Fedora Activity Day Summary

The previous reports on the Fedora Infrastructure Security FAD have been very very light on details as I have been wanting to summarize them separately from the events themselves.

Two Factor Authentication tries to hamper problems with passwords being stolen by requiring a person using a service to have a second "factor" which should increase the probability that the item trying to authenticate is actually that item.

Over the last 4+ years, Fedora Infrastructure has been wanting to implement two factor authorization to increase security. I believe Mike McGrath and some others began looking at Yubikey in 2009 or 2010. Parts were implemented into the Fedora Account System by that years FUDcon, but other fires began to take over and it was put off til the next year to fully implement. Other parts were worked on and a couple of different ways to implement were looked and or tested at one point another. However, every time these were ready to be fully implemented, other items took precedence and eventually the two factor would be put on a back-burner til "next year". This year, Kevin Fenzi made sure this would not happen again by getting the people needed to accomplish the goal into one location for a dedicated couple of days. It was decided that it needed to be a FAD versus FUDcon as we had found at previous FUDcons that sysadmins time gets pulled into various other meetings needing to know if X or Y or Z can be done with what hardware Fedora has available.

By getting everyone in Raleigh, the group has been able to get the infrastructure together, fix various bugs in pam_url, and have a solution we can roll out into production for 2 factor sudo access in the next couple of days.

Fedora Activity Day: Day 2

Got up reasonably early, but found everyone had already been up for a while. Got some tea at the hotel Starbucks and got into our location on the 13th floor. Seth, Kevin, Toshio and Icon got to hacking pam_url and getting a working set in our staging infrastructure. Ricky Elrod, Nick Bebout, Clint Savage, and Sam Kottler worked on testing and helping where various issues came up. Around 10 am Ruth Suehle arrived and made sure that the whip was being cracked on blog posts... which well I was being lax on. After a suitable beating.. people were able to get back to work. [Ruth is a true professional, none of our fingers were broken so we could keep working.. and most of the bruising from the rubber hose won't show up for a couple of days.]

At around 12 am, Ruth also made sure we stopped what we were doing and got some food at another restaurant on the bottom floor of the Red Hat Tower, Dickies BBQ. The BBQ was quite good and we were able to get back quite fuller than we had been before. It was around this point a critical issue came up... we were having lots of success in the 64 bit environment, but two factor was not working in 32 bit systems. After the usual maligned suspects (wrong binary on wrong architecture, selinux, systemd and pulseadio **) had been discounted the afternoon was taken up with debugging and finding out what kind of coding issue.

By around 5:30pm, another break was taken as we went to local Italian restaurant, Gravy's for a fine dinner. On the way we were serenaded by MC Vidal and his remix of a Beastie Boys classic.

 I found out that beer at Oktoberfest is served in liter sized drinks and after 2 or three you can be quite toasted. I also learned what Salmon Ladders are, and how to get a killer interview with John Barrowman. There were other cool stories, but they paled and I forgot them. Eventually we had to go back, which was good because by this time several West Coast hackers were freed up on their day jobs to help on the debugging of the pam_url issue. [Thankyou rzhou, awilcox and all the others.]

It is 11:30pm and hacking is still ongoing so I am going to finish this post with photos of people today:

** Yes it is a joke. No systemd or pulseaudio rpms were harmed in the pursuit of this debugging.

Fedora Activity Day: 1

On Tuesday the main part of the hack fest began. People got up and going to the Tower by 9am which was quite good since most people are from several time zones later and also had been working to 1am on various parts. Bill Nottingham had gotten a nice enclave for us off the 16th floor lunchroom where we spent the rest of the day in and out of.

The main goals for the morning hackfest was to make sure that the plan for two factor authorization made sense: Who would be affected (those people with access to critical hardware) and those who would not (everyone else), What would be covered (sudo and some FAS functions) and what would not (wiki, ssh logins, and many other applications), and How it would be done (pam_url, yubikey, google authenticator) and how it would not (pam_otp, linotp, home made app, etc). This took up a good portion of the morning because while we had worked out many similar ideas the night before we ended up finding slight differences. It also helped to make sure we had covered what corner cases would trip us up and which ones we didn't care about because the people affected were the ones making the changes.

