/usr/lib/python/xen/xm/main.py

All your questions will be answered (or in import * from ...)

LDAP based users and permissions, Provisioning, and minimal DomU management are all working ;) Happy day!

So; I have in the past eviscerated Xen's ability ot be secured, but this was (thankfully) a short term problem. It is now possible to lock Xen to a root privileged unix socket, and to completely disable the IP ports. The downside of this is that domain migration is not available (or so I believe, I have not actually tried it, but I cannot see any way it could have been done).

In related news, Enomalism is coming along FABU lately! I have the system starting and stopping Xen instances from the web interface, authenticating via LDAP to a fedora-DS or openLDAP server, and I am nearly finished the Provisioning tools. When those are done, Enomalism will have met nearly all of it's launch requirements. No more details right now unfortunately, since I am not sure how much detail I am allowed to disclose, but rest assured that Enomalism will kick ass, mostly because it already does.

Funny how time can get away from you.

I have working I2C Gumbrix sitting on a shelf. I do not, however, have the time to play with them.

I have recovered the partitions from a dead Maxtor Network Storage drive, the hard way (including using a Torx wrench on the internal HD to get the fragile bits out), and succeeded.

I have written some really kickass AJAX apps.

Maybe more details to follow. My ability to write about my cool accomplishments is inversely proportional to their number.

While my main focus on this site is Robots (obviously), I am unfortunately not able to spend all my time building little autonomous canine chew toys. My current really big project is building a management system for the Xen Hypervisor. Vaporware concerns aside, I can assure the public that we actually have working code. We just don't want to release it before it is ready. It is the computer equivalent of not wanting everybody in your new PE class see your tighty whiteys with the big hole in. We are going to get the code polished before opening the SVN repo for public consumption.

While hacking away on the abstraction layer though, I learned of a few nasty (and not as well known as I would hope) issues with the security layer on Xen. Namely: There isn't one.

That's right folks; if you do not firewall port 8002, and you are running the XenD server, you may as well have offered root to all takers. This si because there is no authentication layer on the XenD server on port 8002 (this is Redhat centric btw). In their defence, the Xen team are re-engineering the server to fix this issue, but for now, I would totally avoid running Xen on any server with shell account access. Be careful with your mod_proxy settings too if you know what is good for you ;)

I am waiting for my prototype GumBrix daughterboard, and the servo control boards to arrive, so I am stuck for a few days. I will post the next part of the project as soon as I have tested the boards out to make sure they operate as advertised.

I am beside myself: Here is the Lego Mindstorms NXT press release. (via)

Lots more cool details here: BotMag article.

The new Lego NXT seems to have all the features I was dreaming about for my lego gumbrix, right down to the 6 conductor modular jack connections for the interfacing job. Not that this discourages me, it just means that I will need to spend some time hacking it to build an interconnect hub to make it work with my GumBrix.

As a side note, I have been reading up on the Lego IR networking protocol so that I can control the Mindstorms Brick from my GumBrix.

In a previous post, I talked about building custom lego parts. Today, I am going to talk about something a little more advanced. Today, I am going to talk about the GumBrix.

The gumbrix came about because so many of my robot projects required the kind of rapid prototyping that Lego® really excels at, yet required more in the way of control electronics than Lego® was capable of. With a maximum of 3 motors and 3 sensors, the Mindstorms kit was not really capable of the more complicated control strategies that I was interested in. For example, it is possible to build a balancer, but not one with a touch sensor and proximeter as well, and certainly not one with arms. At the same time, custom machining every single part for a balancer is VERY time consuming, and not flexible once assembled.

In retrospect, the solution should have been more obvious. I have built a controller for lego parts that is capable of offering far more processor power, unlimited sensors, and a large number of motors/pneumatics.

The GumBrix Specs:

• Gumstix Waysmall 400MHz Arm7 Arm10, with bluetooth, 2x serial, I2C, and Linux
• Delrin case with Lego compatible studs and rails
• Custom interface boards with AtMega8 running as an I2C slave
• Modular Jack for interfacing

Iges, NC, and other files that will allow you to build the same thing follow...

Note: If you thought this was a neat story, you'll probably be more interested in my new series, which shoehorns a 400Mhz strongarm into a 5x11 3 tall lego block, along with bluetooth, i2c networking, and a Linux kernel ;) More details here: Lego Hacking: The GumBrix® Part 1.

I was working on my robot balancer earlier today, and realized that I was completely bored with the project, as well as a little disappointed with the direction it was taking. Hours and hours of debugging assembly optimizations for a PID loop are not my idea of fun (in fact, that is one of the things I do for a job), so I suddenly just put it to an end.

I have had a Lego Robotics Invention System (1.5) for a long time now, and had a lot of fun building a variety of robots with it, but grew bored when I got the feeling that I had outgrown it's capabilities. While it is true that 3 channels of input and 3 output drivers are not enough for everybody, I underestimated (as I always do) the complexity of building up the robot from scratch. I realize now that a better approach is a compromise.

That is why I decided to build my own lego parts. Drawings, NC code, and 3d models follow in the extended...

George Monbiot wrote up this sobering post about the dangers of BioDiesel.

I know, I know, you are thinking: "Crazy! Biodiesel is WAY better than fossil fuels. It is a carbon sink!"

Well listen to the logic and despair...

Set up an XSS on a friend's site that forced logout by resetting the session cookie. Even the admin couldn't log in
<snicker />
Anyhoo, on with bidness.