Taking every thought captive

Some decades ago I memorized 2 Corinthians 10:4-5 with only a vague idea of what it meant. I now have a slightly less vague idea.

The lovely Carol was reading an article to me from conversations journal volume 8.2 (Fall-Winter 2010) -- "How Not to Be a Hero" by Scott C. Sabin. This is a great article, and it resonated with something I heard at the Wright Lecture Series. It was fashionable a while back to talk about being the "hands and feet of Jesus." This is not all that bad a picture; if the Church is Christ's body, then some members might be hands and feet. But this "hands and feet of Jesus" thing has a pitfall: we might start thinking it's all up to us. Better to think of ourselves as John the Baptist, pointing people toward Jesus.

Back to the article, though: the author was having an Elijah-under-the-broom-tree moment (1 Kings 19:4), as he was bombarded by thoughts like "you don't really have what it takes" and "you didn't accomplish anything" and "you won't make a difference."

This reminds me of (I'll get back to this soon, I promise) something I heard maybe 20 years ago about some guys heading to a Promise Keepers event. Someone accused them of being shallow, and a spokesman for the group said, "You don't know the half of it! We're an inch deep and a mile wide!" His point, of course, is that we are nothing without Jesus; we really are in deep trouble without him.

OK, really back to the article now -- actually a sidebar titled "How to Stand" by Mindy Caliguire, on page 35. She listed a few sample thoughts that might come your way, approximately this:

• You don't have what it takes.
• You can't provide what this project (people, congregation, etc.) needs
• You barely understand the problems, you don't have a good grasp of your resources, blah blah blah
• You're no hero.

When I heard this list, those old Promise Keepers came to mind. You're right! I don't have what it takes! But I know someone who does! I really can't provide what this project or whatever needs. I barely understand the problems. I'm no hero. But that's OK, because I don't have to be; my Dad has what it takes, he can provide as he has so many times in the past, he understands the problems and the resources and all the rest. And he's always the hero.

And in a flash it came to me: this is taking every thought captive to the obedience of Christ. This is what it means to destroy speculation. "Gee, can I really do this?" has a very simple answer: "Without me you can do nothing" but "with God all things are possible." If God could deliver his message through a donkey (Numbers 22), then I'm going to go out on a limb and say he can use me for whatever task he wants me to do.

Put differently, we destroy speculation and take every thought captive to Christ by remembering that it's all about Him -- God in Christ is the hero -- and it's not about me.

Moses ran into this when God was telling him to go set the Israelites free from the king of Egypt. There's a part of this that would really be funny -- well, actually it is funny, to us. God says, "I am sending you to Pharoah" (Exodus 3:10) and Moses says, "Who am I, that I should go to Pharoah...?" (3.11) and God says, "I will be with you" (3:12). This goes on for a while, and then Moses says, "I have never been eloquent" (etc.) and God says, "I will help you."

Notice all those "I"s in there? Of course you know who wins. Moses learned what we all must remember: it's not about me; I'm never the hero. It's all about God; he is always the hero, because he's the only one who has what it takes for this sorry dark world.

And if whenever a thought like "You don't have what it takes" comes to you or me, we turn it into "Definitely I don't have what it takes, but the Lord Jesus Christ does; he is the only hope of the world. And he has sent me..." then I think that's taking those thoughts captive unto the obedience of Christ. To him be the glory!

postfix, mac os X. also fetchmailrc

Continuing the Linux→Mac migration story started here... I had to get something set up to fetch mail automatically. What do you use to fetch mail?

$ type fetchmail
fetchmail is /usr/bin/fetchmail
$ 

Yeah. But I'm getting ahead of myself.

To fetch mail from my ISP, I need to authenticate across the wire. But this is a LAN; I don't want to authenticate with plaintext, and I'm not so sure about pop3s or whatever. How do you spell relief? S-S-H-T-U-N-N-E-L. What I'm gonna do is this:

$ ssh -f shell.my.isp.com -L 60110:popserver.my.isp.com:110 sleep 1200 

Every couple of minutes, I see if the port is still open locally and restart the tunnel if needed. I'll use fetchmail from port 60110 periodically.

How do you fetchmail from an alternate port? Here's what my .fetchmailrc looks like.
poll see.postman.fetchmailrc.invalid proto pop3 port 60110 user ISPUSERNAME pass ISPPASSWORD is postman here mda "/usr/sbin/sendmail -i -f %F %T"
What does all that stuff mean?

