Query all non-subscribed RHEL7 repos at once

The old Red Hat Network was simple and easy to use. The RHN website presented a list of systems in your web browser, with counts of outstanding patches and outdated packages. You could click on a specific system name and do various things like subscribe to specific repositories (channels) etc.

The current Red Hat Network is a glittering javascript tour-de-force that multiplies the number of clicks and the amount of specialized knowledge you will need to manage your systems. You can pay extra for add-on capabilities such as the ability to select groups of systems and apply a set of operations to all of them, which is almost certainly necessary if you have a large number of systems. It’s a sad travesty of the much-maligned system it replaced.

If you’re completely entangled in the new RHN with your Red Hat Enterprise Linux 7 systems (by which I mean that you haven’t managed to exit the Red Hat ecosystem for a more cost-effective infrastructure yet) you might want to do something like figure out which of the various poorly named repos (such as -extras, -optional, and -supplementary) contains some particular package you want.

Command line to the rescue! Ignore all RHN’s useless beauty and use ugly, reliable Gnu awk. This, for example, finds the repo where the git-daemon package has been hidden away.

subscription-manager repos --list | gawk '/^Repo ID/{print "yum --showduplicates list available --disablerepo=\"*\" --enablerepo=" $3}' | bash | grep -i git-daemon

After several minutes (there’s a lot of network traffic involved) you’ll find that versions of git-daemon are in five different repos.

git19-git-daemon.x86_64 1.9.4-2.el7 rhel-server-rhscl-7-eus-rpms
git19-git-daemon.x86_64 1.9.4-3.el7 rhel-server-rhscl-7-eus-rpms
git19-git-daemon.x86_64 1.9.4-3.el7.1 rhel-server-rhscl-7-eus-rpms
git-daemon.x86_64 rhel-7-server-optional-fastrack-rpms
git-daemon.x86_64 rhel-7-server-optional-rpms
git-daemon.x86_64 rhel-7-server-optional-rpms
git-daemon.x86_64 rhel-7-server-optional-rpms
git19-git-daemon.x86_64 1.9.4-2.el7 rhel-server-rhscl-7-rpms
git19-git-daemon.x86_64 1.9.4-3.el7 rhel-server-rhscl-7-rpms
git19-git-daemon.x86_64 1.9.4-3.el7.1 rhel-server-rhscl-7-rpms
git-daemon.x86_64 rhel-7-server-optional-beta-rpms

So, you query the Red Hat Package Manager, rpm, to find out what version of git you have.

rpm -q git

Since matches the latest version of git-daemon available from the rhel-7-server-optional-rpms repository, that’s the one you need to add in order to load git-daemon.

subscription-manager repos --enable rhel-6-server-optional-rpms
yum install git-daemon

This process is much easier than using the Red Hat Network web gui, and requires less specialized knowledge. Which is pretty sad, considering how arcane these incantations are.

Firefox annoyance #5: redirect caching

Firefox Annoyances:

1) Sync
2) pocket
3) hello
4) everything else, other than the plug-in API itself, that isn’t a paper-thin shell around gecko
5) 301 redirect caching

To clear the 301 redirect cache for a single page, go to the “View” menu and light up the “History” sidebar (yeah, of course you forgot about that, nobody uses it), find the site you’re working on, right-click and select “forget about this site”.

annoying git

I’ve been installing git on some corporate servers with the idea of converting existing CVS and ad-hoc code management systems into something reasonably fast and modern.

It’s been somewhat tedious and painful, but supposedly once I’m done the installation will be stable and maintainable. For an enterprise SCM that’s a lot more important than ease of installation, at least in theory. (I ran OpenLDAP for a decade or more, so I can appreciate the value of putting all the pain up front.)

Today’s annoyance is that the gitolite documentation and web site refer to a “hosting user” but the toolset and other web sites describing gitolite installation talk about an “admin user”. After wasting several hours with Google trying to find out exactly what the difference was, I created a new user account for the admin user and executed the commands – at which point it became immediately obvious that THOSE ARE THE SAME DAMN THING.

Curse you, gitolite. I WANTED US TO BE FRIENDS.

