ref: 66f3f58a03578914ba97a7aa3862bacfa0bd00df
dir: /pub/changeblog.plain.xml/
<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<author>
<name>sirjofri</name>
<email>sirjofri@sirjofri.de</email>
</author>
<link rel="self" href="https://sirjofri.de/changeblog.plain.xml"/>
<rights>© Copyright 2020 sirjofri</rights>
<id>https://sirjofri.de/</id>
<title>changeblog</title>
<updated>2020-12-15T11:04:38+01:00</updated>
<entry>
<title>Restrict RCPU User Access to Groups</title>
<id>https://sirjofri.de/changeblog/1596011563/</id>
<link href="https://sirjofri.de/changeblog/1596011563/"/>
<updated>2020-07-29T10:32:43+02:00</updated>
<content type="html">
Restrict RCPU User Access to Groups
This is how to restrict user access to groups. You can use
this to enable _rrrr_cccc_pppp_uuuu access for all users of a specific
group. All other groups will not be allowed.
To allow access only to _ssss_yyyy_ssss group members: adjust your
/_rrrr_cccc/_bbbb_iiii_nnnn/_ssss_eeee_rrrr_vvvv_iiii_cccc_eeee/_tttt_cccc_pppp_1111_7777_0000_1111_9999
#!/_bbbb_iiii_nnnn/_rrrr_cccc
_uuuu_ssss_eeee_rrrr_ffff_iiii_llll_eeee=/_aaaa_dddd_mmmm/_uuuu_ssss_eeee_rrrr_ssss
_ffff_nnnn _uuuu_ssss_eeee_rrrr_iiii_nnnn_gggg_rrrr_oooo_uuuu_pppp{
_gggg_rrrr_eeee_pppp $_1111 $_uuuu_ssss_eeee_rrrr_ffff_iiii_llll_eeee | {
_ffff_oooo_uuuu_nnnn_dddd=_0000
_wwww_hhhh_iiii_llll_eeee(~ $_ffff_oooo_uuuu_nnnn_dddd _0000 && _llll_iiii_nnnn_eeee=`:{_rrrr_eeee_aaaa_dddd}){
_iiii_ffff(~ $_llll_iiii_nnnn_eeee(_2222) $_2222){
_ffff_oooo_uuuu_nnnn_dddd=_1111
}
}
_iiii_ffff(~ $_ffff_oooo_uuuu_nnnn_dddd _1111)
_ssss_tttt_aaaa_tttt_uuuu_ssss=''
_iiii_ffff _nnnn_oooo_tttt
_ssss_tttt_aaaa_tttt_uuuu_ssss='_nnnn_oooo_tttt _ffff_oooo_uuuu_nnnn_dddd'
}
}
_iiii_ffff(~ $#* _3333){
_nnnn_eeee_tttt_dddd_iiii_rrrr=$_3333
_rrrr_eeee_mmmm_oooo_tttt_eeee=$_2222!`{_cccc_aaaa_tttt $_3333/_rrrr_eeee_mmmm_oooo_tttt_eeee}
}
_ffff_nnnn _ssss_eeee_rrrr_vvvv_eeee_rrrr {
~ $#_rrrr_eeee_mmmm_oooo_tttt_eeee _0000 || _eeee_cccc_hhhh_oooo -_nnnn $_nnnn_eeee_tttt_dddd_iiii_rrrr $_rrrr_eeee_mmmm_oooo_tttt_eeee
>/_pppp_rrrr_oooo_cccc/$_pppp_iiii_dddd/_aaaa_rrrr_gggg_ssss
_rrrr_mmmm -_ffff /_eeee_nnnn_vvvv/'_ffff_nnnn#_ssss_eeee_rrrr_vvvv_eeee_rrrr'
. <{_nnnn=`{_rrrr_eeee_aaaa_dddd} && ! ~ $#_nnnn _0000 && _rrrr_eeee_aaaa_dddd -_cccc $_nnnn} >[_2222=_1111]
}
_eeee_xxxx_eeee_cccc _tttt_llll_ssss_ssss_rrrr_vvvv -_aaaa /_bbbb_iiii_nnnn/_rrrr_cccc -_cccc '_uuuu_ssss_eeee_rrrr_iiii_nnnn_gggg_rrrr_oooo_uuuu_pppp $_uuuu_ssss_eeee_rrrr _ssss_yyyy_ssss &&
_ssss_eeee_rrrr_vvvv_eeee_rrrr'
This checks if the user is in group _ssss_yyyy_ssss and only then calls
the _ssss_eeee_rrrr_vvvv_eeee_rrrr function. Otherwise the connection is termi-
nated.