• poll see.postman.fetchmailrc.invalid
  That "see.postnam.fetchmailrc.invalid" thing is an alias for 127.0.0.1 (i.e., localhost). The ".invalid" suffix means sendmail wouldn't try to send anything on it. (I'm not sure this is actually needed any more, but some time in the previous millennium I think, I hit upon this ".invalid" thing as a way to stop some Bad Thing from happening.)
• proto pop3 port 60110
  This is how I tell fetchmail to use a different port. Since I'm just grabbing the email off my ISP's server (and deleting it as soon as I can deliver locally), there's no need for anything more sophisticated than POP.
• user ISPUSERNAME pass ISPPASSWORD
  remote username/password
• is postman here
  deliver remote email to user "postman" on the local host. The "postman" (not "postmaster") has a .procmailrc that figures out who the email is probably for (the lovely Carol, or one of the kids, or me -- actually the ex-teen no longer gets email here) and sends it accordingly. By the way, postman has this in ".forward":

  "|/usr/bin/procmail"

• mda "/usr/sbin/sendmail -i -f %F %T"
  By default fetchmail will try to deliver to port 25. But the postfix daemon seems to want to stay alive for just a minute. This "mda" incantation says to send mail using this program, rather than trying to connect to port 25.

By the way, I also had to tweak postfix a bit. I messed with the plist file in /System/Library/LaunchDaemons/org.postfix.master.plist, but after learning about the 60-second timeout, I'm not sure that was needed. The below certainly is, though, for outbound mail -- I mean mail sent with mail(1) -- to go anywhere:

$ diff /etc/postfix/main.cf{.install,}
70a71
> myhostname = MYDOMAINNAME
76,77c77,78
< #
< #mydomain = domain.tld
---
> 
> mydomain = MYDOMAINNAME
307a309,310
> # collin 2010-10-23
> relayhost = [MY_ISP.MAILSERVER.HOST]

Getting it all to start on boot

Those details were fascinating (at least they were to me), but how about getting the ssh tunnel kicked off when the box boots?

On a Linux distro with sysV-based startup, you'd put something into /etc/init.d or something; Mac OS X doesn't do that sort of thing. Instead there are files in /System/Library/LaunchDaemons/ . Following some web advice, I created this file:

$ cat /System/Library/LaunchDaemons/collin.postman.tunnel.plist 
   ## NOTE: owned by root and perms no greater than 0644
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>Label</key>
                <string>collin.postman.tunnel</string>
        <key>Program</key>
                <string>/Users/postman/tunnel.sh</string>
        <key>RunAtLoad</key> 
                <true/>
</dict>
</plist>
$ 

(where /Users/postman/tunnel.sh is the shell script that creates the tunnel if needed, runs fetchmail, etc.)

Then to make the system aware of this...

$ launchctl load /System/Library/LaunchDaemons/collin.postman.tunnel.plist 
$ launchctl start collin.postman.tunnel

And basically, it should work.

UPDATE! 2010-11-07

A few gotchas that threw me off... discovered somewhat (!) later. Easy one first. To determine whether the tunnel was active, tunnel.sh said

 if netstat -an -finet|grep LISTEN | grep 60110 > /dev/null; then

Trouble is, the default path doesn't have a "netstat" in it. Solved by adding this to the script:

PATH=$PATH:/usr/sbin

The next one was a bit harder. As I mentioned before, I followed somebody's plist instructions. Which mostly worked, except for two things:

1. On startup I'd get this message about how dovecot might use 640 FDs and we have a limit of 256. Ick. I tweaked the parameters it said to, and got the 640 down to something like 528 -- still too high. I may actually fix this someday, but in the meanwhile I'm just becoming root, saying "ulimit -n 1024" , and then spawning dovecot in the same root shell. Ick.
2. Every 10 seconds or so, syslog got a "dovecot already running" spam. Every 10 seconds! This I addressed by rtfm and changing the plist file to look like this:

   <?xml version="1.0" encoding="UTF-8"?>
   <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" 
      "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
   <plist version="1.0">
   <dict>
           <key>Label</key>
           <string>com.diymacserver.dovecot</string>
           <key>ProgramArguments</key>
           <array>
                   <string>/opt/local/sbin/dovecot</string>
                   <string>-F</string>
           </array>
           <key>RunAtLoad</key>
           <true/>
           <key>KeepAlive</key>
           <true/>
   </dict>
   </plist>

   See that "-F" added to ProgramArguments? The manual says that daemons spawned this way must not daemonize but stay in the foreground. "-F" is how we tell dovecot not to say "if (fork()) exit(0);"

Migrating mail: kmail on SuSE Linux to maildir on mac os X Snow Leopard; also dovecot

Updated! See also part deux.
I'm not running Snow Leopard server edition (or whatever they call it) so I had to download dovecot, then configure it. Here's my journey....

