evan klitzke's musings on music, computers, and life

An Important Difference Between mysql(1) and MySQLdb


I keep forgetting about this thing, and then every six to twelve months when I have to do it again, I waste a bunch of time rediscovering it. It's important enough that I'm going to blog it.

If you're used to using PostgreSQL, you'll know that with Postgres you can connect over the local AF_UNIX socket using peer authentication. This means that as the evan user I can automagically connect to the evan database without a password. Likewise, to become the Postgres superuser, I simply need to do sudo -u postgres psql. This works using some magic related to either SO_PEERCRED or SCM_CREDENTIALS which let you securely get the credentials of the other end of a connected AF_UNIX socket.

MySQL also has a local AF_UNIX socket, and you can use this socket to make connections to MySQL. This is pretty handy, and for many reasons you may prefer to connect to MySQL over the local socket rather than using a TCP connection to localhost.

However, MySQL does not do the peer authentication thing. It doesn't matter if you're the root user connecting over a local socket. If the root user is configured to require a password (which is what I strongly recommend), then you must supply a password, even if you have sudo privileges on the host.

Fortunately, there's an easy workaround here that prevents you from having to type the root password all the time if you're doing a lot of MySQL administration. When you use the mysql CLI program, it will look for a file called ~/.my.cnf and use it to look up various connection settings. In particular, in this file you can set a default user and password. So let's say you've done this nice thing and made a file called /root/.my.cnf that has the root user's MySQL credentials, and you have the file set to mode 600 and all that and everything is great. You can type sudo mysql and you won't have to supply the root MySQL password (just possibly the root sudo password).

Here is a really important thing to know: the behavior of reading ~/.my.cnf is something that the mysql CLI program implements, it is not something implemented by libmysqlclient.so!

What that means is that when you are writing some script to frob MySQL using Python and MySQLdb, this will not work:

conn = MySQLdb.connect(unix_socket='/run/mysqld/mysql.sock',

You might think that if you ran this script as the root user, it could authenticate. Not so. Instead what you want is this:

conn = MySQLdb.connect(unix_socket='/run/mysqld/mysql.sock',

By the way, using the read_default_file option like this is definitely the best way to authenticate to MySQL from Python in general. You should not be putting database passwords in your Python projects---neither in your source code, nor in your project configs. By using a file in the filesystem like this you can move all of the database credentials into Puppet/Chef/whatever and secure the files so that most users can't read them. It may not seem like a big win today, but a few years later, when you're given the task of auditing everything for passwords, knowing that passwords have only lived in your configuration management software is going to help a lot.

How To Be An Urban Cyclist—Part 1


This blog series is going to explain to my advice on being an urban cyclist. The difficulty I've seen with other people is that while a lot of people know how to ride a bike, they may not feel comfortable riding in heavy traffic, on poorly paved roads, or in poorly lit ares. These posts are based on my experience the last six or seven years of my life cycling mostly around Berkeley, Oakland, San Francisco, and Los Angeles.

The first post in the series will cover what kind of bicycle I recommend, and what kind of gear you need to ride.

First you should have a well maintained bicycle. If you're buying a new bicycle, I strongly recommend getting a road bike with drop bars rather than a cheapo mountain bike. Road bikes are simply a lot faster, and if you don't feel fast you're not going to want to bike. There's nothing more frustrating than seeing people whiz by you on their bikes while you're struggling on yours. Simply put: if you don't feel good on your bike, you're not going to use it.

You can get a decent used steel frame bicycle in the Bay Area for $500-$600 or cheaper, depending on exactly what size frame you need, what type of components you want, etc. If you live elsewhere, you can probably get one cheaper. A decent new road bike will be something like $1000 or more if you want to get really fancy. If you're buying a new bike, I'm a big fan of Surly Bikes, but there's nothing wrong with getting a used bike. If you get a used bike, make sure you ride it and test that it can shift smoothly and brake quickly.

You should get and wear a helmet. You'll easily exceed speeds of 20 mph on your bike, and even in dense urban areas cars frequently exceedp speeds of 30 mph or more. For a comparison, falling off the top of a two story building entails an impact of about 20 mph. At 20 mph, much less at higher speeds, you can very easily die in a head on collision.

Next, make absolutely sure that you have both a front and rear light if you're going to light in any kind of low light conditions. Riding in the dark without a light is incredibly dangerous, because you'll be moving quickly, be hard to see, and be making very little noise. I like the silicone lights that don't require any mounting gear that you can put on and off your bike really easily (mine are "Snugg" brand and cost $15 for a pair on Amazon). These are great for riding around and being seen. However, they're not going to illuminate the road in front of you. If you plan on biking in really dark areas you'll want a bigger/brighter clip on light—I'd recommend the ones that are 1 watt or higher power output (most of the ones in the store will be 0.5 watts, which isn't ideal). Make sure you always remove your lights when locking your bike outdoors.

