Today I finished securing my Sexy Linux Box (TM) as much as I probably will. The Sexy Linux Box is a desktop in my office that has been converted to a RedHat Linux pseudo-webserver for me to work with (not related to podcasting). Well, there’s nothing “pseudo” about it except that it’s locked down enough to not be visible or accessible from the outside world.
Setting up and securing the box was pretty damn easy, despite the fact that N. and the Bronz-E One both wailed about the fact that I would have to learn iptables. I got to work early this morning, read the relevant background info on firewalls and iptables syntax, and N. and I had the firewall set up within 15 – 20 minutes, probably, not counting extraneous chit chat.
The rest of the day was spent tinkering with the Apache server (Michael, remind me to chat with you about setting up that beast of yours…) to make it do exactly what I want it to do.
All day was search, tweak, reload, search, tweak, reload, (re)search, tweak, reload, repeat. I started working at 07:30. I worked through lunch. I happened to have a breakthrough at about five minutes ’til 17:00.
I love it. To me, this is better than coding all day (something I think my father only recently realized is not suited to me), although the two are not dissimilar.
This is also the part I love about chemistry research–hacking out and tweaking methods. Analyzing to find what’s wrong–N. kept picking at how many terminals I had open today, but I needed them all: one was real-time tailing Apache’s access_log, another was real-time tailing Apache’s error_log, one was open and sudo’d so I can restart Apache with two keypresses (up, enter), one was sudo’d and in the relevant HTML directory so I could easily change permissions, etc., etc. Then there were two Emacs windows open–one for httpd.conf and another for the .htaccess. And that was on one Gnome screen. One of the other three had a phony client set up so I could ensure correct permissions with my second Kerberos login (which should be rejected, per the .htaccess file, blah, blah). Etc., etc.
I’m a messy worker, but I get things done, and I hate to be stingy with my time when results are expected (much to the chagrin of my current pseudo-boss).
Oh, so I should probably explain the “Boo boo!” thing. Yesterday, N. and I were going through the Apache setup, and in the configuration file, you can specify the document loaded when certain errors occur (like a 404–“Page not found”). One of the errors is an HTTP 500 error–I’ve seen this when I goofed up something in an ASP file (either in input or the processing) and the server choked on it. I’d imagine PHP and CGI could do the same things, as well as poor server configuration (as I found out in my tweaking today).
The default error message spewed for a Internal Server Error 500 in Apache? “The server made a boo boo.”
I shit you not. That about killed me. I made sure that error was enabled so I could see it if it came up during my fun.
This morning I got the joy of seeing it. A poorly configured .htaccess, I think, a reload of the page on my laptop, and…
“The server made a boo boo.”
It was one of those moments when I forgot it was supposed to do that, and I kind of went, “What the fu–oh! *rotflmao*” I was way too delighted to see this, particularly given that it meant something was wrong…
So work is fun. Work is very social, despite the fact that I wear headphones and try not to wander out of my office unless I need to use the bathroom. I don’t like to give myself distractions when I’m being paid to work…
Anyway, early to bed, early to rise. Life is good. Except for some things. Some things are bad right now. But I’m not going to fixate on them…