James Mickens in Norway

“In this bleak, relentlessly morbid talk, James Mickens will describe why making computers secure is an intrinsically impossible task. He will explain why no programming language makes it easy to write secure code. He will then discuss why cloud computing is a black hole for privacy, and only useful for people who want to fill your machine with ads, viruses, or viruses that masquerade as ads. At this point in the talk, an audience member may suggest that Bitcoins can make things better. Mickens will laugh at this audience member and then explain why trusting the Bitcoin infrastructure is like asking Dracula to become a vegan. Mickens will conclude by describing why true love is a joke and why we are all destined to die alone and tormented. The first ten attendees will get balloon animals, and/or an unconvincing explanation about why Mickens intended to (but did not) bring balloon animals. Mickens will then flee on horseback while shouting ‘The Prince of Lies escapes again!'”


One of the horrors remaining from the browser wars of the late 90s is Microsoft’s “ActiveX” technology. ActiveX, not DirectX, although maybe the latter needs to die too.

ActiveX in browsers is based on the idea that your computer should be able to download and execute completely random binary images from the Internet without your permission. What a great basic architecture, huh? It was created because Microsoft’s implementations of COM and OLE technologies were so unnecessarily complex and fundamentally user-hostile that nobody sane wanted to use them. Microsoft needed an alternative, one that could be integrated with the web, since they wanted to crush Netscape and take over the Internet. Browser technology was critically important to them and ActiveX was a way to prevent the creation of a level browser playing field based on shared standards.

To give a more generous interpretation of the same events, Microsoft was faced with a desire to provide a richer web experience to their customers and an inability to deliver their vision using existing web standards. ActiveX was an early attempt to work around the inadequacy of HTML, and while it had many issues (security being a big one, and lack of support for non-Intel platforms another) Microsoft has worked continuously and diligently to remediate those issues and support current and former users of their products.

Personally I’m completely happy with either of those interpretations of the events surrounding the birth of ActiveX. Who cares? Those bodies are all buried now… or at least they should be.. NO WAIT. ActiveX is still stinking up the room!

If you use ActiveX in your websites, or allow your browser to execute ActiveX controls, you are part of the problem. Please, I’m begging you, for the love of God, stop it! Just let this hideous thing die, will you?

There’s nothing that ActiveX provides that can’t be provided using current web standards and technologies. You don’t have to keep hurting yourself, and your readership. Just stop already.

Whenever you purchase any software with a web server in it, or sign up for any service that has a web interface, you need to routinely insist that the product you are buying must be useable with any browser, not merely Microsoft Internet Explorer with ActiveX enabled running on 32-bit Microsoft Windows on a x86 chipset. Make the seller put that in writing, so you don’t get stuck supporting ActiveX against your own will. It’s a shame you have to do this – you don’t have to specify in writing that there will be no incontinent rabid monkeys in the back seat when you purchase a car – but it’s necessary. ActiveX must be destroyed.

Gopherspace revisited

Cal Lee’s discussion of the rise and fall of Gopher, and his refutation of simplistic explanations for the dominance of HTTP, is a good read. But it’s more than a paragraph long and hasn’t any pictures, so it won’t appeal to the average web denizen.

This paper does not provide any one definitive answer to why history played itself out as it did. Instead, I have attempted to refute the very notion that such a unitary answer is either desirable or possible. I have found the concept of mind share to be a useful way of presenting the influences involved without the need to commit to a specific causal chain of events. My hope is that the result can contribute positively to the ongoing historical dialog on why the Internet that so many of us use developed in the way it did.

National Pipeline Mapping System

Heather found this fascinating web app. It’s crippled, of course, in accordance with the self-destructive paranoia of our times (NEWS FLASH: TERRORISTS CAN EASILY FIND GAS LINES ANYWAY) but it’s still pretty neat.

“The NPMS Public Map Viewer enables the user to view National Pipeline Mapping System data one county at a time. NPMS data consists of gas transmission pipelines and hazardous liquid trunklines. (It does not contain gathering or distribution pipelines, such as lines which deliver gas to a customer’s home.)”

“Please note that the Public Viewer limits the scale of pipeline maps, in accordance with PHMSA’s security policy. When you are zoomed in closer than a 1:24,000 scale (approximately 0.2 miles on the scale bar), you will notice that the pipelines have disappeared from the map. In order to see the pipelines, you must either zoom out or set the scale to 1:24,000 or a greater number. Data cannot be downloaded from the Public Viewer.”