At a late lunch time, we decided not to walk to the places that had been closed the night before, but stay on the block finding a nice sandwich place called Sosa's. It was actually about closing time for them, but the owner was very excellent to us keeping it open for an extra hour. The sandwiches were great and we got back to hacking around 3pm. We ended up working til around 7pm getting an initial set of packages together. By this time, the skys had been raining for a couple of hours (which for someone used to the deserts of New Mexico was quite amazing...) but we decided to walk to the restaurant we had wanted to go the night before. Sadly, it was packed as were the next 3 places we tried. In the end, we ended up at the Raleigh News which is a lovely food and pub place where food and hacking was done til about 9pm. A long walk back to the hotel and more hacking followed. I crashed but others kept up til around 2 am I was told. [Sorry for a lack of hacking details today.. most of my day was working out Fedora hardware purchases and other arcane issues.. ]

Fedora Activity Day 0

Monday was a day of travelling for most people with airflights from various places in the country. I drove up from South Carolina and got to Raleigh around 1pm. The new Red Hat offices are very nice but still under construction with some people already in the floors and others still over at the old location on North Carolina State. I got to meet with various old friends (Bill Nottingham, Rob Landry, James Laska and Doug Ledford). Other people I hoped to run in would have to take trips across town later.

Later in the afternoon, Seth rolled in like MCA, and we began doing tag team pickups from the airport. By around 6pm we had enough for a dinner run, and found that many downtown places are closed on Monday night. In the end we ended up at Bu Ku and had a nice mix of "Street Foods". Icon (Konstantin) and MC Vidal ordered the Red Tree mix which was all the vegetarian mixes... others filled out their meats and a good time was had by all. The best part is outside of the restaurant is the open source cow.. while not spherical it does have nice red horns.

After dinner, we retired back to the hotel while I went back to pick up Nick Bebout from a late flight. People back at the hotel caught up with email from the day and scoped out what items would be needed to get two factor authorization working.


Fedora Infrastructure Security FAD: Day -1

Today was mainly spent writing a paper... well attempting to write a paper on Password Security in Fedora. The process of writing seems to be the following:

  1.  Open up a text document in a simple editor. Over the years I found that writing first drafts in fancy office programs to make things worse as I spend hours trying to figure out which font to use, how large to make the margins, etc. etc. would derail the paper. For a simple editor I use Emacs .. well its not simple or small but it is a good OS while I look for a simple editor :).
  2. Get all the distractions of the day out of the way. That means read through my Facebook queue to find out if I have cat pictures to like, friends political posts to ignore, and family birthdays to say "Happy .." to. Go through the large Fedora email queue and find out which emails I need to answer and what tickets needs to get done. 
  3. Stare at the empty editor page for an hour. Try various first sentences and delete them. Realize you don't know where you will be meeting people tomorrow.
  4. Figure out where I need to go tomorrow in Raleigh. Red Hat moved offices during the summer and I need to get to the new ones in downtown. Go look at various maps to figure the best way to get to the offices. 
  5. Look intently at the empty page... put a bunch of ideas down for what should be noted in the paper and what should not. Go research some papers by Alec Muffet (the writer of Crack and other tools). 
  6. Get some tea.
  7. Take the ideas from the page and put them in a different file. See an empty page and type lalalalala for a while.
  8. Run out of the house yelling "You will never take me alive!!!!" For extra points remember half-way that clothes would be a good idea.
  9. Go back and start typing in the page. Get about 4 paragraphs done.
  10. Get a page about systems and go do steps 1-9 again.
  11. Remember that you needed to post a before the FAD post and go do that. 
  12. Go back to typing because you have nothing left to distract yourself for a good 10 minutes.


Fedora Infrastructure Security FAD: Day -2

From Monday evening til Thursday morning, various system administrators will be meeting in Raleigh, North Carolina for a Fedora Activity Day (FAD). We will be discussing and working on improving the security of Fedora's Infrastructure to bring in various 2 factor security methods via Yubikeys and Google Authentication. Many of the parts have been worked on in the past, but getting all the people in the same place to focus on them took a lot longer than expected :). Most people will be travelling to North Carolina by plane on Monday, but I decided to come in early and spend the weekend with my parents in South Carolina. Then on Monday I will drive up and pick up people from the airport and get them to the hotel and such.

