Bringing up the Mock Build System on Fedora 20

A travel log …
Previously: Using the Mock Build System to build Fedora Source RPMs, 2015-02-02

Recipe

  • sudo yum install -y mock
  • sudo groupadd -g 10014 mockbuild # gid value is arbitrary
  • sudo useradd -u 339 -g mockbuild -s /sbin/nologin mockbuild # uid value is arbitrary but yet a role
  • sudo usermod -a -G mock wbaker
  • sudo chgrp mock /etc/mock
  • sudo chmod g+ws /etc/mock
  • sudo chmod g+w /etc/mock/site-defaults.cfg
  • sudo cp /etc/mock/default.cfg /etc/mock/$(hostname -s).cfg
  • sudo chown mockbuild:mock /etc/mock/$(hostname -s).cfg /etc/mock/site-defaults.cfg
  • sudo ln -sf $(hostname -s).cfg /etc/mock/default.cfg
  • sudo chmod g+w /etc/mock/$(hostname -s).cfg
  • emacs /etc/mock/$(hostname -s).cfg /etc/mock/site-default.cfg
  • diff /etc/mock/$(hostname -s).cfg{~,} # review the changes
  • diff /etc/mock/site-default.cfg{~,} # review the changes
  • sudo mkdir -p /local/mock
  • sudo chown mockbuild:mock /local/mock
  • sudo chmod u=rwx,g=rwxs,o=rx /local/mock

Configuration

This is substantially site-specific. The goal is

  • Create a repo of rebuilt packages
  • Consider that the location /build is an expansive NFS-mounted storage system
  • We can’t use that attractive vast bulk storage area for building (in general) because
  • We must build on the local ext4 filesystem as basedir is /local/mock/
    Recall that basedir and cache_topdir must be owned by group mock and must have mode: g+rws
  • We must use the NFS-mounted bulk storage for
    • The cache as cache_topdir
    • The final product as resultdir
$ diff orig.site-defaults.cfg site-defaults.cfg
18a19
> config_opts['basedir'] = '/local/mock/'
19a21
> config_opts['cache_topdir'] = '/build/cache/mock'
72a75
> config_opts['createrepo_on_rpms'] = True
$ diff fedora-20-x86_64.cfg napoleon.cfg
0a1,2
> config_opts['resultdir'] = '/build/fedora/20/rebuilt'
> 
5c7
< config_opts['dist'] = 'fc20'  # only useful for --resultdir variable subst
---
> config_opts['dist'] = 'fc20-wcb'  # only useful for --resultdir variable subst
23a26,49
> 
> [rebuilt]
> name=rebuilt
> baseurl=file:///build/fedora/20/rebuilt
> gpgkey=file:///etc/pki/mock/RPM-GPG-KEY-fedora-20-primary
> # we built these
> gpgcheck=0
> sslverify = 0
> # default is 1000, nfs-based (file://) costs 10, local-based (file://) costs 1, mock rebuilt costs 2
> cost = 2
> enabled = 1
> failovermethod=priority
> 
> [areas-fedora-repos-collected-20]
> name=/areas/fedora, Fedora 20, collected
> #baseurl=http://fedora.http.example.com/20/collected
> baseurl=file:///areas/fedora/repos/20/collected
> gpgkey=file:///etc/pki/mock/RPM-GPG-KEY-fedora-20-primary
> gpgcheck=1
> sslverify = 0
> # default is 1000, nfs-based (file://) costs 10, local-based (file://) costs 1
> cost = 10
> enabled = 1
> failovermethod=priority

Actualities


$ sudo yum install -y mock
Loaded plugins: langpacks, refresh-packagekit
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
fedora/20/x86_64/metalink                                                    |  18 kB  00:00:00     
updates/20/x86_64/metalink                                                   |  15 kB  00:00:00     
updates                                                                      | 4.9 kB  00:00:00     
(1/2): updates/20/x86_64/group_gz                                            | 419 kB  00:00:01     
(2/2): updates/20/x86_64/primary_db                                          |  13 MB  00:03:20     
(1/2): updates/20/x86_64/pkgtags                                             | 1.4 MB  00:00:35     
(2/2): updates/20/x86_64/updateinfo                                          | 1.9 MB  00:00:42     
Resolving Dependencies
--> Running transaction check
---> Package mock.noarch 0:1.2.7-1.fc20 will be installed
--> Processing Dependency: pigz for package: mock-1.2.7-1.fc20.noarch
--> Processing Dependency: createrepo_c for package: mock-1.2.7-1.fc20.noarch
--> Running transaction check
---> Package createrepo_c.x86_64 0:0.7.4-1.fc20 will be installed
--> Processing Dependency: createrepo_c-libs = 0.7.4-1.fc20 for package: createrepo_c-0.7.4-1.fc20.x86_64
--> Processing Dependency: libcreaterepo_c.so.0()(64bit) for package: createrepo_c-0.7.4-1.fc20.x86_64
---> Package pigz.x86_64 0:2.3.3-1.fc20 will be installed
--> Running transaction check
---> Package createrepo_c-libs.x86_64 0:0.7.4-1.fc20 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================
 Package                      Arch              Version                    Repository          Size
====================================================================================================
Installing:
 mock                         noarch            1.2.7-1.fc20               updates            287 k
Installing for dependencies:
 createrepo_c                 x86_64            0.7.4-1.fc20               updates             57 k
 createrepo_c-libs            x86_64            0.7.4-1.fc20               updates             79 k
 pigz                         x86_64            2.3.3-1.fc20               updates             68 k

Transaction Summary
====================================================================================================
Install  1 Package (+3 Dependent packages)

Total download size: 492 k
Installed size: 1.3 M
Downloading packages:
(1/4): createrepo_c-0.7.4-1.fc20.x86_64.rpm                                  |  57 kB  00:00:00     
(2/4): mock-1.2.7-1.fc20.noarch.rpm                                          | 287 kB  00:00:02     
(3/4): createrepo_c-libs-0.7.4-1.fc20.x86_64.rpm                             |  79 kB  00:00:02     
(4/4): pigz-2.3.3-1.fc20.x86_64.rpm                                          |  68 kB  00:00:02     
----------------------------------------------------------------------------------------------------
Total                                                               187 kB/s | 492 kB  00:00:02     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction (shutdown inhibited)
Warning: RPMDB altered outside of yum.
  Installing : createrepo_c-libs-0.7.4-1.fc20.x86_64                                            1/4 
  Installing : createrepo_c-0.7.4-1.fc20.x86_64                                                 2/4 
  Installing : pigz-2.3.3-1.fc20.x86_64                                                         3/4 
  Installing : mock-1.2.7-1.fc20.noarch                                                         4/4 
  Verifying  : mock-1.2.7-1.fc20.noarch                                                         1/4 
  Verifying  : pigz-2.3.3-1.fc20.x86_64                                                         2/4 
  Verifying  : createrepo_c-0.7.4-1.fc20.x86_64                                                 3/4 
  Verifying  : createrepo_c-libs-0.7.4-1.fc20.x86_64                                            4/4 

Installed:
  mock.noarch 0:1.2.7-1.fc20                                                                        

Dependency Installed:
  createrepo_c.x86_64 0:0.7.4-1.fc20             createrepo_c-libs.x86_64 0:0.7.4-1.fc20            
  pigz.x86_64 0:2.3.3-1.fc20                    

Complete!

