Month: November 2007

More About Living in Hotels

In the past I have spent about 18 months living in hotels with a couple of months of breaks in between. I have previously written about it in terms of living in London hotels [1], but I have been asked for more generic advice. Firstly the amount of possessions that you may have when living […]


Restorecon Equivalent for Unix Permissions

SE Linux has a utility named restorecon to set (or reset) the security context. This is useful for many reasons, corrupted filesystems, users removing files or changing the context in inappropriate ways, and for re-creating files from tar files or backup programs that don’t restore SE Linux contexts. It can also be used to report […]


SecureCon Lecture

On Thursday at Secure Con [1] I gave a lecture about SE Linux that went according to plan, and they gave me a nice bottle of Penfolds Shiraz afterwards (thanks to the sponsors). During my lecture I announced my plan to run the hands-on training session over the net. The idea is that the Debian […]


SecureCon Tutorial

My SecureCon tutorial went quite badly today. After having network problems and having both the Xen servers crash for no apparent reason I had to give up and give an impromptu lecture. The original plan had been to use two Xen servers which each had 15 instances and have the delegates go through a training […]


Xen for Training

I’m setting up a training environment based on Xen. The configuration will probably be of use to some people so I’m including it below the fold. Please let me know if you have any ideas for improvements. The interface for the user has the following documentation: sudo -u root xen-manage create centos|debian [permissive] Create an […]

Security Virtualisation

Squid and SE Linux

Is Squid not returning some data you need on a SE Linux system? The default configuration of the SE Linux policy for Squid only allows it to connect to a small number of ports which are used for web servers. For example ports http (80) and https (443) are labelled as http_port_t which permits serves […]


Increasing Efficiency through Less Work

I have just read an interesting article titled Why Crunch Mode Doesn’t Work [1] which documents the research on efficiency vs amount of time spent working (and by inference amount of time spent on leisure activities and sleep). It shows that a 40 hour working week was chosen by people who run factories (such as […]


Load Average

Other Unix systems apparently calculate the load average differently to Linux. According to the Wikipedia page about Load(computing) [1] most Unix systems calculate it based on the average number of processes that are using a CPU or available for scheduling on a CPU while Linux also includes the count of processes that are blocked on […]