Nahum Shalman

This content can also be found as part of https://github.com/tinkerbell/ipxedust/pull/88 in DifficultHardware.md. Most modern hardware is capable of PXE booting just fine. Sometimes strange combinations of different NIC hardware / firmware connected to specific switches can misbehave. In those situations you might want to

Have you ever run ssh -D 9999 somehost? You might find the rest of this interesting. I'm not going to go into detail for the use cases of why you might want to use a SOCKS proxy with e.g. your web browser, but if, like me, you've ever done

Mission, Technology, Culture, Compensation

A few weeks back I needed to migrate an entire ZFS pool from one machine to another. I used raw send to keep the stream compressed, and I used mbuffer to smooth out the send/receive (see the reference link at the bottom) First, prepare the receiving end by creating

Just a heads-up that I have to migrate my domain off of the JPC and there will probably be a downtime of my blog and other services for an unknown duration (though I'll do my best to keep it as short as possible) to complete the migration. It might also

Motivation There are a lot of blog posts and wiki pages about how to set up Wireguard [https://www.wireguard.com/], but I still had to do a bunch of trial and error to come up with a configuration that worked for me. I have two goals: 1. Secure all

Message from 2018: I was going through my blog post drafts and found this post. I've made few small tweaks to it that seem to be what I was hoping to add before publishing. If you've ever wanted to replace your SSH access to a native branded zone with docker

This is a follow up to my previous post outlining my chromebook setup [https://blog.shalman.org/chromebook-adventures/]. I managed to get IPMItool to compile in my Termux [https://termux.com/] environment. Here's how you can too. (So far I've only been able to get this to work on an

A chromebook you say? I've been in need of a new personal laptop for a while and inspired by this post [https://blog.lessonslearned.org/building-a-more-secure-development-chromebook/] from @kennwhite [https://twitter.com/kennwhite] I decided that I would get a Chromebook. I put a couple of different models on a wishlist

The first VM I wanted to build was OmniOS 014. While the system was able to see a virtio disk, the installer was not, so I did the initial installation on a virtual IDE drive. JSON spec for the installation VM: { "alias": "omnios", "autoboot": "false", "brand": "kvm", "ram": 2048, "vcpus"

I was doing some work [https://github.com/nshalman/python-usdt/pull/6] on my Python bindings for libusdt [https://github.com/nshalman/python-usdt] which reminded me about how annoying it is when DTrace isn't working. The solution (as I noted here [https://github.com/nshalman/python-usdt/issues/4#issuecomment-269641299]) is

If you run an illumos distribution that uses beadm (e.g. OmniOS) in production, you may have run into illumos bug #5943 [https://www.illumos.org/issues/5943]. As you might imagine, we at OmniTI run a lot of OmniOS systems. Recently a machine was being upgraded and on reboot

Someone was asking about this on IRC This is mostly for myself for later: hidden_in_snaps(){ bc -l <<<"( $(zfs list -H -p -o usedsnap ${1}) - $(zfs list -H -p -t snapshot -r -d 1 -o used ${1} | awk 'BEGIN{total=0} {total += $1} END{print total}') ) / 1024

I've been outed on Twitter: > Thanks to some awesome work from @nahumshalman [https://twitter.com/nahumshalman], we'll soon have a PXE bootable #NixOS [https://twitter.com/hashtag/NixOS?src=hash] installer! https://t.co/WHHwP1Bm5i — Charles Strahan (@charlesstrahan) April 21, 2016 [https://twitter.com/charlesstrahan/status/723247337007505408] I've been working

Just a quick note that Mistify is being rebranded as Cerana [http://cerana.org]. I'm busy getting settled into my new team and having a great time. You can be sure I'll either be posting here or at least linking from here over to more information as we achieve interesting