Ports

First, I found the install media and installed Xcode. I like having compilers; it makes me feel like I'm on a real system.

Then, as I wrote earlier, it's not darwinports any more; instead, I downloaded macports. This creates a hierarchy under /opt/local, and also does nice things to the system-wide profile files. So once I had ports installed, every terminal session I started had these directories prepended to $PATH, like this:

$ echo $PATH
/opt/local/bin:/opt/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin:/Users/carol/bin

Install dovecot

Short version: click here. Even shorter:

sudo port install dovecot

Configure dovecot

Following instructions at http://wiki.dovecot.org/BasicConfiguration:

• Where's the config file?

  $ dovecot -n
  # 1.2.14: /opt/local/etc/dovecot/dovecot.conf

• Simple authentication

  $ echo "$USER:{PLAIN}password" > passwd.dovecot
  $ sudo mv passwd.dovecot /opt/local/etc/dovecot/

• Modify dovecot.conf to use plaintext -- no longer disable plaintext login
• mail location: "echo hi | mail -s dovecot.test carol" yields /var/mail/carol. but it's more than that; we have this sort of arrangement:

  $ ls ~/Mail
  ACFW                            MailLists
  AShland                         MailisWork
  ASthma research                 Mariko
  AWP                             Marketing
  Addresses                       Meet Up
  Affirmations                    Menlo Atherton HS
  ...
  JapanLifeInfo                   inbox
  ...
  $ ls ~/Mail/inbox
  cur     new     tmp
  $ 

  Therefore I'm thinking to create Maildir with directories cur,new,tmp, and the rest of the directories can be subdirectories under it. Like this:

  $ ls -o Maildir
  total 24
  lrwxr-xr-x  1 carol  27 Oct 23 10:58 cur -> /Users/carol/Mail/inbox/cur
  lrwxr-xr-x  1 carol  27 Oct 23 10:58 new -> /Users/carol/Mail/inbox/new
  lrwxr-xr-x  1 carol  27 Oct 23 10:58 tmp -> /Users/carol/Mail/inbox/tmp
  $ ls -F ~/Mail | grep / | cut -d/ -f1 | while read D; do ln -s "~/Mail/$D" Maildir; done
              # OOPS! The above doesn't work; see below
  $ rm Maildir/inbox
  $ 

• But as noted above, mail isn't currently being delivered there. the dovecot page doesn't tell me about combining /var/mail/USERNAME mbox with ~/Maildir maildir format, so does procmail work? What if I set DEFAULT=$HOME/Maildir/ and put this into .forward?

  $ cat .forward
  "|/usr/bin/procmail"

  Yes! A test produced this:

  $ ls Maildir/new
  1287857872.59228_2.mini1.local

• Turn off SSL TEMPORARY ONLY! -- otherwise I keep getting

  $ dovecot -n
  # 1.2.14: /opt/local/etc/dovecot/dovecot.conf
  Error: ssl_cert_file: Can't use /opt/local/etc/ssl/certs/dovecot.pem: No such file or directory
  Fatal: Invalid configuration in /opt/local/etc/dovecot/dovecot.conf

• Putting the above together, we have:

  $ diff -u /opt/local/etc/dovecot/dovecot{-example,}.conf 
  --- /opt/local/etc/dovecot/dovecot-example.conf 2010-10-16 17:26:05.000000000 -0700
  +++ /opt/local/etc/dovecot/dovecot.conf 2010-10-23 11:36:26.000000000 -0700
  @@ -1,4 +1,5 @@
   ## Dovecot configuration file
  +# from dovecot-example.conf 2010-10-22 collin
   
   # If you're in a hurry, see http://wiki.dovecot.org/QuickConfiguration
   
  @@ -45,7 +46,7 @@
   # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
   # matches the local IP (ie. you're connecting from the same computer), the
   # connection is considered secure and plaintext authentication is allowed.
  -#disable_plaintext_auth = yes
  +disable_plaintext_auth = no
   
   # Should all IMAP and POP3 processes be killed when Dovecot master process
   # shuts down. Setting this to "no" means that Dovecot can be upgraded without
  @@ -86,7 +87,7 @@
   #ssl_listen =
   