This is especially useful if you want a CPU server to expose
filesystems _aaaa_nnnn_dddd have cpu access for administrators only.
December 15, 2020
</content>
</entry>
<entry>
<title>lib/profile quick hack</title>
<id>https://sirjofri.de/changeblog/1594885496/</id>
<link href="https://sirjofri.de/changeblog/1594885496/"/>
<updated>2020-07-16T09:44:56+02:00</updated>
<content type="html">
lib/profile quick hack
Some smaller change that can change your life.
There are reasons why you not run rio in your lib/profile.
For me the main reason would be: You can no longer use
commands _rrrr_cccc_pppp_uuuu-c in your shell. Rio opens and there you are,
stuck in front of a gray background.
My solution:
_cccc_aaaa_ssss_eeee _cccc_pppp_uuuu
# … _llll_oooo_tttt_ssss _oooo_ffff _ssss_tttt_uuuu_ffff_ffff …
_rrrr_cccc_pppp_uuuu_cccc_mmmm_dddd=`{_cccc_aaaa_tttt /_mmmm_nnnn_tttt/_tttt_eeee_rrrr_mmmm/_eeee_nnnn_vvvv/_cccc_mmmm_dddd >[_2222]/_dddd_eeee_vvvv/_nnnn_uuuu_llll_llll}
_iiii_ffff(~ $#_rrrr_cccc_pppp_uuuu_cccc_mmmm_dddd _0000)
_rrrr_iiii_oooo
# … _llll_oooo_tttt_ssss _oooo_ffff _ssss_tttt_uuuu_ffff_ffff …
Now I can rcpu and have my rio, or rcpu -c command and run
the command without leaving my shell.
December 15, 2020
</content>
</entry>
<entry>
<title>Mail Server Configuration</title>
<id>https://sirjofri.de/changeblog/1594881674/</id>
<link href="https://sirjofri.de/changeblog/1594881674/"/>
<updated>2020-07-16T08:41:14+02:00</updated>
<content type="html">
Mail Server Configuration
Recently I installed my mail server on 9front. Most of the
time I followed the guide in the FQA, but still there are
things to explain. In this document I'll go through the sec-
tion of the FQA and annotate things.
Right at the beginning the FQA mentions how the executing
user needs write permissions for the mailboxes. This is If
upas can't write the mailboxes the mail server will not
accept incoming mail!
In my setup I can skip all DNS stuff, because I have my DNS
hosted somewhere else. Make sure to add proper MX records as
well as (at least) an SPF record.
/_mmmm_aaaa_iiii_llll/_llll_iiii_bbbb/_ssss_mmmm_tttt_pppp_dddd._cccc_oooo_nnnn_ffff
To make things short, here are the necessary lines in my
setup. The server handles authenticated incoming mail for
sending to other providers as well as incoming mail for
local accounts.
_dddd_eeee_ffff_aaaa_uuuu_llll_tttt_dddd_oooo_mmmm_aaaa_iiii_nnnn _ssss_iiii_rrrr_jjjj_oooo_ffff_rrrr_iiii._dddd_eeee
_nnnn_oooo_rrrr_eeee_llll_aaaa_yyyy _oooo_nnnn
_vvvv_eeee_rrrr_iiii_ffff_yyyy_ssss_eeee_nnnn_dddd_eeee_rrrr_dddd_oooo_mmmm _oooo_nnnn
_ssss_aaaa_vvvv_eeee_bbbb_llll_oooo_cccc_kkkk_eeee_dddd_mmmm_ssss_gggg _oooo_ffff_ffff
_oooo_uuuu_rrrr_dddd_oooo_mmmm_aaaa_iiii_nnnn_ssss _ssss_iiii_rrrr_jjjj_oooo_ffff_rrrr_iiii._dddd_eeee
Note that the server is no relay for
unauthenticated/untrusted requests, it will still relay if
you authenticate.