My original goal was to use my parent's truck and put people in the back, but the laws have changed and system administrators are no longer classified as cattle. So I have had to borrow a different car and people will just have to get in the trunk :). After I get them to the hotel, we will all check in and do an evening get together of what our goals for Tuesday are and anything that is thought hackable starting off.

While I won't be working on the Fedora Account System (FAS) integration of 2 factor, I will be working on mapping our security controls with the top 20 Critical Controls and the Top 35 Mitigation Strategies. These aren't much different from other security documents but I decided to pick something and SANS looked like a good place (and going through the 400+ pages of NIST documents usually makes people insane.) This will basically be a goal of just pointing out our good practices, figuring out what we might want to check, and where we could improve in a way that outsiders can compare with their own tools (if they use those security documents and not one of the myriad other ones). [This isn't about locking down a system but more about how to protect as much as usable and deal with the eventual breakins and problems that occur.]

I also plan to finish off a talk on what  changes in Password Security over the last 3 years have "bought" us as an organization. I want to have this as a finished talk at FUDcon as this all started from FUDcon Phoenix.

Anyway, happy hacking.


Voted Today

Wow, I have not posted in a long long time. Well I will start doing so with today's topic starting with a non-Fedora one... US Elections. I voted. It was easy, it was fast, and I think our local county clerk did a great job in making it so that every voting place could be 'your' voting place by moving the printing of ballots to each place. There were multiple receipts and coverage so that verification of the correct ballot and correct voter could be done after the election. Which is nice after watching the videos of people who are trying to vote for X candidate but getting Y chosen for them due to either capacitive touch problems (or possibly other issues.)

In the backyard right now I am watching the mountain birds begin to arrive at the bird feeders. They haven't found the "suet" feeder as attractive as the Nyger seed or the regular seed. The local pigeons have grown fat over the summer... the dog actually was able to grab one yesterday.. which after eating her share, decided to give the rest to me. Good doggie... but I am not sure I want rat-bird to eat. But it has meant that the back yard has fewer pigeons in it today so I am happy.

In Fedora news. I am working on some papers for the FUDcon.. have to finish them up in the next week or so. For relaxation, I built a box out of various spare parts from friends.. it is about 2 year old hardware and probably the fastest system in my house :). The story of Frankenbox will be my next post.


Deleting your LinkedIn Account

So I decided it was better to just deleted the account. With no idea if the hackers are still there, and what little benefit I personally get from it.. it is not worth keeping it open. If you are paying for a professional account etc it is a different matter, but for me I just can not trust a company that stores passwords in unsalted format. [Hopefully all the other sites, I trust but can't look at their source code don't.. *snort*.]

Anyway to delete your LinkedIn account. I pretty much followed the settings that LinkedIn's help page gave. Login, go to settings, go to account settings, and click close account. Tada, closed account... supposedly.  The reason I say this is that I didn't receive any email telling me that the account has been closed. And there is no proof that someone who has my password can not just open it up again. Oh well. One step at a time.

Why I am not immediately changing my LinkedIn password

So supposedly LinkedIn has had a massive breach, and 2->6 million password hashes have been harvested from some system. While this is bad, and most people watching it are urging people to go change their passwords on LinkedIn, I am waiting and will probably close my account if the problem is confirmed.

  1. There is no indication that the hacker is "out" of LinkedIn at the moment. So any passwords that are being changed currently could end up going to the hackers again. And with the fact that the most likely password a person is going to use is one they use elsewhere.. that means the hackers have a much larger set to use.
  2. The password hashes are stored in an Unsalted SHA1 format. This is criminally poor judgement of whoever implemented this part of the password system. The SHA1sum is a very very fast to match passwords to. This means that even 5 year old hardware can work through a terabyte dictionary in a day or so even with millions of hashes to check against. So most passwords less than 8 characters is going to be found within months and passwords longer than that but easily found via "rulesets" will be found in a similar timeframe. 
If passwords are being stored in this format, then how are credit cards and other data being stored? That is the main "kicker" to me, and why I would be very concerned about information stored there. I would also be wary of any "LinkedIn invites" for a bit. Who is the person making them and are they really that person or some hacker using their identity to see what they can social engineer out of you.