$ grep mock /etc/passwd /etc/group
/etc/group:mock:x:135:

But you need mockbuild as well, because that’s what all the packages expect. Form a “working” machine… (uid and gid values are particular to this site; you should use values >= 1000)

$ sudo groupadd -g 10014 mockbuild
$ sudo useradd -u 339 -g mockbuild -s /sbin/nologin mockbuild
$ grep mock /etc/passwd /etc/group
/etc/passwd:mockbuild:x:339:10014::/home/mockbuild:/sbin/nologin
/etc/group:mock:x:135:mockbuild
/etc/group:mockbuild:x:10014:wbaker

Probably you want to be in group mock; you do not need or want to be in group mockbuild.

$ sudo usermod -a -G mock wbaker

And mock needs its own build and result area

$ sudo mkdir /local/mock
$ sudo chown mockbuild:mock /local/mock
$ sudo chmod u=rwx,g=rwxs,o=rx /local/mock

Originally the mock configuration area has only root:root permissions, which is inconvenient.

$ ls -als /etc/mock
total 216
 4 drwxr-xr-x.   2 root root  4096 Apr 20 22:22 .
12 drwxr-xr-x. 143 root root 12288 Apr 20 22:48 ..
 0 lrwxrwxrwx.   1 root root    20 Apr 20 22:22 default.cfg -> fedora-20-x86_64.cfg
 4 -rw-r--r--.   1 root mock  1628 Feb 13 02:51 epel-5-i386.cfg
 4 -rw-r--r--.   1 root mock  1601 Feb 13 02:51 epel-5-ppc.cfg
 4 -rw-r--r--.   1 root mock  1623 Feb 13 02:51 epel-5-x86_64.cfg
 4 -rw-r--r--.   1 root mock  1536 Feb 13 02:51 epel-6-i386.cfg
 4 -rw-r--r--.   1 root mock  1273 Feb 13 02:51 epel-6-ppc64.cfg
 4 -rw-r--r--.   1 root mock  1526 Feb 13 02:51 epel-6-x86_64.cfg
 4 -rw-r--r--.   1 root mock  1652 Feb 13 02:51 epel-7-x86_64.cfg
 4 -rw-r--r--.   1 root mock  1787 Feb 13 02:51 fedora-19-armhfp.cfg
 4 -rw-r--r--.   1 root mock  1793 Feb 13 02:51 fedora-19-i386.cfg
 4 -rw-r--r--.   1 root mock  1782 Feb 13 02:51 fedora-19-ppc64.cfg
 4 -rw-r--r--.   1 root mock  1888 Feb 13 02:51 fedora-19-ppc.cfg
 4 -rw-r--r--.   1 root mock  1781 Feb 13 02:51 fedora-19-s390.cfg
 4 -rw-r--r--.   1 root mock  1783 Feb 13 02:51 fedora-19-s390x.cfg
 4 -rw-r--r--.   1 root mock  1788 Feb 13 02:51 fedora-19-x86_64.cfg
 4 -rw-r--r--.   1 root mock  1837 Feb 13 02:51 fedora-20-armhfp.cfg
 4 -rw-r--r--.   1 root mock  1859 Feb 13 02:51 fedora-20-i386.cfg
 4 -rw-r--r--.   1 root mock  1842 Feb 13 02:51 fedora-20-ppc64.cfg
 4 -rw-r--r--.   1 root mock  1960 Feb 13 02:51 fedora-20-ppc.cfg
 4 -rw-r--r--.   1 root mock  1847 Feb 13 02:51 fedora-20-s390.cfg
 4 -rw-r--r--.   1 root mock  1843 Feb 13 02:51 fedora-20-s390x.cfg
 4 -rw-r--r--.   1 root mock  1842 Feb 13 02:51 fedora-20-x86_64.cfg
 4 -rw-r--r--.   1 root mock  1849 Feb 13 02:51 fedora-21-aarch64.cfg
 4 -rw-r--r--.   1 root mock  1837 Feb 13 02:51 fedora-21-armhfp.cfg
 4 -rw-r--r--.   1 root mock  1859 Feb 13 02:51 fedora-21-i386.cfg
 4 -rw-r--r--.   1 root mock  1841 Feb 13 02:51 fedora-21-ppc64.cfg
 4 -rw-r--r--.   1 root mock  1849 Feb 13 02:51 fedora-21-ppc64le.cfg
 4 -rw-r--r--.   1 root mock  1851 Feb 13 02:51 fedora-21-s390.cfg
 4 -rw-r--r--.   1 root mock  1842 Feb 13 02:51 fedora-21-s390x.cfg
 4 -rw-r--r--.   1 root mock  1842 Feb 13 02:51 fedora-21-x86_64.cfg
 4 -rw-r--r--.   1 root mock  1849 Feb 13 02:51 fedora-22-aarch64.cfg
 4 -rw-r--r--.   1 root mock  1837 Feb 13 02:51 fedora-22-armhfp.cfg
 4 -rw-r--r--.   1 root mock  1859 Feb 13 02:51 fedora-22-i386.cfg
 4 -rw-r--r--.   1 root mock  1841 Feb 13 02:51 fedora-22-ppc64.cfg
 4 -rw-r--r--.   1 root mock  1849 Feb 13 02:51 fedora-22-ppc64le.cfg
 4 -rw-r--r--.   1 root mock  1851 Feb 13 02:51 fedora-22-s390.cfg
 4 -rw-r--r--.   1 root mock  1842 Feb 13 02:51 fedora-22-s390x.cfg
 4 -rw-r--r--.   1 root mock  1842 Feb 13 02:51 fedora-22-x86_64.cfg
 4 -rw-r--r--.   1 root mock  1026 Feb 13 02:51 fedora-rawhide-aarch64.cfg
 4 -rw-r--r--.   1 root mock  1011 Feb 13 02:51 fedora-rawhide-armhfp.cfg
 4 -rw-r--r--.   1 root mock  1034 Feb 13 02:51 fedora-rawhide-i386.cfg
 4 -rw-r--r--.   1 root mock  1014 Feb 13 02:51 fedora-rawhide-ppc64.cfg
 4 -rw-r--r--.   1 root mock  1024 Feb 13 02:51 fedora-rawhide-ppc64le.cfg
 4 -rw-r--r--.   1 root mock  1018 Feb 13 02:51 fedora-rawhide-s390.cfg
 4 -rw-r--r--.   1 root mock  1015 Feb 13 02:51 fedora-rawhide-s390x.cfg