At this point it might be a good idea to check your user
password. Use auth/changeuser to add Inferno/POP secrets to
your user accounts. Use these passwords to authenticate to
the smtp server.
/_mmmm_aaaa_iiii_llll/_llll_iiii_bbbb/_rrrr_eeee_wwww_rrrr_iiii_tttt_eeee
The program that handles sending mail uses this file to
rewrite mail addresses. This file is responsible for filter-
ing out local mail as well as sending other mails to the
mailer.
In my setup I added three aliases:
December 15, 2020
- 2 -
_pppp_OOOO_ssss_TTTT_mmmm_AAAA_ssss_TTTT_eeee_RRRR _aaaa_llll_iiii_aaaa_ssss _pppp_oooo_ssss_tttt_mmmm_aaaa_ssss_tttt_eeee_rrrr
_aaaa_BBBB_uuuu_SSSS_eeee _aaaa_llll_iiii_aaaa_ssss _aaaa_bbbb_uuuu_ssss_eeee
_wwww_EEEE_bbbb_MMMM_aaaa_SSSS_tttt_EEEE_rrrr _aaaa_llll_iiii_aaaa_ssss _wwww_eeee_bbbb_mmmm_aaaa_ssss_tttt_eeee_rrrr
Use regular expressions to define your domain:
\_llll!(.*) _aaaa_llll_iiii_aaaa_ssss \_1111
\_llll\._ssss_iiii_rrrr_jjjj_oooo_ffff_rrrr_iiii._dddd_eeee!(.*) _aaaa_llll_iiii_aaaa_ssss \_1111
_ssss_iiii_rrrr_jjjj_oooo_ffff_rrrr_iiii._dddd_eeee!(.*) _aaaa_llll_iiii_aaaa_ssss \_1111
For translating mails I added one more rule for mail address
tags. These tags are in the form of user+tag@example.com.
Official specifications say that everything behind that “+”
must be ignored, but it can be used to automatically sort
incoming mail into folders. I do this, by the way, so I
describe here, how.
We need rules for those plus signs:
\"(.+)\+(.*)\" _tttt_rrrr_aaaa_nnnn_ssss_llll_aaaa_tttt_eeee "_eeee_cccc_hhhh_oooo `{/_bbbb_iiii_nnnn/_uuuu_pppp_aaaa_ssss/_aaaa_llll_iiii_aaaa_ssss_mmmm_aaaa_iiii_llll
'\_1111'}^'+\_2222'"
# _TTTT_hhhh_eeee _oooo_tttt_hhhh_eeee_rrrr _tttt_rrrr_aaaa_nnnn_ssss_llll_aaaa_tttt_eeee _rrrr_uuuu_llll_eeee_ssss _aaaa_rrrr_eeee _dddd_eeee_ffff_aaaa_uuuu_llll_tttt
For delivering local mails, I added extra rules:
_llll_oooo_cccc_aaaa_llll!(.+)\+(.+) | "/_bbbb_iiii_nnnn/_tttt_eeee_ssss_tttt -_dddd /_mmmm_aaaa_iiii_llll/_bbbb_oooo_xxxx/\_1111/\_2222
\&\& /_bbbb_iiii_nnnn/_uuuu_pppp_aaaa_ssss/_mmmm_bbbb_aaaa_pppp_pppp_eeee_nnnn_dddd /_mmmm_aaaa_iiii_llll/_bbbb_oooo_xxxx/\_1111/\_2222 ||
/_bbbb_iiii_nnnn/_uuuu_pppp_aaaa_ssss/_mmmm_bbbb_aaaa_pppp_pppp_eeee_nnnn_dddd /_mmmm_aaaa_iiii_llll/_bbbb_oooo_xxxx/\_1111/_mmmm_bbbb_oooo_xxxx"
_llll_oooo_cccc_aaaa_llll!"(.+)+(.+) | "/_bbbb_iiii_nnnn/_tttt_eeee_ssss_tttt -_dddd /_mmmm_aaaa_iiii_llll/_bbbb_oooo_xxxx/\_1111/\_2222 \&\&
/_bbbb_iiii_nnnn/_uuuu_pppp_aaaa_ssss/_mmmm_bbbb_aaaa_pppp_pppp_eeee_nnnn_dddd /_mmmm_aaaa_iiii_llll/_bbbb_oooo_xxxx/\_1111/\_2222 ||
/_bbbb_iiii_nnnn/_uuuu_pppp_aaaa_ssss/_mmmm_bbbb_aaaa_pppp_pppp_eeee_nnnn_dddd /_mmmm_aaaa_iiii_llll/_bbbb_oooo_xxxx/\_1111/_mmmm_bbbb_oooo_xxxx"
# _llll_eeee_aaaa_vvvv_eeee _tttt_hhhh_eeee _oooo_tttt_hhhh_eeee_rrrr _rrrr_uuuu_llll_eeee_ssss _uuuu_nnnn_tttt_oooo_uuuu_cccc_hhhh_eeee_dddd.