The passwords being found in this set look very corporate in how they are setup. People were using "good" password rules: mixing Uppercase, Punctuation, LowerCased, Number, longer than 10 characters, etc. These are probably the ones most likely used elsewhere. 

If you used your LinkedIn password anywhere else, or you use a similar pattern (say your password was 123LinkedInQ@$ and you use that pattern elsewhere so your Fedora password was 123FedoraQ@$, please change your password at those other locations, and please please use a different pattern.


A History behind Code Names

Having kept a history of the Red Hat Linux code names a long time ago ... ** I wanted to remind people that they started off as an inside joke. Up until the late Red Hat Linux releases, most of the release names were done in a very closed mode. The release leads (Mark Ewing, Eric Troan, Preston Brown) might ask for a name (but you couldn't tell anyone except them what the link was) or a small cabal of people on a late night during the alpha process would choose a name.

The reasons for the names at that time was to a) blow off steam during long nights and little pay, and b) to get fans energized in trying to figure out what links they could come up with between releases. At some point the answer would be revealed and people got "points" on how close they were.. lots of little discussions on IRC, USEnet newsgroups, and mailing lists and it was free marketing. Looking at it this way, the original names were always an inside joke or puzzle.

After the puzzle was revealed, the names rarely were used by the community. Instead the people attracted to Red Hat Linux were more numbers versus names oriented. It is just how some people are.. the engineering types that who will call a CPU a 6500 Xeon versus a Beckton. They will know its die numbers and probably only remember Beckton from some joke about Intel marketing kicking cpus like Beckton to make it sound better. At its extremes, some people see codenames as meaningless marketing jingoism that hides the underneath true data from them.

Other people store information by names and connotations.  They know that a Beckton class system is part of the Nehalem family of CPUs and what relationship it is between previous and later CPUs. In this case, the name is a bond, a way to tell what the product is, why the person is linked to it, and how they will get others to use this. In its extreme, numbers are codes that obscure why something exists. ***

If there is any way I can tell "Debian/Ubuntu users" from "Red Hat/Mandrake/Suse" users it is not the .deb/.rpm rift. It is how they remember each OS and the relationship between them. One group is very name oriented and the others is very number oriented.

In the end, I am looking at our (Fedora's) naming "crisis" as partially release day jitters (ever notice before every release we have a OMG CAN YOU BELIEVE X?) we have always had (since RHL 4.2 at least) and partially a difference in how people remember and communicate. Trying to come up with a way to make sure we communicate between these two groups **** will be something for the next 6 months.

** I need to update my website. Dear lord that is so 1998 HTML3.

*** I am not going to say whether this is left brained/right brained/front brained/backbrained.. because god I don't know. Has anyone done real high def brainscans to see if there is any orientation. To me without that data it is like saying "Left handed people use Fedora and Right handed people use Ubuntu.. I know this because I am left handed." EG complete malarky.

**** Yes there are people who can think both ways. There are always people who never fit into the simple dichotomies we humans like to make up to simplify our Spherical Chickens.


Why I voted for Spherical Cow

OK I liked it because it was an old physics joke.. actually the version I had dealt with was Spherical Chickens, (the Big Bang Theory used chickens), but the canonical version is cows. The joke as it was told to me many years ago had to do with Centralized Soviet planning and putting physicists in charge of dealing with egg production. The punch line of course being "First we assume a spherical chicken..." at which point any one who has had to deal with Physics realizes how far away it is from the real world and engineering.