 4 -rw-r--r--.   1 root mock  1160 Feb 13 02:51 fedora-rawhide-sparc.cfg
 4 -rw-r--r--.   1 root mock  1020 Feb 13 02:51 fedora-rawhide-x86_64.cfg
 4 -rw-r--r--.   1 root root  1751 Feb 13 02:51 logging.ini
12 -rw-r--r--.   1 root mock 11584 Feb 13 02:51 site-defaults.cfg
$ sudo chgrp mock /etc/mock
$ sudo chmod g+ws /etc/mock
$ sudo cp /etc/mock/default.cfg  /etc/mock/$(hostname -s).cfg
$ sudo chown mockbuild:mock /etc/mock/$(hostname -s).cfg /etc/mock/site-defaults.cfg
$ sudo sudo chmod g+w /etc/mock/site-defaults.cfg
$ sudo ln -sf $(hostname -s).cfg /etc/mock/default.cfg
$ ls -als /etc/mock
total 216
  drwxrwsr-x.   2 root mock  4096 Apr 20 22:22 .
  drwxr-xr-x. 143 root root 12288 Apr 20 22:48 ..
  lrwxrwxrwx.   1 root root    20 Apr 20 22:22 default.cfg -> fedora-20-x86_64.cfg
 4 -rw-rw-r--.   1 root mock  1628 Feb 13 02:51 epel-5-i386.cfg
 4 -rw-rw-r--.   1 root mock  1601 Feb 13 02:51 epel-5-ppc.cfg
 4 -rw-rw-r--.   1 root mock  1623 Feb 13 02:51 epel-5-x86_64.cfg
 4 -rw-rw-r--.   1 root mock  1536 Feb 13 02:51 epel-6-i386.cfg
 4 -rw-rw-r--.   1 root mock  1273 Feb 13 02:51 epel-6-ppc64.cfg
 4 -rw-rw-r--.   1 root mock  1526 Feb 13 02:51 epel-6-x86_64.cfg
 4 -rw-rw-r--.   1 root mock  1652 Feb 13 02:51 epel-7-x86_64.cfg
 4 -rw-rw-r--.   1 root mock  1787 Feb 13 02:51 fedora-19-armhfp.cfg
 4 -rw-rw-r--.   1 root mock  1793 Feb 13 02:51 fedora-19-i386.cfg
 4 -rw-rw-r--.   1 root mock  1782 Feb 13 02:51 fedora-19-ppc64.cfg
 4 -rw-rw-r--.   1 root mock  1888 Feb 13 02:51 fedora-19-ppc.cfg
 4 -rw-rw-r--.   1 root mock  1781 Feb 13 02:51 fedora-19-s390.cfg
 4 -rw-rw-r--.   1 root mock  1783 Feb 13 02:51 fedora-19-s390x.cfg
 4 -rw-rw-r--.   1 root mock  1788 Feb 13 02:51 fedora-19-x86_64.cfg
 4 -rw-rw-r--.   1 root mock  1837 Feb 13 02:51 fedora-20-armhfp.cfg
 4 -rw-rw-r--.   1 root mock  1859 Feb 13 02:51 fedora-20-i386.cfg
 4 -rw-rw-r--.   1 root mock  1842 Feb 13 02:51 fedora-20-ppc64.cfg
 4 -rw-rw-r--.   1 root mock  1960 Feb 13 02:51 fedora-20-ppc.cfg
 4 -rw-rw-r--.   1 root mock  1847 Feb 13 02:51 fedora-20-s390.cfg
 4 -rw-rw-r--.   1 root mock  1843 Feb 13 02:51 fedora-20-s390x.cfg
 4 -rw-rw-r--.   1 root mock  1842 Feb 13 02:51 fedora-20-x86_64.cfg
 4 -rw-rw-r--.   1 root mock  1849 Feb 13 02:51 fedora-21-aarch64.cfg
 4 -rw-rw-r--.   1 root mock  1837 Feb 13 02:51 fedora-21-armhfp.cfg
 4 -rw-rw-r--.   1 root mock  1859 Feb 13 02:51 fedora-21-i386.cfg
 4 -rw-rw-r--.   1 root mock  1841 Feb 13 02:51 fedora-21-ppc64.cfg
 4 -rw-rw-r--.   1 root mock  1849 Feb 13 02:51 fedora-21-ppc64le.cfg
 4 -rw-rw-r--.   1 root mock  1851 Feb 13 02:51 fedora-21-s390.cfg
 4 -rw-rw-r--.   1 root mock  1842 Feb 13 02:51 fedora-21-s390x.cfg
 4 -rw-rw-r--.   1 root mock  1842 Feb 13 02:51 fedora-21-x86_64.cfg
 4 -rw-rw-r--.   1 root mock  1849 Feb 13 02:51 fedora-22-aarch64.cfg
 4 -rw-rw-r--.   1 root mock  1837 Feb 13 02:51 fedora-22-armhfp.cfg
 4 -rw-rw-r--.   1 root mock  1859 Feb 13 02:51 fedora-22-i386.cfg
 4 -rw-rw-r--.   1 root mock  1841 Feb 13 02:51 fedora-22-ppc64.cfg
 4 -rw-rw-r--.   1 root mock  1849 Feb 13 02:51 fedora-22-ppc64le.cfg
 4 -rw-rw-r--.   1 root mock  1851 Feb 13 02:51 fedora-22-s390.cfg
 4 -rw-rw-r--.   1 root mock  1842 Feb 13 02:51 fedora-22-s390x.cfg
 4 -rw-rw-r--.   1 root mock  1842 Feb 13 02:51 fedora-22-x86_64.cfg
 4 -rw-rw-r--.   1 root mock  1026 Feb 13 02:51 fedora-rawhide-aarch64.cfg
 4 -rw-rw-r--.   1 root mock  1011 Feb 13 02:51 fedora-rawhide-armhfp.cfg
 4 -rw-rw-r--.   1 root mock  1034 Feb 13 02:51 fedora-rawhide-i386.cfg
 4 -rw-rw-r--.   1 root mock  1014 Feb 13 02:51 fedora-rawhide-ppc64.cfg
 4 -rw-rw-r--.   1 root mock  1024 Feb 13 02:51 fedora-rawhide-ppc64le.cfg
 4 -rw-rw-r--.   1 root mock  1018 Feb 13 02:51 fedora-rawhide-s390.cfg
 4 -rw-rw-r--.   1 root mock  1015 Feb 13 02:51 fedora-rawhide-s390x.cfg
 4 -rw-rw-r--.   1 root mock  1160 Feb 13 02:51 fedora-rawhide-sparc.cfg
 4 -rw-rw-r--.   1 root mock  1020 Feb 13 02:51 fedora-rawhide-x86_64.cfg
 4 -rw-rw-r--.   1 root root  1751 Feb 13 02:51 logging.ini
12 -rw-rw-r--.   1 root mock 11584 Feb 13 02:51 site-defaults.cfg
$ sudo usermod -a -G mock wbaker