With this settings, mails to user+tag will be checked. If a
mailbox folder for tag exists, mail is sent to this folder.
Otherwise it is sent to the user's default inbox. _NNNN_oooo_tttt_eeee: I
tested, but this does not work with aliased mail. If my
aliasmail changes userA to userB, mails to userA+tag will be
rejected! If you know how I can make this work, feel free to
send me a mail.
/_mmmm_aaaa_iiii_llll/_llll_iiii_bbbb/_nnnn_aaaa_mmmm_eeee_ssss._llll_oooo_cccc_aaaa_llll
This file is pretty easy. Just add your alias mail
addresses:
_pppp_oooo_ssss_tttt_mmmm_aaaa_ssss_tttt_eeee_rrrr _ssss_iiii_rrrr_jjjj_oooo_ffff_rrrr_iiii
_wwww_eeee_bbbb_mmmm_aaaa_ssss_tttt_eeee_rrrr _ssss_iiii_rrrr_jjjj_oooo_ffff_rrrr_iiii
_aaaa_bbbb_uuuu_ssss_eeee _ssss_iiii_rrrr_jjjj_oooo_ffff_rrrr_iiii
/_mmmm_aaaa_iiii_llll/_llll_iiii_bbbb/_rrrr_eeee_mmmm_oooo_tttt_eeee_mmmm_aaaa_iiii_llll
#!/_bbbb_iiii_nnnn/_rrrr_cccc
_ssss_hhhh_iiii_ffff_tttt
December 15, 2020
- 3 -
_ssss_eeee_nnnn_dddd_eeee_rrrr=$_1111
_ssss_hhhh_iiii_ffff_tttt
_aaaa_dddd_dddd_rrrr=$_1111
_ssss_hhhh_iiii_ffff_tttt
_ffff_dddd=`{/_bbbb_iiii_nnnn/_uuuu_pppp_aaaa_ssss/_aaaa_llll_iiii_aaaa_ssss_mmmm_aaaa_iiii_llll -_ffff $_ssss_eeee_nnnn_dddd_eeee_rrrr}
_ssss_wwww_iiii_tttt_cccc_hhhh($_ffff_dddd){
_cccc_aaaa_ssss_eeee *.*
;
_cccc_aaaa_ssss_eeee *
_ffff_dddd=_ssss_iiii_rrrr_jjjj_oooo_ffff_rrrr_iiii._dddd_eeee
}
_eeee_xxxx_eeee_cccc /_bbbb_iiii_nnnn/_uuuu_pppp_aaaa_ssss/_ssss_mmmm_tttt_pppp -_hhhh $_ffff_dddd $_aaaa_dddd_dddd_rrrr $_ssss_eeee_nnnn_dddd_eeee_rrrr $*
_SSSS_MMMM_TTTT_PPPP _oooo_vvvv_eeee_rrrr _TTTT_LLLL_SSSS
I don't use port 587. I use 25 for this. Mail servers relay
mails to this port by default, so it makes sense.
/rc/bin/service/tcp25
#!/_bbbb_iiii_nnnn/_rrrr_cccc
_uuuu_ssss_eeee_rrrr=`{_cccc_aaaa_tttt /_dddd_eeee_vvvv/_uuuu_ssss_eeee_rrrr}
_eeee_xxxx_eeee_cccc /_bbbb_iiii_nnnn/_uuuu_pppp_aaaa_ssss/_ssss_mmmm_tttt_pppp_dddd -_ffff -_EEEE -_rrrr -_cccc /_ssss_yyyy_ssss/_llll_iiii_bbbb/_tttt_llll_ssss/_cccc_eeee_rrrr_tttt -_nnnn
$_3333
Don't forget to create your TLS certificate!