I actually hoped my suggestion of Pop Soda would win so that we could bring up Mr Hotdogs long lost friend.. but it would seem it was not to be. But I voted for Spherical Cow because I was worried I would end up with the "Sulphur" release again. I also voted that naming conventions need to be revisited. Out of the list (stolen from Mo):

  1. Yarrow
  2. Tettnang
  3. Heidelberg
  4. Stentz
  5. Bordeaux
  6. Zod
  7. Moonshine
  8. Werewolf
  9. Sulphur
  10. Cambridge
  11. Leonidas
  12. Constantine
  13. Goddard
  14. Laughlin
  15. Lovelock
  16. Verne
  17. Beefy Miracle
  18. Spherical Cow
I can only remember Zod, Werewolf, Constantine, Goddard, Verne and Beefy Miracle.. and out of those releases only Zod and Verne (for its background)  really stick out in my head. I look forward to seeing what the results from the second poll was.


Who is user jetty and why does he have an account on my machine?

As some people can tell, I have installed Fedora 17 on one of my systems at home.

The work laptop (a very nice IBM thinkpad T500) is about dead due to a TSA checkup from last FUDcon and has never been able to handle any of the GNOME-3 updates (I tried Fedora 15 and 16 for a short while but the system would auto-shutdown from heat overload after a bit.)

I had gotten an ASUS laptop for the Christmas of 2010 which had been used to deal with various "Windows" software that was needed for our neighborhood association and for me to play around with Cygwin. I finally decided I had done enough of that for a while, and it was time to play around with Fedora on it to see if how it would run. I had also tried Fedora 15 and Fedora 16 LIVE on the system, but had found it rather flakey in its graphics.. After reading Adam Jacksons and others updates to the X server I figured I should give 17 a go.

Install Trial #1. Since I have to keep the Windows side until my time on the association board is over.. I decided to resize the Windows partitions to fit Fedora on it. I had read that Fedora could do this but found out that this feature was no longer available, or that something with the laptops Windows 7 NTFS was not recognizable. Never fear,  ask.fedoraproject.org had the answer I needed: reboot into Windows and use its built in tools.

Install Trial #2. Install the Beta from the DVD. The install went very well though I wish some of the pages could have been replaced with the ones that will show up in Fedora 18. I went through and customized the packages I had installed so that I would get my evil vice: emacs. Laptop rebooted and firstboot got all my information ready for me. Login showed up and there was user jetty (well actually I missed it at first, but realized it when I could not log in with my password.)

Finally log in as smooge, and tada! Look I have a GNOME3 desktop. System seems pretty zippy and windows are much smoother on this system than when I had used the LIVE images (either on USB or Cdrom).

So who is Jetty? The jetty user comes from my choosing eclipse to install. jetty is a java server that the eclipse-platform package requires. I am guessing there is a packaging bug somewhere that is causing the "user" to show up as a possible login. The reason is


A quick bugzilla 815177 and we have done our minimal testing duty. Now to start learning how to use the Fedora 17 desktop as a new Fedoran would.


Mailman Passwords: How Fedora IT is dealing with them

Fedora uses Mailman software to run its mailing lists which for all its strengths is showing its age. One of its biggest irritants is its password system. Back in the stone age of the 1980's mailing list software was usually dealt with either by archaic email commands to some sort of list server software, or would have to have user changes done by a list administrator (mainly because it might take 8 or so emails to be able to get some versions of the mail software to put you on vacation or change your email to digest, UUCP or whatever.. and it only took 1 email to the list administrator to get it done.)

When the web came around in 1995 or so, various mailing lists added software to allow users to "self-service" themselves without having to try and reach the list administrator. This had great benefits but "griefers" also found it great to unsubscribe people, change their options, etc etc. So the creators of mailman put in passwords to stop this, and because they knew that the first thing people would do is forget the password they put in a monthly reminder email system.

These days those of us with many email subscriptions usually call the first of the month "Happy Mailman Day" as we get multiple emails telling us that we are subscribed to devel@lists.fedoraproject.org and we chose the password "spew-guts-twiggles" as our password in case we want to change some options. Now this is all fine if we don't use spew-guts-twiggles to password protect our bank.. but some people will use the same password in multiple places.

In order to combat this, most mailing lists have the following text:

Your email address:  
Your name (optional):  
You may enter a privacy password below. This provides only mild security, but should prevent others from messing with your subscription. Do not use a valuable password as it will occasionally be emailed back to you in cleartext.
If you choose not to enter a password, one will be automatically generated for you, and it will be sent to you once you've confirmed your subscription. You can always request a mail-back of your password when you edit your personal options. Once a month, your password will be emailed to you as a reminder.  

