[file under geeky. Why doesn’t blogger have categories for cryin’ out loud? It’s not like most of you want to read this junk.]
Well, that was frustrating. After my friend was cracked, I decided that it would be smart to keep my web content in a revision control system. That way, when some malicious cracker replaced all of my index files with self-congratulatory tripe, all I’d really need to do would be to restore from the repository.
Subversion had been getting a lot of buzz about being a CVS-killer. I’d been happy enough with CVS, which I use for my development projects, so, I thought I’d try out subversion, which must be better. I’d been warned about the BDB back end getting wedged some time, but now they’ve got “FSFS” which takes care of a lot of those problems.
Only, I didn’t want to run subversion on any of the existing machines on my network. Right now, the network has pretty much only one server — the one you’re reading this from. It acts as fileserver and name server for the local network as well as web server, mail server and name server for the outside world. (It also runs F@H so that I can stay ahead of Waldo)
But, I have a virtual graveyard of computer hardware in my basement. One of those is a sparc ultra5 with 4 network cards in it that once saw life as a corporate firewall. I thought that would be perfect. It doesn’t have a lot of disk space, but how much would a couple of websites take up anyway? So, yesterday, I installed Gentoo on it. Installing gentoo is not quick, but it is quite satisfying, and it and debian seem to be the only real contenders for mature distribution that runs on sparcs.
I “emerged” (gentoo for “installed”) subversion onto it, and was off to the races. Little did I know at the time, that I was going to the dog track! After a rather cursory perusal of the free subversion book, I jumped into the Quick Start section, and set up a test repository per their instructions. I set up the svnserver via xinetd so I could access it by “svn://” and “svn+ssh://” methods, though I did have to edit /etc/services for anything to recognize the svn protocol. I exported the repository to a couple of different working directories. I installed psvn (subversion mode) for emacs. I imported changes, I resolved conflicts. The emacs interface wasn’t quite as smooth as the CVS mode, but it was plenty functional and I was sure I could only expect improvements from here. I was happy.
So, today, I decided to move accapehart.com into the repository. It took a while with all of the ireland pictures, the pictures related to the floor staining I did back in 2002, and so on. Still, it worked pretty well.
So, I decided to check out a working copy for my development linux box. About a fifth of the way through, I got an error: svn: Malformed XML: not well-formed (invalid token) at line 1038. Well, that sucks. I tried checking out a copy on the actual web server. I got the same error (different line number).
I tried nuking and re-creating the repository from the original directory, which I’d fortunately kept. I tried using the BDB instead of FSFS. I tried doing it locally instead of across the network. No matter how I did it, it failed. Usually with Malformed XML. When it had the BDB backend, it died on initial export attempt, and killed the connection. Subsequent export connections said that the DB was corrupted and I needed to run <br /> svnadmin recover
which I did after which the exact same sequence occurred. I got very far into non-joy.
So, now I’ve got this gentoo on sparc sitting there with no real purpose in life, and my web content is just as vulnerable to hackers as when I started this a day and a half ago. At least, I thought, I could turn it into a dedicated Folding@Home box, and watch my numbers really take off. They have a linux command line client. Oh, but it’s binary only for the intel architecture. [obscenities deleted]
In writing this, I’ve at least managed to come up with a couple of other possibilities…
- maybe I screwed up the import. I had followed the directions re: branch/trunk/tags in creating the demos, but I figured I’m never going to branch my website, so I didn’t create those subdirectories in creating the repository for accapehart.com. I’ll try to play closer to the rules and see if I get joy that way.
[momentary pause while I check for my own idiocy…]
Alas, this wasn’t it.
- I could make the gentoo box the outside-facing linux box the mail/web/dns server and hide my internal file server even further from prying eyes. This will also be a fair amount of work, but is probably smart to do. It’ll make staying updated on packages/distribution much easier, plus be a less-easy crack target. Fewer crackers have access to sparcs with which to build their binary payloads.
I guess we’ll see.