For locks, at the minimum you need a U-lock and cable lock.[1] The U-lock will lock your rear wheel and frame, the cable will lock your front wheel. Note that all of the cables you buy can be cut fairly easily (in a few minutes perhaps); the point of the cable is to deter someone from stealing the front wheel (which is fairly cheap), the U-lock is what will actually be securing your frame. I highly recommend the 5" Mini Kryptonite U-Lock. The 5" locks are not only the smallest ones, but they're also the most secure. U-locks can be easily broken by someone with a jack, if there's enough space to get the jack in between the bars of the lock to bend it. The 5" locks don't admit enough space for someone with a jack to get a hold on the lock. However, you'll really need an adequate rack to lock your bike with a 5" lock. For instance, it's generally not possible to lock your bike to a parking meter with a 5" lock whereas you can with a larger size. When you lock your bike, you need to place the U-lock so that it secures the rear wheel through the rear triangle of the bike. You generally should not directly lock the frame. By locking the rear wheel through the rear triangle, the U-lock is actually going through both the frame and the rear wheel (although it may not look like it!). The cable loops through the front-wheel and back around the U-lock.

In areas with high rates of bike theft, such as San Francisco, you'll need some way to secure your seat as well. I biked and locked my bike outdoors for years in Berkeley, Oakland, and Los Angeles and never had a problem with seat theft. As soon as I started biking in San Francisco, I got my seat stolen twice in the course of a month (both times having left the bike alone for less than an hour). So whether or not you need this really depends on where you live. Bike stores will sell special locks for seats. You can keep the lock on the seat all of the time because you'll only need to remove it in the rare situations when you need to adjust the seat height. If you don't like the look of a seat lock, or want to spend less money, you can also try securing the seat post bolt by using security bolts or hot gluing a BB into the bolt head.

If you're going to ride in the rain, I strongly recommend a detachable rear fender. Otherwise you're going to get a muddy butt. I've never found a front fender to be necessary; if it's rainy enough to need one, you're going to get drenched anyway.

[1] If you have security bolts for your front wheel, you can probably omit buying and carrying a cable lock.

Apollo Brown—Thirty Eight


This album is sick.

On Not Having A LinkedIn Account


I don't have a LinkedIn account, which some people find to be a bit strange. I'd like to talk a bit about that.

As a software engineer with an awesome job, I really do not need a constant barrage of recruiter spam. Here are the specifics:

My experience with LinkedIn is I'd get a torrential inflow of recruiter spam (i.e. "Join our HOT VC-backed stealth startup!!!") that wasn't useful to me at all.

Worse, I found that some people would "stalk" me on LinkedIn before coming in for job interviews. As in, I'd go in to a job interview, and someone would mention something about my past that they had looked up on LinkedIn. This has happened once with my Twitter account too, which is even creepier.

Since LinkedIn provides no value to me and is yet-another-way-to-track-me, I don't have an account with them. EZPZ.

Jaylib—Champion Sound


Today I was relistening to Champion Sound by the J Dilla/Madlib collaboration project known as Jaylib. This is one of my favorite albums of all time, and something that has been somewhere on my heavy rotation pretty much since I discovered the album a number of years ago.

J Dilla and Madlib are two of the dopest hip hop producers of all time. They major shortcoming I'd say of both of them is that a lot of their material can be kind of out there and experimental (especially Madlib). This is great for the hardcore enthusiast, but makes some of their music less accessible. However, this album in general does a really great job of reigning in the experimental stuff and providing a nice balance between being extremely accessible and being sonically innovative.

The thing that makes this album really interesting is that both J Dilla and Madlib are primarily producers. So having them emcee on tracks is really awesome. It would have been easy to come out with an instrumental only collaboration, but the format they chose is a lot more interesting and the album benefits as a result.

