You’ve waited long enough.

more…

To those who follow this blog for details about Sam, this post isn’t for you.

So, today at work, a co-worker sends an email saying that ‘ps’ is segfaulting whenever it’s run.  This is usually a very bad sign (since it frequently means that you’ve been hacked, and a rootkit has been installed).  So I start digging around.

Top runs just fine.  Shows everything that’s running.  I check the md5sum of the ps binary against another machine (presumed to be good), and notice that it’s different… oh boy… that’s a really bad sign.  Oh, and the rpm database is corrupted beyond repair.

So I start checking the md5sums of lots of other binaries in /bin, /sbin, /usr/bin and /usr/sbin, etc.  And LOTS of binaries have different… so many that it takes me quite a while to find one that ISN’T different… even /bin/true is different, I mean /bin/true???

So, I find three freshly installed boxes, and do the md5sum trick against all their binaries, and I find that of the 4200ish binaries out there, 27ooish of them have different md5sums from the same binary on a different host… but the RPM database swears up and down that the checksums are right.

Turns out that RedHat in their infinate wisdom has turned on the prelinker.  This shoves each library into a randomized place in the virtual memory, and modifies the binaries in place so that they know where these libraries are.  This is done for two reasons: 1) since the binary has a cashed clue as to where the libary lives in virtual memory, it’s much faster to load it. 2) This also is a nice layer of defence against buffer overflows… they’re somewhat harder to exploit if the bits of memory you want to overflow into are randomized.

Somehow, in ways that I don’t understand as yet, the prelinker also informs the RPM database of the changed checksum and ‘rpm -V’ doesn’t complain about them, but tripwire would (if you’re using tripwire).

The prelinker is actually an interesting idea, but the problem is that it violates a key assumption most sysadmin’s will have about the OS, which is ‘take a system binary (say ‘/usr/bin/find’ for example) and compare the md5sum of it between two machines of identical patch level, and we’d assume the md5sum would be equal for them’.  This assumption lies at the heart of how tripwire works.  It also would force you to have seperate tripwire read-only media per host you have installed.  Oh, and you need to update that read-only memory every 14 days by default, because prelink changes the randomized locations every 14 days (and therefore re-writes the binaries).

GAH.

But on the plus side, all three Unix admins learned something new today, which doesn’t happen very often.

This affects RedHat AS 4 and 5 and ES 4 and 5 (And CentOS and Oracle Unbreakable Linux).

Since I know a couple of people who’d like them…

more…

Now that some of you have your “Sam” fix, I can get back to our cooking experiments.  When I last wrote we were discussing The Dutch Oven Cookbook.  We have done a few more recipes for the book, and here they are.

Maple-Glazed Roasted Root Vegetables

This recipe ROCKED!  We have made it several times and maybe tweeked it just a bit.  We were introduced to a new spice called Garam Masala.  Those of you who cook indian food will recongnize it.   We actually added a little bit of hot sauce to this just to round out the flavor a little bit.  The original recipe follows.

1 medium sweet potato, peeled and cubed
2 medium parsnips, peeled, halved, and cut at an anle in 1-inch slices
2 medium turnips, peeled and stemmed
2 large carrots, peeled and stemmed
4 large shallots, peeled, stemmed, and halved
3 Tbsp Olive Oil
3 Tbsp Maple Syrup
3 Tbsp Brown suger
1/2 tsp of grated Nutmeg
1 tsp of garam masala
Salt and Pepper to taste

Preheat oven to 400 F

In a small bowl combine the olive oil, maple syrup, brown sugar, nutmeg, garam masala, salt, and pepper.  Pour the mixture over the root vegetable that are combined in a 5 1/2 quart dutch oven.  Roast uncovered for 30 minutes or until fork tender.

Now we did ours in a 9×13 pyrex pan and found that we needed to roast it for an hour or so before the vegies were tender.  We also added a little hot sauce to the wet mixture the second time we made this, and it did improve the flavor for us.

Here are some more pictures…

more…

More pictures after the break…

more…

didn’t have much basketball, but we did take some pictures….

more…

Flank Steak is cheap, and we can get at least two meals out of one piece, so it’s a great thing to play with.  That, and if you do it well, you’re in for a tasty hunk-o-beast.

Marinade:
~6oz Soy Sauce
~2oz Lemon Juice
1 teaspoon minced garlic
Some other spices to taste, but not much, and not cumin.

1 Flank steak ~2-3 lbs
~2 tablespoon whole cumin
3-4 pinches of a course salt

Mix up the marinade. Put the flank steak into a zip-top bag, add the marinade, remove as much air as you can, and park in the refrigerator for at least 1 hour.

Take the flank steak out of the marinade, place on a cutting board, lightly salt the side facing up, and then put half the cumin on the steak. This should be a pretty hefty coating of whole cumin, but you should still see the steak. Also, the cumin shouldn’t be piled up on itself. Pat it down, and then repeat the salt and whole cumin on the other side.

Heat a skillet over medium-high heat. Once up to temp, place the steak in the skillet, and cook for 4-5 minutes. Flip the steak, cook for another 4-5 minutes, and then place the steak in aluminum foil to rest for 5 minutes.

Cut long and thin strips, against the grain, and if possible, on the bias. Serve 3-4 strips to a serving and enjoy.

Both Sandra and I are foodies, and I got somewhat inspired by Brandy’s Foodie blog, so I’ll throw this out there:

Inspired Pork Marinade:

3 cups Orange Juice
1 Cup Soy sauce
1 tablespoon heaping of minced garlic (3-4 cloves)
1 tablespoon of cumin
1 tablespoon salt
1 tablespoon of Garam Masalla (not required, but nice)
1 Pork tenderloin (~3lbs)

I put all the marinade ingredients together into a large measuring cup usually and ideally, you stash that in the fridge for an hour or two to let the flavors marry. Two to three hours before cook time, you take out the pork and cut it into 1″ medallions. I usually put these (1 layer deep) into two 9×6 pyrex dishes with lids.  Cover with the marinade, put the lids on, and place in the fridge until cook time.

Cooking is easy… take a heavy skillet (This is one of the few times you should NOT use cast-iron… the acid in the orange juice will damage the cure) over medium-high heat, put 5-6 of the medallions in, and cook for 1 and a half to two minutes on each side.  Aim for medium rare (Modern pigs are safe to eat this way… 20-30 years ago? Not so much).

Every time I’ve made this, I’ve gotten rave reviews.  I’ll sometimes mess with the spices somewhat… cumin is always there, Garam Masalla is a new favorite, paprika (smoked if you’ve got it) is good, adding a few squirts of Chulua hot sauce is not a bad idea either.

<cough> mom… <cough>

more…