   # SSL/TLS support: yes, no, required. 
  -#ssl = yes
  +ssl = no
   
   # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
   # dropping root privileges, so keep the key file unreadable by anyone but
  @@ -215,7 +216,7 @@
   #
   # See  for full list. Some examples:
   #
  -#   mail_location = maildir:~/Maildir
  +mail_location = maildir:~/Maildir
   #   mail_location = mbox:~/mail:INBOX=/var/mail/%u
   #   mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
   #
  @@ -860,11 +861,11 @@
     # The deny passdb should always be specified before others, so it gets
     # checked first. Here's an example:
   
  -  #passdb passwd-file {
  +  passdb passwd-file {
       # File contains a list of usernames, one per line
  -    #args = /etc/dovecot.deny
  +    args = /opt/local/etc/dovecot/passwd.dovecot
       #deny = yes
  -  #}
  +  }
   
     # PAM authentication. Preferred nowadays by most systems. 
     # Note that PAM can only be used to verify if user's password is correct,
  @@ -872,7 +873,7 @@
     # database (passwd usually), you can use static userdb.
     # REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM
     # authentication to actually work. 
  -  passdb pam {
  +  #passdb pam {
       # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=]
       # [cache_key=] []
       #
  @@ -905,7 +906,7 @@
       #   args = session=yes %Ls
       #   args = cache_key=%u dovecot
       #args = dovecot
  -  }
  +  #}
   
     # System users (NSS, /etc/passwd, or similiar)
     # In many systems nowadays this uses Name Service Switch, which is
  $ dovecot -n
  # 1.2.14: /opt/local/etc/dovecot/dovecot.conf
  # OS: Darwin 10.3.3 i386  
  ssl: no
  disable_plaintext_auth: no
  login_dir: /opt/local/var/run/dovecot/login
  login_executable: /opt/local/libexec/dovecot/imap-login
  mail_location: maildir:~/Maildir
  auth default:
    passdb:
      driver: passwd-file
      args: /opt/local/etc/dovecot/passwd.dovecot
    userdb:
      driver: passwd
  $ 

Correct folder names

Fired up mail.app and it found the inbox: 382 unread of 4951 items, something like this. But! None of the folders were there. H'm... I obviously don't grok Maildir format.

[a few minutes later] Gaaaa! Need to modify the above (wrong) format! Folder names must begin with a dot! http://wiki.dovecot.org/MailboxFormat/Maildir#Directory_Structure says so. Remedy is here:

$ ls -F ~/Mail | grep / | cut -d/ -f1 | while read D; do 
     rm "Maildir/$D"; ln -s "~/Mail/$D" "Maildir/.$D"; done
rm: Maildir/inbox: No such file or directory
$ rm Maildir/.inbox 
$ 

With the correct directory names, I quit mail.app, then stopped dovecot -- like http://wiki.dovecot.org/RunningDovecot#Stopping says:

$ sudo cat /opt/local/var/run/dovecot/master.pid 
59267
$ sudo kill -s TERM 59267  # and wait a few seconds, then: 
$ sudo dovecot 

Brought mail.app back up... And that worked!

Oops, forgot nested folders. And more

If I have a folder Trips with subfolders Alaska and Hawaii, kmail apparently creates Mail/Trips, Mail/.Trips.directory/Alaska, Mail/.Trips.directory/Hawaii; those directories each have cur,new,tmp; therefore we'll do this:

$ cd Mail
$ find . -type d | grep directory | grep -ve '/cur$' -e '/new$' -e '/tmp$' | 
  grep '/[^.]' | sed -e 's:^./::' | while read F1; do 
      DEST=$(echo "$F1" | sed 's:.directory/:.:g'); 
      ln -s ~/Mail/"$F1" ~/Maildir/"$DEST"; done
$ 

Ah, almost! “sed 's:.directory/:.:g'” should probably instead be:

sed 's:\.directory/\.:.:g' | sed 's:\.directory/:.:g'

Here's something else!

$ ls -Ao Maildir
total 13008
lrwxr-xr-x  1 carol       11 Oct 23 11:57 .ACFW -> ~/Mail/ACFW
lrwxr-xr-x  1 carol       14 Oct 23 11:57 .AShland -> ~/Mail/AShland
...

Oops! Somehow I have a literal “~/” instead of /Users/carol/. Sigh... OK then...