Some of these tracks are real bangers. The Red is one of my favorite tracks of all time; and by the way, be sure to check out the original version of the song. Jaylib's alter ego Quasimoto makes apperances on some tracks like React and Strip Club. And there's some hard shit on this album too. The track Strapped featuring Guilty Simpson is one of my favorite hardcore gangsta hip hop tracks. His opening verse:

I sit on the end at the movies and let my feet stick out
Any nigga with a problem get his teeth chipped out

is incredibly vivid and one of my favorite hip hop verses. The track Nowadayz also has some really great and imaginative verses as well:

Nowadays your boy probably tryin to hit your girl
While you tryin to work to buy the ho diamonds and pearls
Fo' sho'~! It goes down like the girl on her knees
Tryin to please every nizzle gettin drunk smokin trees
While you 9 to 5, 'bout to 25 to life it
That ho on some sheist shit, cause you find out how trife it's
The way it is, all she wanna do is swallow kids

Another thing I really like on this album is the incredibly interesting samples used. I particularly like the Hindi wailing on the titular track Champion Sound.

Anyway, check this thing out if you haven't heard it. It has the Evan Seal Of Approval.

Final Conflict—Ashes To Ashes


I was recently turned on to Final Conflict's seminal album Ashes To Ashes from this Pitchfork album review. The album review made the album sound awesome, and I'm pretty into some of the other acts from the 80's LA/OC hardcore scene (e.g. Black Flag, TSOL, Adolescents), so I had to check it out.

Put simply, this album is fucking great. I personally have a strong preference for the hardcore sound (i.e. compared to thrash/black/heavy metal) because that's the shit I grew up on, so even though the whole scene was a bit before my time I get nostalgic for it. That said, there are some pretty prominent metal influences in this album that clearly place the album in the late 80s. For instance, the track Abolish Police features some awesome wailing guitar sections not as common in the earlier hardcore stuff (but seen for example in the later Black Flag material). Some of the tracks like Shattered Mirror strongly evoke the sound of some other LA/OC acts like TSOL or Adolescents; in particular, this track reminds me of some of the tracks from the Adolescents' debut album. There are some awesome samples of Reagan-era political speeches on tracks like Political Glory and The Last Sunrise.

tl;dr if you're into hardcore stuff, check this album out.



I added an RSS feed to this "blog", again using Python's excellent lxml module. This ended up being really convenient because of the way I was already using lxml to generate the articles from markdown. There's a method .text_content() on the lxml html nodes, so I can already take the marked up article content and extract the text content from it. Thus, the generator script (lovingly called generate.py) ends up being a thin wrapper that generates HTML from the markdown files, then does some element tree gymnastics, and magically out of this comes an HTML element tree that's rendered as the blog content itself, and an RSS element tree.

tl;dr magic happens and then blog.

Cloud Nothings—Attack On Memory


Right now this album is my favorite thing. Especially the first two tracks, holy shit.



Those of you who know me well know that while my music interests are varied, lately (as in, the past few years) I've mostly been listening to hip hop music. I wanted to do a review of a new album I've been really into lately that isn't a hip hop album. That album is Sunbather by Deafheaven.

I found this album somehow by stumbling across links on Pitchfork. I think I was checking out some bands I had found on Vimeo, and a Deafheaven link came up at the bottom of one of the pages. Anyway, I saw the Pitchfork album review, saw that it was rated well and read the album description, and I decided to check out the album. It's an incredibly easy album to get into because the opening track, Dream House, is so powerful. It's very atmospheric with fast-paced guitars and percussion, and very emotive-but-subdued "screamo" vocals. The next track, Irresistible, blends in perfectly with the first track and provides a really nice contrast; it is a very melodic entirely instrumental track. The album generally follows this pattern of a long black metal/emo/screamo track usually followed by a shorter more melodic track.

I can't really do the full album review the same justice as the experts can, so I refer you to the already linked Pitchfork review, as well as The Needle Drop's album review.

What I really love about this album is how accessible and melodic it is, and yet how emotive and powerful a lot of the tracks are. I don't listen to a lot of black metal (which is I guess how the band labels themselves), and I think black metal is generally a somewhat inaccessible genre for outsiders. Yet I was able to pick this album up really easily. This may because the album is non-traditional to the genre, but I like it.

I'm especially excited because I'm attending the Pitchfork Music Festival in July, and I found out (having already bought tickets) that Deafheaven will be performing there. I'm looking forward to seeing them live!

Hello World


I made a simple static site generator for my new blog incarnation. The generator works using Markdown and lxml to generate sites. I am not using any normal templating tools like jinja or mustache.

Since I think it's kind of interesting, articles are structured as separate files in a directory, and an article itself looks like this:

metadata, e.g. the article date
more metadata

blog content starts here

In other words, there is a preamble section of metadata, a blank line, and then the actual markdown text. I parse the metadata, generate HTML using the Python markdown module, and then transform that into an lxml element tree. The lxml element tree is munged to insert the metadata (e.g. the article date).

I decided on this format because

Mostly I intend on using this space to talk about music, bicycles, computers, life, work, and all of that good stuff.