_IIII_MMMM_AAAA_PPPP_4444 _oooo_vvvv_eeee_rrrr _TTTT_LLLL_SSSS
I did this exactly like the FQA. See there.
_NNNN_oooo.
At this point I stopped. I did not configure ratfs and have
no spam handling right now. It doesn't really matter for me,
because nobody knows me and I don't use that mail address to
register anywhere.
Links:
→ https://fqa.9front.org/fqa7.html#7.7
December 15, 2020
</content>
</entry>
<entry>
<title>Guided Replica</title>
<id>https://sirjofri.de/changeblog/1593621046/</id>
<link href="https://sirjofri.de/changeblog/1593621046/"/>
<updated>2020-07-01T18:30:46+02:00</updated>
<content type="html">
Guided Replica
Today I installed on my VPS. I noticed that I can write some
helper scripts around it and here they are.
You can download them from
_hhhh_tttt_tttt_pppp_ssss://_ssss_iiii_rrrr_jjjj_oooo_ffff_rrrr_iiii._dddd_eeee/_ffff_iiii_llll_eeee_ssss/_gggg_uuuu_iiii_dddd_eeee_dddd_rrrr_eeee_pppp_llll_iiii_cccc_aaaa.
You can install it like that:
# _bbbb_iiii_nnnn_dddd _yyyy_oooo_uuuu_rrrr _cccc_llll_iiii_eeee_nnnn_tttt $_hhhh_oooo_mmmm_eeee _tttt_oooo /_nnnn/_rrrr_cccc_llll_iiii_eeee_nnnn_tttt
# _bbbb_iiii_nnnn_dddd _yyyy_oooo_uuuu_rrrr _ssss_eeee_rrrr_vvvv_eeee_rrrr $_hhhh_oooo_mmmm_eeee _tttt_oooo /_nnnn/_rrrr_ssss_eeee_rrrr_vvvv_eeee_rrrr
_hhhh_gggg_eeee_tttt
_hhhh_tttt_tttt_pppp_ssss://_ssss_iiii_rrrr_jjjj_oooo_ffff_rrrr_iiii._dddd_eeee/_ffff_iiii_llll_eeee_ssss/_gggg_uuuu_iiii_dddd_eeee_dddd_rrrr_eeee_pppp_llll_iiii_cccc_aaaa/_gggg_uuuu_iiii_dddd_eeee_dddd_rrrr_eeee_pppp_llll_iiii_cccc_aaaa._rrrr_cccc |
_rrrr_cccc
# _ffff_oooo_llll_llll_oooo_wwww _tttt_hhhh_eeee _pppp_rrrr_oooo_mmmm_pppp_tttt_ssss
This will also install two helper scripts to
$_hhhh_oooo_mmmm_eeee/_bbbb_iiii_nnnn/_rrrr_cccc/_rrrr_eeee_pppp_llll_iiii_cccc_aaaa/. Reproto copies one proto over the
other. You can choose which one you want to keep. Reupdate
is helpful if there are update-update errors. It should
automatically solve them (untested, but should work).
_UUUU_pppp_dddd_aaaa_tttt_eeee: has issues. Often it does a bad job tracking
changes, leaving removed files there and vice versa. I never
encountered data loss, only inconsistencies in the copies.
Many people use which does not overwrite changed files. At
some point I will build some scripts around it and use that
instead of
(Files: _hhhh_tttt_tttt_pppp_ssss://_ssss_iiii_rrrr_jjjj_oooo_ffff_rrrr_iiii._dddd_eeee/_ffff_iiii_llll_eeee_ssss/_gggg_uuuu_iiii_dddd_eeee_dddd_rrrr_eeee_pppp_llll_iiii_cccc_aaaa/_RRRR_EEEE_AAAA_DDDD_MMMM_EEEE
_hhhh_tttt_tttt_pppp_ssss://_ssss_iiii_rrrr_jjjj_oooo_ffff_rrrr_iiii._dddd_eeee/_ffff_iiii_llll_eeee_ssss/_gggg_uuuu_iiii_dddd_eeee_dddd_rrrr_eeee_pppp_llll_iiii_cccc_aaaa/_gggg_uuuu_iiii_dddd_eeee_dddd_rrrr_eeee_pppp_llll_iiii_cccc_aaaa._rrrr_cccc)
December 15, 2020
</content>
</entry>
<entry>
<title>9front on Netcup VPS</title>
<id>https://sirjofri.de/changeblog/1593448779/</id>
<link href="https://sirjofri.de/changeblog/1593448779/"/>
<updated>2020-06-29T18:39:39+02:00</updated>
<content type="html">
9front on Netcup VPS
Today I installed 9front on a Netcup VPS. Here are some
notes if you want to do it yourself.