$ cd Maildir
$ find . -type l | while read X; do 
      Y=$(readlink "$X"); 
      if [[ $Y == ~* ]] ; then ln -sf "${HOME}${Y#?}" "$X"; fi; 
   done
$ 

Real authentication

First up is creating SSL certificates; I'll start at http://wiki.dovecot.org/SSL.

No; we'll use IMAP and not disable plaintext. It's just home; I'm not running a business with secret information. And we don't put sensitive stuff in email anyway. This works:

$ diff dovecot-example.conf dovecot.conf 
1a2
> # from dovecot-example.conf 2010-10-22 collin
48c49
< #disable_plaintext_auth = yes
---
> disable_plaintext_auth = no
56c57
< #shutdown_clients = yes
---
> shutdown_clients = yes
89c90
< #ssl = yes
---
> ssl = no
218c219
< #   mail_location = maildir:~/Maildir
---
> mail_location = maildir:~/Maildir
907c908
<     #args = dovecot
---
>     args = login

Multiple addresses, outbound mail, address book

Fortunately I remembered this issue before the lovely Carol hit it while I was at the office. Sometimes I want to send email as myself, sometimes as an identity that results in replies coming back to both of us. So does the lovely Carol. Kmail allows multiple identities; mail.app does too. You can configure this by editing account preferences -- multiple email addresses, as shown in this nice article at hints.macworld.com .

Outbound mail works great too; I set the outbound mail server to be our ISP's server and everything Just Worked. Basically mail.app connects to the ISP (never mind postfix) and... yeah.

The address book turned out to be pretty easy. From kde's address book, export as CSV; copy file to Mac; from address book (the tan book with the big @ ) File→Import, select the file, validate how columns are imported, and bob's yer uncle.

Make dovecot run on boot

Followed these directions. Looks reasonable, but the test will be when she reboots the box. (I shut down the Linux box, then had to restart it for some reason; some filesystems hadn't been checked in 446 days...)

Migrating firefox bookmarks, and other Linux→Mac transition tales

Yes, a Linux® → Apple® transition is happening here. Why? Well, it's a bit of a long story. My desktop machine has been dying slowly and recently it decided to accelerate that process. The lovely Carol has been putting up with an aging IBM lease return running an old Linux distro and in particular firefox2.x. An annoying problem with this old firefox is that when she tries to print from certain websites, its javascript is sufficiently creaky that the printer doesn't.

Therefore the plan is: a mac mini for her. HDMI→DVI adapter and connect to this ViewSonic display (1440x900); I'll take the lease-return IBM and try to upgrade its OS; wish me luck. Meanwhile, she'll be using the mac mini, which first of all has the software on it already (well, I did download firefox and NeoOffice, but that was a piece of cake); it also can give her an experience similar to what she already has on her (2006) iBook.

But there is data migration. "rsync -av -e ssh" for her mi¢ro$oft word (well, mostly openoffice-generated) documents. Most of her mail is already in Maildir format; I figure she can run a local dovecot and use mail.app; more on this later.

Besides mail, the thing I wanted to tell you about was bringing the bookmarks from the Linux box to her browser on the mac. You can find bookmarks.html by typing something like this on your Linux box:

$ cd .mozilla/firefox/*default
$ pwd
/home/carol/.mozilla/firefox/bjvya9an.default
$ ls *ookmark*html
bookmarks.html
$ 

You should change "default" to whatever the profile name is that you have for ffox on your Linux box. Copy that file to $HOME/Desktop on your mac (this will make the next step easier).

Now start firefox up. From the menu at the top of the screen, select Bookmarks→Organize Bookmarks... and you should see a window like that on the left (click for a slightly larger image).

Near the top of that pop-up window you'll see a button with a 5-pointed star. Click it and the little menu (the one with Backup, Restore, Import HTML... and Export HTML...) will appear. Select "Import HTML..." and it'll let you select a file to import. This is why I said to copy bookmarks.html under $HOME/Desktop/. I'm sure you'll know what to do from here on in.

More on mail setup later.

You're smarter than people say you are!

So my buddy "Horace" asked me how to do something in PERL.

OK, well, it's not like he asked how to do something in mi¢ro$oft Offic€. He was calling a database library that returned a hash reference, which he was using like this:

$foo = blahblah::hashref($what,$ever);
print OUTFILE "DATE:", $foo->{DATE}, "TYPE:", $foo->{TYPE} ...; 

The question was, rather than hard-coding the keys, wasn't there an easy way to find all the keys and dump the value corresponding to each key?