$ emacs -nw /etc/mock/site-defaults.cfg
$ diff orig.site-defaults.cfg site-defaults.cfg
18a19
> config_opts['basedir'] = '/local/mock/'
19a21
> config_opts['cache_topdir'] = '/build/cache/mock'
72a75
> config_opts['createrepo_on_rpms'] = True

$ sudo mkdir /local/mock
$ sudo chown mockbuild:mock /local/mock
$ sudo chmod u=rwx,g=rwxs,o=rx /local/mock
$ ls -alsd /local/mock
4 drwxrwsr-x. 2 mockbuild mock 4096 Apr 20 19:50 /local/mock

 $ ls -als waist.cfg
4 -rw-rw-r--. 1 wbaker mock 2267 Apr 20 20:06 waist.cfg
$ sudo rm default.cfg ; sudo ln -s waist.cfg default.cfg
$ ls -als waist.cfg default.cfg
0 lrwxrwxrwx. 1 root   mock    9 Apr 20 20:22 default.cfg -> waist.cfg
4 -rw-rw-r--. 1 wbaker mock 2267 Apr 20 20:06 waist.cfg
$ diff fedora-20-x86_64.cfg napoleon.cfg
0a1,2
> config_opts['resultdir'] = '/build/fedora/20/rebuilt'
> 
5c7
< config_opts['dist'] = 'fc20'  # only useful for --resultdir variable subst
---
> config_opts['dist'] = 'fc20-wcb'  # only useful for --resultdir variable subst
23a26,49
> 
> [rebuilt]
> name=rebuilt
> baseurl=file:///build/fedora/20/rebuilt
> gpgkey=file:///etc/pki/mock/RPM-GPG-KEY-fedora-20-primary
> # we built these
> gpgcheck=0
> sslverify = 0
> # default is 1000, nfs-based (file://) costs 10, local-based (file://) costs 1, mock rebuilt costs 2
> cost = 2
> enabled = 1
> failovermethod=priority
> 
> [areas-fedora-repos-collected-20]
> name=/areas/fedora, Fedora 20, collected
> #baseurl=http://fedora.http.sanguine.emerson.baker.org/20/collected
> baseurl=file:///areas/fedora/repos/20/collected
> gpgkey=file:///etc/pki/mock/RPM-GPG-KEY-fedora-20-primary
> gpgcheck=1
> sslverify = 0
> # default is 1000, nfs-based (file://) costs 10, local-based (file://) costs 1
> cost = 10
> enabled = 1
> failovermethod=priority

Ready to go!

$ mock --rebuild /areas/fedora/repos/20/collected/src/filesystem-3.2-19.fc20.src.rpm

The Authority Report by Parse.ly, Reports 3-7 (2013 & 2014)

  • Report #7What is the Lifestpan of an Article?; 2014-Q3
  • Report #6What Makes a Good Digital Deadline?; 2014-Q2
  • Report #5What Impact do Loyal Readers Have on a Site?; 2014-Q1
  • Report #4How Efficient Is The News?; 2014-01
  • Report #3How do People Consume the News?; 2013-Q3

Via: Parse.ly of Facebook

Actualities

Via: backfill

Why Scott Ahronson Is Not An Integrated Information Theorist (or, The Unconscious Expander) | Scott Ahronson

Scott Ahronson; Why I Am Not An Integrated Information Theorist (or, The Unconscious Expander); In His Blog entitled Sshtetl-Optimized; 2014-05-14(ish).

Mentioned

Context

Integrated Information Theory (IIT)

<quote>When, in the comment thread about Max’s Mathematical Universe Hypothesis, [Scott Ahronson] expressed doubts about IIT, Max challenged [Scott Ahronson] to back up my doubts with a quantitative calculation.</quote>

Opera

Papers

Essays

Vulgarizations

Definitions

In order of appearance in the essay.

Via: previous note.

Swirl Networks (Swirl)


Swirl

Concept

  • Indoor mobile marketing

Lines of Business

  • Swirl for Retailers
  • Swirl for Publishers
  • Swirl for Advertisers
    • Swirl Audience Network
    • Swirl Ad Exchange (SWx)

Mentions

  • Boston, MA
  • 30 employees
  • Funding
    • Series C is $18M
    • Total: $32M
  • Investors
    • Twitter Ventures
    • Hearst Ventures
    • Softbank Capitals
    • Longworth Venture Partners
    • General Catalyst Partners
  • Business Model
    <quote cite=”ref“>Swirl makes money in three ways.

    1. It sells software subscriptions to retailers who want to use its technology to build an ad network in their stores.
    2. The startup also gets a percentage of any advertising buys that are made by outside marketers, and
    3. a percentage of the money that retailers might spend to get their store’s offers featured in third-party shopping apps that partner with Swirl.</quote>
  • SecureCast™ beacon protocol (a proprietary protocol)
  • Swirl App
    • Android, Manager & Configurator
    • iOS, SWIRL In-Store Explorer
  • Support
    • Beacon (Bluetooth Low Energy)
    • does not support NFC
    • Something vague about Apple Pay (or not) <quote>provides a seamless way for retailers and brands to measure the effectiveness of their in-store mobile marketing efforts by closing the loop between beacon-triggered messages/offers and actual consumer purchases in the store.”</quote> attributed to Rob Murphy.
  • Customers
    • Alex and Ani
    • Hudson’s Bay
    • Lord & Taylor
    • Marriott
    • Timberland.
    • Urban Outfitters
  • Relationships
    • Condé Nast, an app publisher
    • SnipSnap, a coupon app
    • Hearst, an app publisher, also an investor
    • Motorola Solutions (Zebra Technologies), indoor location system, MPact.
      a partnership to sell Swirl’s beacon+app+marketing cloud; standalone and bundled with Motorola’s MPact indoor location service+rigging.
  • Positioning
    • The tech is “done”
    • The money is for sales & marketing outreach.
    • Something about how the new investors (i.e. Twitter) will help.
  • Something about wearables.
  • Something about building an RTB interface.
  • Swirl Ad Exchange (SWx)
    <quote cite=”ref“>Swirl’s programmatic ad exchange for proximity-based in-store mobile marketing</quote>

Who

  • Hilmi Ozguc, CEO, Founder
  • Rob Murphy, Vice President Marketing

Scheme

  • Beacons monitor the consumers sojourn times in known locations
  • Intent & interest is imputed to location & sojourn time.
  • Push notifications are used to incite action out of the consumer on a target or retarget basis.
  • Perhaps Twitter DMs from a robot will notify you.

