/usr/lib/python/xen/xm/main.py

All your questions will be answered (or in import * from ...)

LDAP based users and permissions, Provisioning, and minimal DomU management are all working ;) Happy day!

So; I have in the past eviscerated Xen's ability ot be secured, but this was (thankfully) a short term problem. It is now possible to lock Xen to a root privileged unix socket, and to completely disable the IP ports. The downside of this is that domain migration is not available (or so I believe, I have not actually tried it, but I cannot see any way it could have been done).

In related news, Enomalism is coming along FABU lately! I have the system starting and stopping Xen instances from the web interface, authenticating via LDAP to a fedora-DS or openLDAP server, and I am nearly finished the Provisioning tools. When those are done, Enomalism will have met nearly all of it's launch requirements. No more details right now unfortunately, since I am not sure how much detail I am allowed to disclose, but rest assured that Enomalism will kick ass, mostly because it already does.

Funny how time can get away from you.

I have working I2C Gumbrix sitting on a shelf. I do not, however, have the time to play with them.

I have recovered the partitions from a dead Maxtor Network Storage drive, the hard way (including using a Torx wrench on the internal HD to get the fragile bits out), and succeeded.

I have written some really kickass AJAX apps.

Maybe more details to follow. My ability to write about my cool accomplishments is inversely proportional to their number.

While my main focus on this site is Robots (obviously), I am unfortunately not able to spend all my time building little autonomous canine chew toys. My current really big project is building a management system for the Xen Hypervisor. Vaporware concerns aside, I can assure the public that we actually have working code. We just don't want to release it before it is ready. It is the computer equivalent of not wanting everybody in your new PE class see your tighty whiteys with the big hole in. We are going to get the code polished before opening the SVN repo for public consumption.

While hacking away on the abstraction layer though, I learned of a few nasty (and not as well known as I would hope) issues with the security layer on Xen. Namely: There isn't one.

That's right folks; if you do not firewall port 8002, and you are running the XenD server, you may as well have offered root to all takers. This si because there is no authentication layer on the XenD server on port 8002 (this is Redhat centric btw). In their defence, the Xen team are re-engineering the server to fix this issue, but for now, I would totally avoid running Xen on any server with shell account access. Be careful with your mod_proxy settings too if you know what is good for you ;)

I am waiting for my prototype GumBrix daughterboard, and the servo control boards to arrive, so I am stuck for a few days. I will post the next part of the project as soon as I have tested the boards out to make sure they operate as advertised.

I am beside myself: Here is the Lego Mindstorms NXT press release. (via)

Lots more cool details here: BotMag article.

The new Lego NXT seems to have all the features I was dreaming about for my lego gumbrix, right down to the 6 conductor modular jack connections for the interfacing job. Not that this discourages me, it just means that I will need to spend some time hacking it to build an interconnect hub to make it work with my GumBrix.

As a side note, I have been reading up on the Lego IR networking protocol so that I can control the Mindstorms Brick from my GumBrix.

George Monbiot wrote up this sobering post about the dangers of BioDiesel.

I know, I know, you are thinking: "Crazy! Biodiesel is WAY better than fossil fuels. It is a carbon sink!"

Well listen to the logic and despair...

Set up an XSS on a friend's site that forced logout by resetting the session cookie. Even the admin couldn't log in
<snicker />
Anyhoo, on with bidness.

I am working on yet another project which is using My Favourite Language®. This time, I am using the (rather new) TurboGears framework. TurboGears is an amalgamation of many different sub projects into a fairly lightweight web application foundation. They also provide an easy to follow tutorial which gives a pretty solid overview of the system. I highly recommend also going over the CherryPy documentation as well.

Following is a set of notes on the tutorial, and some help with fixing the errors I ran into.

Could it be true? While it sounds like the run up to a bad sci-fi movie, it appears that the cold side of the deep ocean currents that convery warm water back to the surface in Europe, may be slowing down substantially. These deep cold currents bring water to the warmer equatorial regions, where warm water is displaced, flowing back to European waters, resulting in unusually warm water for their distance from the equator. Especially troubling is Europes dependence on agriculture in the regions that would be hit the hardest by a dip in temperature.

This (huge) video shows a pretty good explanation of the entire system.

Incidentally, there is historical evidence that this has happened before. Natural climate change caused a "similar" plunge to low temperatures over a very short timespan. Evidently we should be careful of our own effects, since the climate is fragile enough without our interference...