However as one can guess, this isn't read by many people and password reuse becomes normal. After a bunch of work, Fedora Infrastructure has hopefully fixed it so that password reuse won't happen for mailing lists anymore.

  1. We found all accounts whose mailman password matched their FAS password and we changed those passwords.
  2. We removed the options on the mailman servers to allow for passwords to be set in the first place. It turns out that if we remove those two fields in the file.. mailman will just create a password for you and email that to you instead. [Mailman 3.0 has this as the default and when it is in beta state we will look at upgrading to it. It will also have a some other work that Fedora is helping with but that should be covered by the people doing that work.]
tl;dr. Mailman passwords allowed for a place where passwords could be reused and stored in the clear. Fedora IT has reset passwords we knew were reused and turned off the ability for people to enter in bad passwords again. Further changes will be done as needed.

Steps to install Fedora Linux 17 on a Trim Slice Pro

So you have heard of this ARM thing, but can't wait to get a Raspberry pi to plug into your TV. There are various other models on the market.. and for my first one to try, I got a Trim Slice Pro. Here is a shortened, no frills setup instructions.
  1. Buy a Trim Slice Pro
  2. Wait two weeks for delivery.
  3. Get onto freenode IRC and join #fedora-arm. If things don't work this is where you will need to get help from.
  4. Acquire needed extra parts
    1. An external USB keyboard.
    2. An external USB mouse
    3. A serial crossover cable to another system.
    4. A network cable to plug into your local lan. **
    5. A SD card to do an initial install on. I bought a 32 GB. I recommend staying away from Kennsington
  5. Plug in the system and play around with Ubuntu Natty. For extra fun, do an OS upgrade to 11.10 and brick the system.
  6. Download blc (Brenden Conoboy)'s latest image for the OS.
    1. wget http://blc.fedorapeople.org/fedora-arm/f17/fedora-arm-17-latest-armhfp-trimslice-mmcblk0.img.xz
    2. unxz fedora-arm-17-latest-armhfp-trimslice-mmcblk0.img.xz
  7. Set up SD card (I have a 32 GB card so we will go with the following).
    1. insert card into system.
    2. dd if=fedora-arm-17-latest-armhfp-trimslice-mmcblk0.img of=/dev/mmcblk0
    3. sync; sync;
    4. remove card from system
  8. Power off the trimslice if you had it on before.
  9. Insert card into system and reboot trimslice. The card will need to be inserted upside down versus the way you expect :).
  10. Boot the box.. if you have plugged the disk into a monitor.. you can unplug it now. Currently the nvidia driver is propietary and Fedora does not support it. You will either ssh in or use a serial console.
  11. Look at your router to find out what DHCP and mac address came up. If you can, you can put this into your router for a more static setup later.
  12. either use the serial console or ssh into the box
        ssh root@ # found via router
        Password: fedoraarm
  13. The system will have started the steps to resize the downloaded arm image to disk space. You should do the following and check to see if it worked.
      fdisk -l
    The size of /dev/mmcblk should show that the /dev/mmcblk0p2 is now the size of the disk, but a df will show it not the right size.Time to reboot.
  14. After the 2nd reboot a resizefs should be running in the background and you should have a working system to start installing packages to.

But wait.. what good is a box that has no monitor? Well not much for desktop people.. but for a server it is pretty darn useful. Future articles will show the following:
  • Setup of serial console (I didn't get my crossover cable yet).
  • Setup of nvidia drivers for those who want a desktop more than purity.
  • How to start a kickstarter to pay for a developer to port a free video driver
* I would like to thank Dennis Gilmore, DJ Delorie (of the DOS GCC fame) and Brendan Conoboy for their advice and not throttling me as I was pretty clueless on this adventure.

** I am assuming you have a local network plugin and a DHCP (most router/modems have this built in). I found that the trimslice built in wireless did not work as well as I hoped without an external antenae, and I also found that having a wired connection allowed for you to ssh into the box directly.