Use Cases

  • <quote>Estée Lauder and Michael Kors ran in-aisle campaigns in Lord & Taylor stores across the country during the past holiday shopping season. In both cases, the brands would send users who showed intent – signaled by their spending more than a minimum set amount of time in either the beauty department or the handbag department – push notifications to learn more about certain products on display.</quote>
  • <quote>Marriott uses Swirl to target people while they’re in specific places around the hotel. Guests lounging by the pool for more than 15 minutes, for example, might find themselves pinged with a message that says, “How about a free appetizer with your next drink order?”</quote>

Products

  • SecureCastd™ beacons (a proprietary protocol)
  • Swirl Audience Network
  • Swirl Ad Exchange (SWx)
  • Ad Units
    creatives, permissioning, regulatory compliance; multi-page, interactivity, position-triggered.
  • Hardware
    • iBeacon mode
    • SecureCast™ mode
    • BYOB (supply your own gear)
  • Swirl Mobile Client SDK
    • Android
    • iOS
  • Advertising Console (a web site)
    • Programmatic access to (participating publisher) private marketplaces
    • Package Discovery (supply package, media bundles)
    • Campaign management
    • Swirl Creator™
      requires custom creatives to run on their rendering engine & delivery platform
    • Swirl Analytics
  • Publisher SDK
    • For App publishers
    • An SDK
      • Android
      • iOS
    • Compatibilities
      • iBeacon
      • SecureCast™
    • Beacon Signalling
      • detection
      • ranging
      • event logging
      • etc.
    • Consumer Messaging
      • Frequency Capping
      • Regulatory Compliance
  • Publisher Console
    • Inventory Management
    • Ad Operations (notifications, alerts, etc.)
    • Analytics
    • Participation in Swirl Audience Network
    • Partner Permissioning
  • Retail
    • Swirl Targeting Wizard™
      • a rules engine specifier
      • location
      • day part
      • profile management
    • Campaign Management
      • Something about bucket testing

Promotions

Archaeological order, derivative works on top, older material below

Actualities

Swift Beacon PlatformSwift Retailer PlatformSwift Publisher PlatformSwift Advertiser Platform

Via: backfill

On the efficiency of linkbait production as a compensated time-and-materials activity

<quote>Going past the one million page views per day mark means producing 2.44 times more total site content, but it only results in 1.3 times more page views per post. Authors become more efficient at writing stories though: each author produces almost twice as many posts per day than on smaller sites.</quote>
Via: Report #4How Efficient Is The News?; Parse.ly of Facebook; 2014-01; 3 pages.


AVOID: Intel Compute Stick

tl;dr => only runs software provided by Intel.  Will not boot anything but the software delivered with the unit.  This is crippled closed-source hardware.

<quote cite=”ref“> was able to load Ubuntu 14.04.02 64-bit using this method, as well as Ubuntu 15.04 64-bit. But WiFi didn’t work out of the box with either operating system.
Linux Mint 17.1 and Fedora 21 wouldn’t load at all.  was able to access the GRUB bootloader menu with these operating systems, but he couldn’t get the full OS to load.</quote>

Remediation

  • Full specs for all operating systems
  • Just sell the hardware; sell the bare machine (no installed OS).
  • No secret software drivers.
  • Must boot Fedora.
  • Must boot Ubuntu.
  • etc.

Concept

  • A Windows-only version
    • 2GB of RAM
    • 32GB of storage
    • $150
    • Available “now”
  • A Linux (Ubuntu-only) version
    • 1GB of RAM (only)
    • 8GB (only)
    • $110
    • Available “maybe June”

Source: Intel Compute Stick mini-computer (with Windows) review; ; In Liliputing; 2015-04-22.

Actualities

Javascript Object Signing and Encryption (JOSE)

See Javascript Object Signing and Encryption (JOSE) at IETF

draft-ietf-jose-cookbook-08 Examples of Protecting Content using JavaScript Object Signing and Encryption (JOSE) 2014-12-24
draft-ietf-jose-json-web-algorithms-40 JSON Web Algorithms (JWA) 2015-01-13
draft-ietf-jose-json-web-encryption-40 JSON Web Encryption (JWE) 2015-01-13
draft-ietf-jose-json-web-key-41 JSON Web Key (JWK) 2015-01-16
draft-ietf-jose-json-web-signature-41 JSON Web Signature (JWS) 2015-01-16
draft-ietf-jose-jwk-thumbprint-04 JSON Web Key (JWK) Thumbprint 2015-03-03
RFC 7165
(was draft-ietf-jose-use-cases)
Use Cases and Requirements for JSON Object Signing and Encryption (JOSE) 2014-04
draft-bormann-jose-cose-00 Constrained Object Signing and Encryption (COSE) 2014-10-27
draft-jones-jose-key-managed-json-web-signature-00 Key Managed JSON Web Signature (KMJWS) 2015-03-03

MySQL++ v3.1.0 does not support SSL, but v3.2.2 does

Problem Statement

  • Contact a MySQL; c.f. MariaDB v5.5
  • Use mysql++ for C++
    mysql++-3.1.0-13.fc20.x86_64
  • Use SSL for client auth
  • Fedora 20

Indications

  • mysql++ is not built with SSL support.

Diagnosis

  • MySQL++ SSL Support on Linux; some dude using the self-asserted identity token Ryan; On Stack Overflow; 2011-10-17.
    tl;dr => The MySQL v3.1.0 configure fails to find mysql_ssl_set; the bug is fixed in MySQL++ 3.2.0, (claimed) to have been released 2011-10.

Background

Evidences

$ g++ -std=c++11 -o mysqlpp-ssl mysqlpp-ssl.cpp -DMYSQLPP_MYSQL_HEADERS_BURIED $(mysql_config --cflags --libs) -lmysqlpp
$ ./mysq2lpp-ssl
./mysq2lpp-ssl: error, bad option 'Option not supported by database driver v5.5.41-MariaDB'
#include "mysql++/mysql++.h"
#include <iostream>

namespace {
  char const *const NAME = "mysq2lpp-ssl";
}
auto main(int argc, char *argv[]) -> int {
  try {
    char const *const database = "mysql";
    char const *const hostname = "db.example.com";
    char const *const username = "wbaker";
    char const *const password = "password";
    char const *const key = "/etc/pki/myclient/key.pem";
    char const *const cert = "/etc/pki/myclient/cert.pem";
    char const *const ca = nullptr;
    char const *const capath = "/etc/pki/myclient/ca";
    char const *const cipher = nullptr;
    mysqlpp::Connection conn;
    conn.set_option(new mysqlpp::SslOption(key, cert, ca, capath, cipher));
    if ( !conn.connect(database, hostname, username, password) || !conn.connected()) {
      throw mysqlpp::ConnectionFailed("because");
    }
    std::cout << "OK!\n";
    return 0;
  } catch (mysqlpp::BadOption const &e) {
    std::cerr << NAME << ": error, bad option '" << e.what() << "'\n";
  }
  return 1;
}
$ mock --rebuild ~/Downloads/mysql++-3.2.2-1.src.rpm
...todo...

Opportunistic Encryption in Firefox 37

(Mozilla); Opportunistic Encryption For Firefox; In His Blog entitled Bits Up!; 2015-03-27.

