Thursday, May 30, 2013

Exciting new puzzles! Brought to you by vpnc!

I wanted to connect to my employer's VPN, so I typed "vpnc" with the usual parameters. After entering my password (etc), my computer claimed to be connected, but I couldn't resolve any hostnames. Huh? I typed "vpnc-disconnect" (as root), and was told
no vpnc found running
Harrumpf. So I restored /etc/resolv.conf (vpnc puts some rfc1918 addresses in there, which is what my company's intranet uses for DNS), and tried to run vpnc again.

No joy: it couldn't find the IP address of my company. In fact, nothing outside the house was reachable. Why not?

collin@p3:~> netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
xxx.yyy.zz.ww UGH    1500 0          0 eth0   U         0 0          0 eth0     U         0 0          0 eth0       U         0 0          0 lo
(xxx.yyy.zz.ww is my company's vpn gateway). Well, there's no default route, for one thing! So I tried this:
collin@p3:~> sudo route add default
SIOCADDRT: No such device
Gaaa... it's been too long since I typed that string. What's the incantation required?
collin@p3:~> man route
ROUTE(8)                   Linux Programmer's Manual                  ROUTE(8)

       route - show / manipulate the IP routing table

       route [-CFvnee]

       route  [-v]  [-A  family]  add [-net|-host] target [netmask Nm] [gw Gw]
              [metric N] [mss M] [window W]  [irtt  I]  [reject]  [mod]  [dyn]
              [reinstate] [[dev] If]
OK, that gave me the needed clue; I was missing the magic word gw, so I typed:
collin@p3:/mnt/home/collin> sudo route add default gw
and voilà, everyting started working!
collin@p3:/mnt/home/collin> netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface   U         0 0          0 eth0     U         0 0          0 eth0       U         0 0          0 lo UG 0 0 0 eth0
The default route (in yellow) appeared, and I could do everything I needed.

Why did vpnc hose my routing table then abort? I don't know; I suppose this old IBM lease-return has some hardware problems. But they only affect me once in a while, so since it ain't totally broken, I won't replace it.

The Rich Man and Lazarus

Last weekend's brilliant sermon unpacked the parable of the rich man and Lazarus from Luke 16.

Our teacher, Charley Scandlyn, pointed out that Lazarus was the only person in all the parables of Jesus who is given a name. This reminded me, a few days later, of a Hebrew proverb that says something about a name being better than riches, and I found it this morning:

A good name is more desirable than great riches;
      to be esteemed is better than silver or gold.  
Proverbs 22:1 (NIV)
Now everybody who heard the parable would have known this verse from Proverbs. And since I remembered it within a couple of days, I have to believe some who were there would have remembered it instantly.

So as I picture the scene in my mind, Jesus begins the parable (Luke 16:19), “There was a rich man who was dressed in purple…” people would have nodded. This would be a typical opening. Purple was a color that only the rich could afford. But then Jesus adds “…and fine linen…” which would have stopped the nodding. The phrase “fine linen” doesn't mean much to us today, but what Jesus is saying here is that this guy has the fanciest underwear. This would be like saying the guy was dressed in Armani or Brooks Brothers suits, and he also wore the finest long-johns money could buy.

So there may have been some chuckles here. Jesus continues, “…and lived in luxury every day. 20At his gate was laid a begger named Lazarus…”

I imagine Jesus pausing here briefly. The laughter has just started to subside, and now the people are truly astonished. I have to believe that some in the crowd would have remembered the verse from Proverbs, and caught Jesus's meaning instantly. The beggar has a name, Lazarus, and the rich clown with the fine underwear—nobody even knows his name! We don't care what his name is; he's nobody!

As Jesus continued the parable, the rich man is revealed to be a man without sense or honor. Even in the afterlife he has no understanding of the nature of things.

You can find the sermon at; look for one dated May 25-26, 2013.

Saturday, May 18, 2013

Computer culture shock

Heard some stories about the clash of computer cultures, from an American tech guy working with an international non-profit. The first story was one about not writing your password down. The new user was disappointed that he couldn't write the password down, and he wanted to use a password in his native language—which you can't type on a US keyboard. When he heard he couldn't do that, he protested: "I know only 4 words in English!" (which he didn't remember how to spell). The American tech guy said, "Let's use those," and typed the login ID. "Now type your password."

The user had never used a keyboard before! He looked at the keyboard. "Where's 'H'"?

He learned how to hunt and peck each letter out. After maybe half an hour of practice, he was able to reliably type his password in before the login timeout. Whew!

Before this interaction, the tech guy hadn't met a lot of people who didn't speak English, and not many who didn't touch-type.

Another interaction was with a user at the other end of a telephone line. "Type “sudo rm /var/run”," said the tech help guy. "It'll ask for your password."

The response wasn't encouraging: "Aaaa! I broke it! It's broken!"

After several back-and-forth sessions, the reason came out. In a terminal window, when the password is requested, "echoing" is turned off. So you type your password, and you don't see anything. Of course the password isn't shown (this prevents "shoulder surfing") but neither are asterisks shown, and the cursor doesn't advance. So the user thought the computer had died.

Makes sense, but this is not the sort of thing I could have predicted, had I been in the tech guy's place.

Last story: The Unix™ Way says that when a command completes successfully, we don't show anything. So one can imagine a novice at the keyboard, wanting to remove (i.e., "rm") a file named a.out, and typing something like this:

$ rm a.out
$ _
and saying, "Huh? Why didn't it work?" Well, actually it did work, which is why it didn't say anything. But he doesn't know that; perhaps he expected it to say "Delete succeeded." or something. Maybe he types it again, with this result:
$ rm a.out
$ rm a.out
rm: cannot remove `a.out': No such file or directory
$ _
At this point our novice may be quite confused: the first one failed, but the second one... failed because... the file isn't there any more... then why didn't the first one give me that same messa... Oh! The first one succeeded, but it didn't say anything; the second one failed, with that message, because it succeeded the first time! Oh! OK!

And the light comes on. He remembers reading somewhere about how commands don't say anything when they succeed, only when they fail. It didn't sink in when he read it, but now the "no news is good news" thing has started to become part of his computer consciousness, his culture.

And a few years from now, he'll tell someone, "Okay, now type rm a.out" and he won't mention the part about how no news is good news. When the other person says, "It didn't work!" he'll probably say, "It didn't? What was the error message?"