Printing is evil!

Is there an admin anywhere in the world who likes printing?  I seriously doubt it.  As much as I appreciate having hard copy of some things, I wouldn’t shed a tear if the oft-predicted “paperless office” were to arrive.  Recently, I encountered an odd printing problem that took the help of two colleagues to figure out.

A few weeks ago, one of our faculty sent in a trouble ticket saying that she couldn’t print from her Linux machines anymore.  Naturally, I assumed it was either user error or some config file had inadvertently been changed, so I hopped on to the box to see if I could reproduce the problem.  Nope, everything worked fine for me.  Since it was happening for her on multiple machines and not for me on the same machines, I figured it had to be an account-specific problem.

The first thing I did was to check her home directory quota.  I’ve found that’s generally a good place to start when there are account-specific problems.  Sure enough, I see that she’s nearly at quota.  Problem solved, I think, as I tell her to clear out some space and see if that fixes the problem.  Unfortunately, the problem persisted.  Okay, so the next step is to have her send the output of `printenv`.  Aha!  Her PRINTER variable is set to a printer which no longer exists.  I tell her to unset it and use `lpstat -a` to get a list of available printers.  Surely that will solve the problem.

Once again, my hopes are crushed.  She tells me that lpstat gives “get-printers failed: client-error-bad-request”.  What?  That doesn’t make any sense.  The client is obviously configured correctly because it works for me.  The server doesn’t care about accounts, it’ll print anything sent to it.  So what could be the problem?  I know slightly more than nothing about programming, but I figure I’ll ask her to run strace.  Maybe the output will be helpful, and if nothing else, it makes it look like I’m doing something.

So I compared her strace output with mine.  Line after line after line after painful line match (or close enough), and I’m about to give up, so I ask a friend for help.  He recruits his office mate, who notices one small difference.  She’s using the iso-8859-1 charset, while I’m using UTF-8.  So we poke around some more.  In our environment, the default value for $LANG is en_US.utf-8.  Hers was set to just en_US.  Well it turns out that at some point (apparently) CUPS decided that UTF-8 was the only charset that was going to be supported, so when we did our CUPS upgrade recently (the last install of CUPS was done in 2004!) it broke her printing.  So the simple fix was to change the first line in /usr/share/locale/en_US/cups_en_US to “utf-8”.  Tadaa!  And it only took a week to figure out.

At least it wasn’t a specific file causing a paper jam every time.

Hooray for vendors!

I’m too low on the food chain to get wooed by vendors very often, so when I saw that VMWare was coming to campus and that lunch would be provided, I jumped all over that.  Not only did I get lunch, but I also got breakfast, a USB mouse (with retractable cord!), and a notepad complete with biodegradable pen!  Well that’s great and all, but what’s even better is the knowledge they gave me.

I’ve used VMWare’s desktopy products: Player, Workstation, and Server.  Useful products, especially Server because it’s free.  I only have a few servers in my department, so I don’t have need for enterprise products.  A few test VMs to play with are all I really need — or so I thought.  After seeing the power of ESX, I’m starting to reconsider.  With VMWare ESX, I could combine pretty much everything onto two beefy servers and never have to worry about hardware problems.  If I have a hardware problem, I’ll just let ESX’s High Availability services take care of it.

Of course, it would be hard to justify the hardware expenses — I can’t even convince my boss to pony up the 2k to pay for my Solaris training.  If I could start from scratch, though, that would be the way to go.  Also, I like getting free stuff.

Nugget Night update — 1 kilonugget!

Well friends, 22 night of effort have paid off.  On Saturday, I officially crossed the one kilonugget mark for 2008.  That is a lot of dead chicken.  Dead, battered, juicy chicken dunked in sauce.  Yum.  I’m also a mere eight months away from 50 straight Nugget Nights.  I’ve already decided that if my schedule permits me to reach that mark, I may very well skip a night.  I need to give Chick-Fil-A a chance to restock…

http://www.funnelfiasco.com/ben/cfa.html

Securing your SSH keys

My ones of readers may recall that I’ve mentioned “Standalone Sysadmin” by Matt Simmons as one of my favorite blogs.  On Friday, he published a great introduction to SSH keys.  He covered how to set up keys and use them.  One aspect that deserves further coverage, though, is securing your keys.  Sure, a good passphrase will do a lot to keep your key from being used by the bad guys.  But what happens if you have a phraseless key?  It’s a bad idea for interactive use, but for automated tasks, it is nearly a requirement (unless you manually start the SSH agent).  So how can you minimize your risk? Continue reading