Mentioned

  • Firefox 37
  • Opportunistic Encryption (OE)
  • HTTP/2
  • (response header) Alt-Svc: h2=":443" or spdy/3.1
  • Requirements
    • HTTP/2
    • <quote>OE is not available with HTTP/1 servers because that protocol does not carry the scheme as part of each transaction which is a necessary ingredient for the Alt-Svc approach.</quote>
  • Recipe
    1. <quote>Install a TLS based h2 or SPDY server on a separate port. 443 is a good choice :) . You can use a self-signed certificate if you like because OE is not authenticated.
    2. Add a response header Alt-Svc: h2=":443" or Alt-Svc: spdy/3.1=":443" if you are using a SPDY-enabled server like nginx.</quote>
  • draft-ietf-httpbis-alt-svc-04HTTP Alternative Services; M. Nottingham (Akamai), P. McManus (Mozilla), J. Reschke (greenbytes); Internet Draft; IETF; 2014-10-27, expires: 2015-04-30.

Context

From: draft-ietf-httpbis-alt-svc-04

9.4. Tracking Clients Using Alternative Services

   The Alt-Used header field (Section 5) provides a server with one
   additional bit of information that can be used to correlate requests.

   Clients concerned by the additional fingerprinting can choose to
   ignore alternative service advertisements.

   In a browser, any alternative service information MUST be removed
   when origin-specific data is cleared (for instance, when cookies are
   cleared).

Snapchat Discover (channel)

In archaeological order…

Fusion Preps Five New Shows for Snapchat Discover Channel; ; In Advertising Age; 2015-04-17.
Teaser: All Five Series Will Air Vertically in Fullscreen, Which Is Unique to Snapchat

Mentioned

  • Fusion
    • a joint venture: ABC & Univision
    • Snapchat Discover (channel)
    • Not available in the US.
    • Boris Gartner, Chief Strategy Officer
  • Snapchat Discover (channel)
    • Five new shows
    • late 2015
    • Generally unscripted
    • Tuned to an international demographic
  • Media
    • Vertical aspect ratio (cellphone handset viewing)
  • New Shows
    • The Artisans
      • inherited family traditions
    • Weird Threads
      • Jonas Bell Pasht, direcctor
      • popular clothing trends
    • Science Fiction, Science Fact
      • techn news riffs using old science fictio movies as a foil
    • Capitals
      • city travel log
      • Initial: Sao Paolo BR
    • Off the Record
      • music deconstruction
      • music historiography
  • Existing & Old Shows
    • Outpost
      • webisode type thing
      • “Series 1″ (“Season 1″)
        • travel docum-series-drama something.
        • 7 episodes
        • WHEN? -> 2015-04-08
      • Series 2
        • 2015-04-22 -> WHEN
    • SnapperHero
      • Sponsored by AT&T
      • Millennials & Homelanders (Teens)
      • 120,000 views/episode average
  • Video Delivery “Platforms”
    • (regular) television
    • YouTube
    • Instagram
    • Snapchat
    • Hulu
    • Vine (Twitter)
  • Quoted
    • Boris Gartner, Chief Strategy Officer, Fusion

Via: backfill


Inside Snapchat’s original media ambitions; John McDermott; In Digiday; 2015-01-22.

Mentions

  • Discover (portal, channel, syndication, whatever)
    • Launch 2015-02-01(ish)
    • Owned & affiliate media
    • The “young” demographic
    • Model
      • revshare with original publisher
    • Partners
      • CNN
      • ESPN
      • Vice
    • Not Partner
      • Vevo
  • Snapchat
    • Founded 2011(ish)
    • “tens of millions” of consumers
  • Owned media
    • Our Story
      • Curated “snaps” of an event
      • Start 2014-06
      • World Cup
  • Advertisements
    • pre-roll video
    • in-message banners
    • $0.15 -> $0.30 CPM
      Claim: YouTube sells for $0.10 CPM.
    • Revshare is we-sell/you-sell
      • publisher-Shapchat = 50-50 if Snapchat sources the deal.
      • publisher-Snapchat = 70-30 if publisher sources the deal.
      • Deals good for “six months”
  • Sources
    • Sony hack emails used as sources for the Vevo-vs-Snapchat business negotiations
    • LinkedIn profile pages used as sources for Snapchat’s media plans, by correlation with personalities & job roles.
  • Who
    • Rio Caraeff, CEO, Vevo
    • Michael Lynton, board member, Snapchat
    • Evan Spiegel, CEO, Snapchat.
    • Shapchat recent hires (sourced via LinkedIn)
      • Nick Bell, GM of Discover; since 2014-04; previous: SVP News Corp.
      • Ellis Hamburger, reporter; since 2014-11; ex: Verge
      • Nicole James, creative; ex: bloggist, self-employed.
      • Matt Krautstrunk, video editor; ex: video editor, self-employed.
      • C.J. Smith, producer; ex: video editor, self-employed.
      • Greg Wacks, strategist; ex: MTV, VH1
      • Don Smith, key grip
      • Kyle Goodrich, animator.
  • Quoted
    for color, background & verisimilitude

    • KC Estenson, no current affiliation; ex- “head of digital” CNN
  • Similarities
    with other captive media distributors
    editorialized by the reporter as (where others have failed before)


Messaging App Snapchat Turns Publisher Portal; ; In Advertising Age; 2015-01-17.
Teaser: ESPN, Vice, Yahoo News Sign on as Launch Publishers

Mentions

  • Snapchat
    • adware
    • (Mobile) messaging
    • Disappearing txt/tweet/msgs
  • Discover
    • A publisher portal
    • 10 stories daily
    • Model
      • Publishers run their own ads against their own media.
      • Sub-publisher revshare of media sold bcak with the venue (Discover)
      • Ad units are cheaper than “regular” Snapchat ads.
    • Partners
      • ESPN
      • Vice
      • CNN
      • Yahoo News
      • People
      • National Geographic
      • House (Snapchat house ads)
  • Consumer Experience
    • <quote>After people navigate to the app’s Discover section, they can click on one of the publishers’ logos. That will open up that publisher’s daily edition. People can swipe through each of the day’s stories and view 10-second previews of each. If they like what they see, they can swipe up to check out the whole thing.</quote>
    • “Subchannels” or “Subsites” within the host container app.
  • Advertisers, are brought in by the publisher
    • BMW on CNN
    • Ritz Crackers on Food Network
    • T-Mobile, Macy’s, Stride, Oxygen’s Street Art Throwdown
    • GrubHub on Vice
  • Content, is supplied by the publisher
    • ESPN
      • J. J. Watt (NFL) & Katy Perry
      • SportCenter Top 10 NBA clips
      • Atlanta Hawks photo gallery
    • Daily Mail
      • their stuff
    • Vice
      • 10 verticals
  • Similarities
    editorialized by the reporter

    • Facebook
    • Twitter
    • YouTube of Google
  • Quoted
    for background, color & verisimilitude

    • Gian LaVecchia, managing partner-digital content marketing for North America, MEC..