It seems like the sort of thing Larry would provide -- and because of the TMTOWTDI principle, probably provide more than one way to do it. I'm not a big fan of the TMTOWTDI principle because if you have to read other people's code, you eventually have to learn all the cockamamie ways people might have coded something.

It's this way in C, too; one can code ++a; or a++; or a+=1; or a=a+1; -- they all do the same thing. Similarly i[x] and x[i] mean the same thing: *(x+i). And strptr->fld is the same as (*strptr).fld

Back to Horace's problem. If we had an actual hash, rather than a hash reference -- e.g., if we had %bar rather than $foo -- then we'd simply code

foreach my $fld (keys %bar) { print "$fld $bar{$fld} "; }

Then I remembered an incantation I saw in a musty old volume...

I suggested trying it: using (keys %$foo) in the statement above. Horace typed it in and gave it a cockeyed look. "I'm not sure that'll even compile," he said. Just being supportive I guess. But much to his surprise...

$ perl -cw thescript.pl
thescript.pl syntax OK
$ 

Then he ran it; out came the keys and their values.

It was gratifying to see that my guess worked. Then came the best part. "You know, you're way smarter than people say you are."

It's nice to feel validated. I guess.

Whoa, darwinports is now macports!

It's been nearly five years since I installed darwin ports on my powerbook, and upon recently acquiring a current Mac I looked for "what was that port thing? oh yeah, darwin ports..."

I found a link to download darwin ports, but the link didn't work. Good thing, too, since a few searches later I discovered this darwinports fraud page. The Real Thing, according to this page, is now macports.

Feeling somewhat dizzy, I did a little more searching and became convinced that what I sought was indeed macports, not darwinports. Further proof came in a working download and a smooth installation of the desired software -- dovecot in case you were interested.

More about that later, but for now I wanted to tell you about this name change. That is, in case I'm not absolutely the last person to find out.

In which your blogger removes any doubt that he's a wacko

Since I'm never gonna run for political office and will never be considered for supreme court justice or anything, I figure that how I vote isn't going to have an adverse effect on my career. So....

• Governor: Meg couldn't be bothered to vote. I don't buy the smear campaign related to the housekeeper, but I can't bring myself to vote for Brown. Voting for anyone else is pretty much useless. So I'm abstaining.
• Lt Governor: Maldonado. Can't stand Newsom because he doesn't seem to care what the law says. I don't want my house fire-bombed so I won't say any more.
• Att'y General: Cooley. Heard his debate on the radio v. Harris and he sounds a lot more reasonable to me.
• US Senate: Dear Barbara, you have done the impossible and caused me to vote for Carly. I never thought I'd ever do that, but you've done it. Congratulations.
• US Rep 14th: Dave Chapman. Anyone but Eshoo. Again, respect for the law is important to me.
• Sequoia Healthcare District. As I understand it, the district exists to run Sequoia Hospital. But CHW owns and runs Sequoia Hospital. So the district, and the funding, for the district makes no sense. Hickey, Graham, and Stogner say they'll dissolve the district. Why should we pay staff to run this purposeless entity in San Mateo County?
• Prop. 19: YES. Holder says the feds will continue to enforce marijuana laws. Fine, let them pay for the hours to find, arrest, prosecute, convict... and also for the prisons where these people will be housed. Why should the taxpayers of California pay for all that "enforcement" -- which in case you haven't noticed isn't working? Better to tax it -- like tobacco and alcohol.
• Prop 20: YES. Got to get the politicians out of the gerrymandering business.
• Prop 21: YES. $18 per year per vehicle, to undo some of the damage that the Governator did.
• Prop 22: YES. Have you noticed that roads have gotten worse over the past decades? Caltrain, and other public transit districts, not to mention other local programs, have had enough taken from them by Sac.
• Prop 23: NO. As in Say NO to Texas Oilmen.
• Prop 24: YES. Why would we reduce business taxes? I don't get that.
• Prop 25: YES. Stop budget gridlock in Sac.
• Prop 26: NO. Otherwise 34% of voters can block anything. (And if you're curious I did vote NO on 13 back in the 70s)
• Prop 27: NO. Not just NO but "We threw you guys out of the gerrymandering business on purpose, and now you're clamoring to get back in? NO NO NO!"
• Measure M, City/County Ass'n of Gov'ts: YES. $10/year per vehicle for infrastructure maintenance and improvements. As in yes on 21/22.

What about the other races? I've given enough effort to be well informed on them.