If you actually follow the news, at the time of proposed negotiations Ukrainian army was being pummeled by the rebels. Ceasefire would have allowed the Ukrainian army to break out of the encirclement. As it happened, about 400 Ukrainian soldiers had to drop their weapons and escape into _Russia_. I'm not joking, Ukrainian military personnel had to flee to their enemy, and then Russia simply let them return to Ukraine.
Maybe you're thinking about the earlier "Poroshenko's peace plan"? It was even more ridiculous, that 'plan' called for rebels to put down arms and surrender. In exchange (but without any guarantees) there might have been some nods towards the official status (but not as a state language) of Russian language and some 'decentralization'. Only an idiot would have accepted such a plan, and rebels are most certainly not idiots.
No, it wasn't. The separatist movement is genuine and has popular support. It's very wide in Lugansk and Donetsk, but it is admittedly much smaller in other regions. If you don't believe me, just look at the photos of the East Ukraine during March and April when citizens were blocking off roads to stop tanks, in some cases just like the Tiananmen Man.
There was a chance to get a peaceful resolution, the demands of "separatists" were quite reasonable: federalization and the official Russian language. It looks like even that is not going to be possible, and the best case scenario might be a complete separation.
Here it is: https://www.youtube.com/watch?... - you can see it at 1:11. A bicyclist shows that they're going to turn right and the car 'blacklists' the area left of the bicycle.
You certainly _can_ run ejabberd on any other port. However, lots of clients can only connect through the port 443, so you have to run ejabberd on this port. And it was not possible to setup nginx as a proxy, because ejabberd only pretends to be HTTPS.
Of course, if you control the network of all your clients then you can just use the port 5223 (SSL version).
JFYI, we're using clouds to do lots of computations. So once we get a job, we quickly start tons of instances, do the computation and then stop them. Our PostgreSQL cluster is not restarted, though we sometimes do add and remove read-only replicas to it.
So what are you suggestions, my lord? Ejabberd is able to dynamically add or remove new services, so a static 'open ports and drop privs' is not enough.
Do you remember how to tune your carburettor or patch a punctured tire? No? Hell, lots of people don't even know that their car has sparkplugs, never mind actually changing them. Kids these days...
SSH verifies the identity of both endpoints, and it's impossible to hijack the user's password even in case of MITM. But it's possible to do this if you intercept MySQL port (passwords are sent in the clear) and then you can probably use the gleaned password to do all sorts of bad stuff. Ditto for PostgreSQL.
Detecting this race condition is the hard part. Once you identify it, it's fairly easy to fix it by adding explicit dependencies and/or locking.
The thing is, systemd really solves the root case of race conditions, by not depending on accidents of timing and detecting interdependencies automatically.
It won't start your daemon in parallel, but other services will start just fine. Also, all the other advantages like reliable service isolation are still there.
There are no real reasons to wait for BIND9 to shut down gracefully. Abrupt shutdown might terminate ongoing zone transfers but they'd be resumed once BIND is again started.
But if you have something that should genuinely be restarted gently (like a in-memory database, for example), systemd supports that just fine:
KillMode=none
TimeoutStopSec=0
It's stupid, but you CAN do it just fine. It simply makes no sense to do by default.
You seem to cling to the illusion, don't you? Mother Theresa's charity got _billions_ in donations over its lifetime. More than enough to spend more than $50 million dollars on Mother Theresa's air travels alone. Which could have been enough to buy strong analgesics for those who really needed them (hint: not EVERYBODY in her Homes). And her organization also spent at least tens of millions on anti-abortion and anti-contraception propaganda.
Basically every study that tries to look into the matters in details comes to the same conclusion - she was a fraud and a fanatic. The most recent one: http://www.independent.co.uk/v...
On principle, strong painkillers are even in hard cases not given. According to Mother Teresa's bizarre philosophy, it is "the most beautiful gift for a person that he can participate in the sufferings of Christ". Once she tried to comfort a screaming sufferer: "You are suffering, that means Jesus is kissing you!" The man got furious and screamed back: "Then tell your Jesus to stop kissing."
As for fucking context, she could have worked towards making opiates access easier. She didn't. And read the actual memoirs of sisters in her Homes, where 'joy' meant people screaming their lungs out from pain.
They serve no useful purpose NOW. And even before 2000-s the use of IP addresses for authentication was suspicious - read about Mitnick attack as an example why it was so.
And no, xinetd doesn't solve this problem completely because it's not enough to run stuff like Apache.
Bull-fucking-shit. Painkillers are cheap, she could have easily afforded them for cancer patients. A fentanyl patch costs less than $3 and provides relief for a day. Morphine is even cheaper.
And others in this thread already gave you links to her exact words praising suffering.
Slashdot Mirror
Negotiations under a ceasefire? Yeah, sure.
If you actually follow the news, at the time of proposed negotiations Ukrainian army was being pummeled by the rebels. Ceasefire would have allowed the Ukrainian army to break out of the encirclement. As it happened, about 400 Ukrainian soldiers had to drop their weapons and escape into _Russia_. I'm not joking, Ukrainian military personnel had to flee to their enemy, and then Russia simply let them return to Ukraine.