News and Ads to Debut on Snapchat; Gillian Tan, Douglas MacMillan,Jack Marshall; In The Wall Street Journal (WSJ); 2014-08-19.
Teaser: With 27 Million Users, the Mobile App Looks to Bring in News Content and Sell Ads to Go With It

Mentioned

  • Discover (channel, portal, syndication, hub, whatever)
  • Announced to commence: 2014-11
  • Partners
    • MailOnline, of Daily Mail, UK
  • Backstory
    • Funding
      • Valued at $2B in VC stockpuffery.
      • Declined $3B offer from Facebook
      • Alibaba Group Holding Ltd. passed on investment 2014-07
        Shapchat was purveyed to them as a $10B endeavor.
      • They need more money, or actual topline revenue.
    • Intensity
      • 700M snaps/day
      • 14 checkins/day/consumer
    • demographics
      • 50% age 13-17
  • Advertisers
    • Yum Brands, Taco Bell
    • GrubHub
  • Sources
    • An investor slide deck; not shown.
    • Digiday reporting, not cited clearly.
  • Who
    • Evan Spiegel, CEO, Snapshat
  • Quoted
    For color, background & verisimilitude

    • David Berkowitz, chief marketing officer, MRY (an ad agency).
    • Abby Hunt, press relations, GrubHub (Chicago IL)
  • Similarities
    • WhatsApp of Facebook
      subscription is $1/year.
    • Line
      in-app purchases of ephemera; $170M/year 2013.
    • WeChat of Tencent Holdings LTD
      videogame in-app purchases

Printing with CUPS & GNOME & LibreOffice under Fedora 20

Previously: LibreOffice printing Does.Not.Work. Not with GNOME, not with manual config, not at all. And maybe never has.; 2014-12-02
Frustration: very high


Success Recipe

GNOME

  • GNOME applications have their own print dialog; it works with CUPS.
  • GNOME print dilog can listen to IPP broadcasts
  • GNOME applications “just work.”

Verdict: GNOME printing “just works.”  Full Stop.

LibreOffice

  • LibreOffice applications have their own print dialog that might not work with CUPS.
  • LibreOffice print dialog cannot listen to IPP broadcasts
  • LibreOffice printing must be configured on a per-machine basis with spadmin
    • This can be done on a site-wide basis by superuser
    • This can be done on a per-user basis by the consumer.
  • Absent appropriate configuration, “Generic Printer” is the LibreOffice method
    This seems to just call lpr (/usr/bin/lpr) without any further arguments
    Of course, if printing is not manually configured (see above), this will fail silently.

Verdict: LibreOffice does not “just work”; you have to know a lot to get it configured correctly.

Details

  • /usr/lib64/libreoffice/program/spadmin
  • Configuration Files
    • /usr/lib64/libreoffice/share/psprint/psprint.conf
    • ~/.config/libreoffice/4/user/psprint/psprint.conf

Context

  • Two proud & storied developer groups: GNOME & LibreOffice.
  • Both implement a print dialog for their applications & suitable for their culture.
  • Neither dialog system works with the other.
  • Neither is willing to work with the other and change anything.
  • The consumer is left with: “does not work.”

Invariants

  • Internet Printing Protocol (IPP)
    • port 631
    • tcp/631 for client out connecting to cupsd (server)
    • udp/631 for server broadcasting availability of printers on the subnet
  • FirewallD of Fedora
    • May or may not allow anything but ssh (port 22) by default; tThis has varied across the releases.
    • Default in Fedora 20+ is to run firewalld with aggressive blocking (it’s a nasty world out there).

Ancillary

  • firewall-config
    sudo firewall-config
  • system-config-printer
    sudo system-config-printer
  • /usr/lib64/libreoffice/program/spadmin
    sudo /usr/lib64/libreoffice/program/spadmin

Evidence

$ cat /etc/fedora-release
Fedora release 20 (Heisenbug)
$ rpm -q -f /usr/bin/libreoffice
libreoffice-core-4.2.8.2-7.fc20.x86_64
$ rpm -q cups
cups-1.7.5-13.fc20.x86_64
$ rpm -q -a | grep system-config-print
system-config-printer-udev-1.4.7-1.fc20.x86_64
system-config-printer-1.4.7-1.fc20.x86_64
system-config-printer-libs-1.4.7-1.fc20.noarch
$ rpm -q -a | grep firewall-config
firewall-config-0.3.13-1.fc20.noarch

To ensure that the local print server is broadcasting…

$ sudo tcpdump -i em1 'port 631'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em1, link-type EN10MB (Ethernet), capture size 65535 bytes
12:15:56.433174 IP loolie.sanguine.local.ipp > broadcast.sanguine.local.ipp: UDP, length 257
12:15:56.433199 IP loolie.freerange.local.ipp > broadcast.wireline.freerange.local.ipp: UDP, length 256
12:15:56.433203 IP loolie.wireline.foreign.local.ipp > broadcast.wireline.foreign.local.ipp: UDP, length 256
12:15:56.436333 IP joubijou.sanguine.local.ipp > broadcast.sanguine.local.ipp: UDP, length 260
12:15:56.436341 IP joubijou.freerange.local.ipp > broadcast.wireline.freerange.local.ipp: UDP, length 259
12:15:56.436388 IP joubijou.wireline.foreign.local.ipp > broadcast.wireline.foreign.local.ipp: UDP, length 259

firewalld

Configure the host’s firewall to allow IPP announcements to be received.

GNOME

  • GNOME print dialog “just works” with GNOME apps & CUPS.
    Exhibit with gedit.

LibreOffice

  • Host requires configuration via system-config-printer
  • Host requires configuration via spadmin
system-config-printer

Establish a manually-defined printer which pulls from the IPP-available printer on the print server.  You have to do this because LibreOffice’s print dialog cannot understand the IPP broadcast messages that are flying about.  LibreOffice can only shoot at an existing IPP printer (via cupsd) that you have defined manually.

spadmin of LibreOffice

Now you have to manually configure LibreOffice to use the manually-configured printer that you just manually configured.  This is a manual step that you must manually repeat for each host and consumer that you manage.  Manually.

 

UNSOLVABLE: Error constructing proxy for org.gnome.Terminal:/org/gnome/Terminal/Factory0: Could not connect: Connection refused

Context

$ ssh -Y -A remote.example.com gnome-terminal
Error constructing proxy for org.gnome.Terminal:/org/gnome/Terminal/Factory0: Could not connect: Connection refused

There is no known solution for this. All folklore points to irrelevancies or non-solutions. They are in decreasing order of violence:

  1. reboot
  2. reinstall gnome-terminal (and hope)
  3. change the locale to en_US.UTF-8
  4. Something about vte3 contra vte3_mock_fix
  5. use xterm or xrvt

Of course this last point isn’t so much advice as it is capitulation that gnome-terminal is broken and nobody can do anything about it.

Many of the complaints refer to GNOME 3.12 and GNOME 3.14. The experience here is on GNOME 3.8 of RHEL7. So this won’t be fixed any time soon any newer release. It’s just broken.

Many of the complaints end with Suddenly works again, never mind

Indeed, sometimes the problem just “goes away.”