I used the smallest VPS option. Currently, that's “VPS 200
G8”. It costs like 2.69 Euro, but you might be able to find
some way to make it cheaper.
After ordering it might take some time until the server is
up and ready. By default debian was installed in a GPT, we
can ignore that.
Before we can install our custom ISO we first must upload it
somewhere. This is done via FTP (you get the access data
from the SCP), I used windows default file explorer
(ftp://user@address, enter password). Copy the 9front ISO in
/cdrom. This will take some time.
Meanwhile you can delete the virtual disk and create a new
one. You need your SCP password for this. This step is nec-
essary to remove the GPT. Of course you could manually
reformat the disk, but deleting the disk will save time.
In the settings you can virtually insert the iso as a DVD
and verify the boot order (DVD first). Start up the machine
and switch to the web VNC display.
At this point you can proceed with the default 9front
installation described in the fqa. Don't forget to install
the MBR and activate the partition. Otherwise there are no
additional special steps besides manually configuring the
/lib/ndb/local after installation. In my case I made an
auth server.
Currently it seems to work fine. I installed the machine
today, so there might be some issues I didn't find yet.
December 15, 2020
</content>
</entry>
<entry>
<title>changeblog feed — social media²</title>
<id>https://sirjofri.de/changeblog/1592917245/</id>
<link href="https://sirjofri.de/changeblog/1592917245/"/>
<updated>2020-06-23T15:00:45+02:00</updated>
<content type="html">
changeblog feed — social media²
RSS is still a thing.
Yes, there are more modern alternatives, like Atom or fancy
json feeds. What I want to say is, feeds are still a thing.
That's why you are now able to read my changeblog as an Atom
feed.
Now I just need to find enough time to write my posts.
December 15, 2020
</content>
</entry>
<entry>
<title>I use 9front</title>
<id>https://sirjofri.de/changeblog/1590105600/</id>
<link href="https://sirjofri.de/changeblog/1590105600/"/>
<updated>2020-05-22T02:00:00+02:00</updated>
<content type="html">
I use 9front
Today I want to share with you, that I use the plan9 distri-
bution '9front' as my main computer.
Of course there are things that are almost impossible to do
there, for example: all gamedev related stuff. This is of
course an issue, because I am a game developer. I still have
my windows machine with relevant tools, so I can still fid-
dle around with those complex things.
For gaming I also use my windows machine or some game con-
sole. Yes, there are a few games on plan9 systems.
Also most online services use javascript and heavy styling
of webpages, so I also use a modern computer with a modern
browser. Mothra is fine for doing basic research stuff, but
in 2020 it's almost impossible to actually do things on the
web.
Anyways, let me tell you that I don't really miss anything
on plan9. I can write documents, check my email stuff, chat
with people, and step by step it becomes more usable. The
community is helpful and provides more applications. The
system runs stable, the user interface is consistent and
good to look at. Colors don't jump in your eye and want to
kill you and there's catclock(1), our friendly companion.
December 15, 2020
</content>
</entry>
<entry>
<title>Revived</title>
<id>https://sirjofri.de/changeblog/1578614400/</id>
<link href="https://sirjofri.de/changeblog/1578614400/"/>
<updated>2020-01-10T01:00:00+01:00</updated>
<content type="html">
Revived
I updated my website to Uberspace 7, but not only this: I
changed the whole webpage to make it more nine-friendly.
My whole webpage management system is completely 9 based. I
use oridb's git9 implementation and plan9 tools, mk, sed,
cat, …
I also decided to change the main language of the website to
English.
December 15, 2020
</content>
</entry>
</feed>