve thought long and hard about each of those questions and the many more that you ask yourself before publishing this sort of personal data. There are large privacy implications in doing this. However, speaking solely for myself, I think the benefits outweigh the drawbacks.
Very nice, but there are also some ugly implications he apparently didn’t thought about! All these disadvantages don’t only affect himself, they may also affect relatives (children, parents, siblings..). Did they all agree with this publication?
I can’t see the advantages to an anonymously publication. Attach some demographic information like age, gender, educational background and everyone is satisfied. Then you don’t have to bear any consequences with bugs in your DNA.
With all due respect for his engagement, I think this step is not really sophisticated.
Yes, it’s that time again, Feb 14th.. It’s Valentine’s Day.
Don’t know who has told my wife, but now I have to do some love, uuurgh..
How ever, this one is for my little valentine:
Love you soo much, of course! ;-)
PS. If you are able to catch one of these flower or praline seller: beat the living daylights out of them!!
I was just contacted concerning this Java memory problem, here is how you can get rid of it.
The amount of Ram for an Java application is limited by the JVM. To provide more memory to a single application you can start your Java process with two more parameters, like:
This allows Java to use up to 1024 MB. Here
-Xms specifies the initial heap size, while
-Xmx determines the maximum size.
For machines with much more mem you might use
g instead of
m to set the size in gig’s. So
-Xmx10g limits the amount of RAM to 10 GB.
Of course it’s annoying to apply these parameters to all your Java runs, so to change this behavior user-wide, you may create an alias like:
or better: Tell it to the Java Plugin Control Panel!
Using Xfce you can find this tool in your panel’s menu in the Settings section. Gnome users may look in System > Preferences. If you don’t want to move your mouse you can also run
ControlPanel from your terminal.
This opens a window, default parameters can be applied in the tab Java, click View… and add your parameters to the Runtime Parameters column. This tool afterwards writes something like the following line to
So advanced users craving for trouble may edit this file on it’s own :-P
Still upgrading some of our servers from lenny to squeeze, actually I run into MySQL trouble…
While upgrading from the package
5.0.51a-24+lenny5 -> 5.1.49-3 aptitude told me the following:
Mmh, a look into the
/var/log/syslog pointed to the following errors:
Many messages at once.. To make a long story short the main problem is this line:
So edit your
/etc/mysql/my.cnf and comment the following line (in my configuration it’s line 94):
That’s it, retry to configure the new version and everything will turn out all right.