Referenced

All are discursive or ignored; none are helpful.

Verified that NO_AT_BRIDGE=1 does shut it up.

ssh -Y -A remote.example.com NO_AT_BRIDGE=1 gnome-terminal

Background

gnome-terminal-3.8.4-8.el7.x86_64
vte3-0.34.6-3.el7.x86_64
$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.0 (Maipo)

Locale

The locale is already appropriate:

$ locale
LANG=en_US.UTF-8
LC_CTYPE="en_US.UTF-8"
LC_NUMERIC="en_US.UTF-8"
LC_TIME="en_US.UTF-8"
LC_COLLATE="en_US.UTF-8"
LC_MONETARY="en_US.UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_PAPER="en_US.UTF-8"
LC_NAME="en_US.UTF-8"
LC_ADDRESS="en_US.UTF-8"
LC_TELEPHONE="en_US.UTF-8"
LC_MEASUREMENT="en_US.UTF-8"
LC_IDENTIFICATION="en_US.UTF-8"
LC_ALL=

Using SSL with MariaDB (MySQL)


# Create clean environment
shell> rm -rf newcerts
shell> mkdir newcerts && cd newcerts

# Create CA certificate
shell> openssl genrsa 2048 > ca-key.pem
shell> openssl req -new -x509 -nodes -days 3600 \
         -key ca-key.pem -out ca.pem

# Create server certificate, remove passphrase, and sign it
# server-cert.pem = public key, server-key.pem = private key
shell> openssl req -newkey rsa:2048 -days 3600 \
         -nodes -keyout server-key.pem -out server-req.pem
shell> openssl rsa -in server-key.pem -out server-key.pem
shell> openssl x509 -req -in server-req.pem -days 3600 \
         -CA ca.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem

# Create client certificate, remove passphrase, and sign it
# client-cert.pem = public key, client-key.pem = private key
shell> openssl req -newkey rsa:2048 -days 3600 \
         -nodes -keyout client-key.pem -out client-req.pem
shell> openssl rsa -in client-key.pem -out client-key.pem
shell> openssl x509 -req -in client-req.pem -days 3600 \
         -CA ca.pem -CAkey ca-key.pem -set_serial 01 -out client-cert.pem

mysql> show global variables like '%ssl%'; 
+---------------+---------------------------------------+
| Variable_name | Value                                 |
+---------------+---------------------------------------+
| have_openssl  | YES                                   |
| have_ssl      | YES                                   |
| ssl_ca        | /etc/pki/mysql/root/ca-bundle.pem     |
| ssl_capath    |                                       |
| ssl_cert      | /etc/pki/mysql/server/cert.pem        |
| ssl_cipher    |                                       |
| ssl_key       | /etc/pki/mysql/server/key.pem         |
+---------------+---------------------------------------+
7 rows in set (0.00 sec)

MariaDB [(none)]> status;
--------------
mysql  Ver 15.1 Distrib 5.5.41-MariaDB, for Linux (x86_64) using readline 5.1

Connection id:		5
Current database:	
Current user:		wbaker@devbox.example.com
SSL: Cipher in use is DHE-RSA-AES256-GCM-SHA384
Current pager:		stdout
Using outfile:		''
Using delimiter:	;
Server:			MariaDB
Server version:		5.5.41-MariaDB MariaDB Server
Protocol version:	10
Connection:		mysql.example.com via TCP/IP
Server characterset:	latin1
Db     characterset:	latin1
Client characterset:	utf8
Conn.  characterset:	utf8
TCP port:		3306
Uptime:			8 min 50 sec

Threads: 1  Questions: 10  Slow queries: 0  Opens: 0  Flush tables: 2  Open tables: 26  Queries per second avg: 0.018
--------------

GRANT ALL PRIVILEGES ON test.* TO 'someuser'@'somehost'
  REQUIRE
      ISSUER '/C=US/ST=RedState/L=Thistown/O=MySQL Trust Authority 99/CN=The Man/emailAddress=ca@example.com'
  AND SUBJECT '/C=US/ST=BlueState/L=Thattown/O=ACME Widgets/CN=John Doe/emailAddress=john.doe@example.com';

Estimote SDK

Standard

20 bytes 160 bits Estimote Identifier
16 bytes 128 bits Proximity UUID
2 bytes 16 bits Major
2 bytes 16 bit Minor
  • Proximity UUID: B9407F30-F5F8-466E-AFF9-25556B57FE6D
    • The demonstration app looks for these
  • Major: 16-bit random
  • Minor: 16-bit random

Folklore

Futures

Concepts

  • distance is RSSI

Analysis of OpenX-Publishers Cooperation | Olejnik, Castelluccia

Lukasz Olejnik, Claude Castelluccia; Analysis of OpenX-Publishers Cooperation; In Proceedings of Hot Privacy Enhancing Technologies Symposium (HotPETS); 2014-07-18; 10 pages.

  • Understood as “Analysis of Cooperation between OpenX and Publishers”
  • University researcher discovers the First Party Exchange,.exposé follows.

Abstract

Real-Time Bidding is a protocol enabling the serving of advertisements. It involves Ad Exchanges, bidders and publishers. In this note, we report the findings of cooperation between OpenX Ad Exchange and selected publishers. The setting has potentially important implications for Web users privacy and security. For example, Web browser mechanisms responsible for blocking third-party cookies are rendered ineffective.

Mentions

General Motors presents Cadillac ELR promotional images with Creative Commons 3.0

<quote>GM images from this Web site are protected by copyright but provided for use under a Creative Commons 3.0 License for the purpose of editorial comment only. The use of these images for advertising, marketing, or any other commercial purposes is prohibited. These images can be cropped, but may not be altered in any other way, and each should bear the credit line “© General Motors.” General Motors makes no representations with respect to the consent of those persons appearing in these photos, or with regard to the use of names, trademarks, trade dress, copyrighted designs or works of art or architecture that are not the intellectual property of General Motors.</quote>

Cadillac ELR image license

Source: gallery
See also studies, credits

Eigenmorality | Scott Ahronson

Scott Ahronson; Eigenmorality; In His Blog entitled Shtetl-Optimized; 2014-06-18.

tl;dr => discursive, something about his senior MIT advisee, eigenvalue problems nad climate change; he filed it under Nerd Interest, The Fate of Humanity.

<quote>Again, I think Rebecca Goldstein’s Plato is completely right that such a system, were it implemented, couldn’t possibly solve the philosophical problem of finding the “ultimate ground of justice,” just like Google can’t provide us with the “ultimate ground of importance.”  If nothing else, we’d still need to decide which of the many possible eigentrust metrics to use, and we couldn’t use eigentrust for that without risking an infinite regress.  But just like Google, whatever its flaws, works well enough for you to use it dozens of times per day, so a crowd-sourced eigendemocracy might—just might—work well enough to save civilization.</quote>

Mentioned

Via: backfill.

MySQL++ v3.2.2 User Manual

Documents

Mentions

  • Specialized SQL Structures (SSQLS)

Classes