Odd Rumour of the Day

So last night, someone came onto #fedora-admin and wanted to know why Fedora had changed all its rpms to remove MP3 during the SOPA debates. They were convinced they had downloaded the DVD's from before then and could play MP3's and afterwords could not.

Now either this was an epic level of trolling or some really large confusion. Either way, to try and set the matter straight there was no MP3 support in Fedora 14,15,16 before SOPA or after. No packages were updated to remove this feature since it wasn't there before.

http://fedoraproject.org/wiki/Installing_the_Fluendo_MP3_plugin for more information on MP3 in Fedora. Now there is the men in black excuse that somehow this is all a redaction from six months ago, but a quick way to check would be to compare the sha sums and GPG signatures of the ISOs with dated archives from multiple non-Fedora sites. Now maybe that would still not prove anything but it should increase assurance that there isn't a massive plot going on.


Posting a blog before it is ready

I started a blog post about trying to improve Customer Support yesterday, thought I had hit Save and instead pressed Publish. As the post was mostly a set of notes for trying to explain a complex problem... it didn't make much sense. Sorry about that.


FUDCon Day -2->1

So I have been at FUDcon the last couple of days, but forgetting to blog as much as I should about things.

Day -2
I had flown in the day before from New Mexico to South Carolina. Nearly didn't as we found that Denver was on a multi hour delay and I would miss my connecting flights somewhere along the way. However SouthWest flight attendants found me an alternative route with 2 plane changes which I made and got to South Carolina. The last 10 minutes were fun as I was watching the clouds outside and seeing a lot of weird colours. However there were no bumps and it looked like the pilot was an ace as he got us down between tornadoes or something. My Dad picked me up and I got to spend my night in the house I grew up in while it rained and howled outside.

Day -1
Woke up to blue skies and low winds, so worked on a couple of things from the house until my Dad said "Are you leaving or not.." Forgot about the 2 hour time difference that my computer wasn't showing me. So we loaded up the car with lots of old equipment that had run Linux back in the day (really one of the boxes was the alternative build box from Red Hat Linux 4.2) Dad and I then went up the back roads from SC and got onto the Interstates without having to drive through Charlotte or some other congested areas.. We got into Blacksburg around 4 o'clock and found the hotel. It is a very nice hotel so we had a steak dinner and sat around talking with various other Fedorans that evening. Got a large hug from Maria 'tatica' which I got a ribbing from my dad on. I can never tell when he is joking still.

Day 0
The weather changed overnight and it got very very cold and windy. Found the conference area, checked in and realized that the dinner from last night had worn out. Bought a bunch of egg mcmuffins from McDonalds and shared them out to people around the meetings. Then sat in on a long meeting with the rest of Fedora Infrastructure about how to make workflows work. It took a while for everyone to get their various says out but I think in the end we have a better idea of what we want to do next week. Went back to the hotel to get the car and some grub, but crashed in a chair and found out it was 3pm. Went back and talked with some more people then met up with Valdis Kletnieks and Russ Herrold after 10+ years of knowing each of them. Had a good dinner with them but Russ's foot was killing him from the weather changes and I needed to fix a bunch of scripts for Dennis. Dad and I brought in the ancient hardware and got lots of ooohs and awes from people  who had not been born when the scsi array had been built. Got started working on the maps when I found that my quiet spot ended up with a lot of Red Hat old-timers.. spent the evening talking and never getting to the items. Went to bed around midnight

Day 1
Slept in a lot later than I expected due to setting the alarm clock for 7pm and not 7am. Went over to the meetings and sat in the end of a couple of barcamps. Talked with Greg dk for a short while but lunch started getting served so I ended up letting him do that (I don't know I guess food is important to people.) Spent some time with Pam Chestek and found out my Dad and her went to competing High Schools. Spent the afternoon working on some scripts and being reminded by Dennis that I needed to fix the maps. The raspberry pi demonstration was full up so I decided to walk dad back to the hotel so we could find some headache medicine for him. He ended up sleeping and I realized I needed to blog about all this. People are headed to FUDpub and such so I will continue in another blog in a bit.