Maybe you're thinking about the earlier "Poroshenko's peace plan"? It was even more ridiculous, that 'plan' called for rebels to put down arms and surrender. In exchange (but without any guarantees) there might have been some nods towards the official status (but not as a state language) of Russian language and some 'decentralization'. Only an idiot would have accepted such a plan, and rebels are most certainly not idiots.
No, it wasn't. The separatist movement is genuine and has popular support. It's very wide in Lugansk and Donetsk, but it is admittedly much smaller in other regions. If you don't believe me, just look at the photos of the East Ukraine during March and April when citizens were blocking off roads to stop tanks, in some cases just like the Tiananmen Man.
There was a chance to get a peaceful resolution, the demands of "separatists" were quite reasonable: federalization and the official Russian language. It looks like even that is not going to be possible, and the best case scenario might be a complete separation.
Yes, why not? It's certainly possible, since they do it for pedestrians.
Here it is: https://www.youtube.com/watch?... - you can see it at 1:11. A bicyclist shows that they're going to turn right and the car 'blacklists' the area left of the bicycle.
Google cars handle bicyclists and pedestrians just fine. They even understand the bicycle-style hand 'turn signals'.
You certainly _can_ run ejabberd on any other port. However, lots of clients can only connect through the port 443, so you have to run ejabberd on this port. And it was not possible to setup nginx as a proxy, because ejabberd only pretends to be HTTPS.
Of course, if you control the network of all your clients then you can just use the port 5223 (SSL version).
Port 80 for the console and 443 for HTTPS tunneling.
JFYI, we're using clouds to do lots of computations. So once we get a job, we quickly start tons of instances, do the computation and then stop them. Our PostgreSQL cluster is not restarted, though we sometimes do add and remove read-only replicas to it.
So what are you suggestions, my lord? Ejabberd is able to dynamically add or remove new services, so a static 'open ports and drop privs' is not enough.
Classic cars still have them. Do you know how to tune them? No?
And this is bad exactly why?
Do you remember how to tune your carburettor or patch a punctured tire? No? Hell, lots of people don't even know that their car has sparkplugs, never mind actually changing them. Kids these days...
Yeah, really? How about Forbes: http://www.forbes.com/2010/08/...
SSH verifies the identity of both endpoints, and it's impossible to hijack the user's password even in case of MITM. But it's possible to do this if you intercept MySQL port (passwords are sent in the clear) and then you can probably use the gleaned password to do all sorts of bad stuff. Ditto for PostgreSQL.
Detecting this race condition is the hard part. Once you identify it, it's fairly easy to fix it by adding explicit dependencies and/or locking.
The thing is, systemd really solves the root case of race conditions, by not depending on accidents of timing and detecting interdependencies automatically.
It won't start your daemon in parallel, but other services will start just fine. Also, all the other advantages like reliable service isolation are still there.
How? Systemd can start stuff in parallel because it can do automount and create sockets before the service is actually started. Automatically.
But if you have something that should genuinely be restarted gently (like a in-memory database, for example), systemd supports that just fine:
KillMode=none
TimeoutStopSec=0
It's stupid, but you CAN do it just fine. It simply makes no sense to do by default.
Oh, and if Slate is not enough for you, here's Forbes: http://www.forbes.com/2010/08/... It's even more damning.
You seem to cling to the illusion, don't you? Mother Theresa's charity got _billions_ in donations over its lifetime. More than enough to spend more than $50 million dollars on Mother Theresa's air travels alone. Which could have been enough to buy strong analgesics for those who really needed them (hint: not EVERYBODY in her Homes). And her organization also spent at least tens of millions on anti-abortion and anti-contraception propaganda.
Basically every study that tries to look into the matters in details comes to the same conclusion - she was a fraud and a fanatic. The most recent one: http://www.independent.co.uk/v...
On principle, strong painkillers are even in hard cases not given. According to Mother Teresa's bizarre philosophy, it is "the most beautiful gift for a person that he can participate in the sufferings of Christ". Once she tried to comfort a screaming sufferer: "You are suffering, that means Jesus is kissing you!" The man got furious and screamed back: "Then tell your Jesus to stop kissing."
There is a plenty of evidence ( http://en.wikipedia.org/wiki/C... ). And she REPEATED that quote several times, it's not disputed.
As for fucking context, she could have worked towards making opiates access easier. She didn't. And read the actual memoirs of sisters in her Homes, where 'joy' meant people screaming their lungs out from pain.
What are the 'system services' you're speaking of and what makes them special?
They serve no useful purpose NOW. And even before 2000-s the use of IP addresses for authentication was suspicious - read about Mitnick attack as an example why it was so.
And no, xinetd doesn't solve this problem completely because it's not enough to run stuff like Apache.
Bull-fucking-shit. Painkillers are cheap, she could have easily afforded them for cancer patients. A fentanyl patch costs less than $3 and provides relief for a day. Morphine is even cheaper.
And others in this thread already gave you links to her exact words praising suffering.
Basically, she enjoyed inflicting pain on other people by denying access to painkillers. All while living quite a cushy life herself.