As my kids are starting to want to "look for things on the internet", I started caring about what they might accidentally stumble onto, even in an appropriately supervised context.

I had vaguely heard about OpenDNS for some time, but had not really paid much attention to it. A few relatively recent articles on using it to make an internet connection somewhat more "family-friendly" caught my attention, and I finally signed up for a free account to try it out.

I have a local caching bind which forwarded to the nameservers that TWC provides to me (and to which I redirect all outgoing nameserver traffic via firewall rules), and I really haven't noticed nameservice being slow, so the "speed up your internet" advertising from OpenDNS wasn't ringing true. But the ability to filter out the worst of the sites dedicated to things that I think don't have a place in my home was interesting. So I signed up for a free account, changed a few lines in my bind configuration, and packaged and installed ddclient according to OpenDNS's instructions so that OpenDNS will continue to associate my home network with my home network settings on those rare occasions when my IP changes.

We weren't seeing lots of questionable content before the switch, so the fact that we've seen a total of two sites blocked since we signed up for the service is fine. It says that I can establish what I think are reasonable controls and it won't get in the way of normal activities.

Purely because I appreciate the service (I don't really care very much about saving statistics for longer), I signed up for a paid account. This service seems to me to be worth the $9.95/year.

A few days ago, OpenDNS rolled out a new free service called FamilyShield -- you can use a pre-configured set of filters without setting up any account at all merely by using 208.67.222.123 and 208.67.220.123 as your DNS servers (they include detailed instructions for how to do this on many different OS variants). This is exactly the same thing you'd get by signing up for their service and enabling the same set of filters for your account, so it's easy enough to upgrade to their free service if you want to customize the filters -- you just sign up for a free account, change the IP address you use for the resolvers, choose the filters you want, associate your IP address with your account, and (if you, like most people, have a dynamic IP) set up one of the many dynamic DNS clients available (they list several) to keep that association up to date.

I'm just a satisfied customer.

Conary 2.1.19 is a maintenance release.

• added --disconnected option as an advanced option for updates (CNY-3105)
• conary q --path /dir/ (with the ending /) now displays the owners of all files in /dir. The list of files is sorted before the owning troves are looked up. (CNY-610)
• The Requires policy can now take an removeFlagsByDependencyClass keyword argument to customize the set of flags to match platform behavior. (CNY-3443)

• Walking troves on the local system no longer walks implied linkages (CNY-3440)
• sizeOverride metadata has no any effect if it is set to zero. (CNY-3441)
• cvc now adds recipes as text files even if --binary is specified. (CNY-3200)
• RPM kernel deps now include the symbol hash if it is defined within the RPM. (CNY-3442)

Conary 2.1.18 is a maintenance release.

• An optimization introduced in Conary 2.1.0 (CNY-3282) caused filter expressions using tuples to express required or forbidden file mode bits at build time. This regression has been fixed. (CNY-3437)
• sizeOverride metadata is now never copied when a new version of a trove is created. (CNY-3438)
• addCapsule now fails with a clear error when the same file is added multiple times.

• When looking for an LGPL libelf, the Conary build process wil now look for either "Library" or "Lesser" in the name of the license, and will consider /usr/include/libelf.h as a candidate LGPL header.
• transport.URLOpener now shares no_proxy support with the lookaside cache.

Conary 2.1.17 is a maintenance release.

• Added a new option to the mirror configuration, matchTroveSpecs which is a list of regular expressions that are matched against full troveSpecs in order to select which troves will be mirrored. (CNY-3334)
• The addCapsule source action now takes a ignoreAllConflictingTimes boolean argument which causes it to not raise errors when overlapping paths otherwise allowed have conflicting mtimes. (CNY-3415)
• Made conary.lib.magic more resiliant to errors that show up only with certain implementations of libelf. (CNY-3430)

• Output text for the conary update command has been changed to more clearly describe dependency resolution problems. (CNY-3154)
• Shared library RPATH entries with a double leading slash (//) no longer cause paths to be recorded in soname dependencies in certain circumstances. (CNY-3425)
• Allow RPM packages to create /etc/passwd and /etc/group properly, even if the files already exist (due to a info- package, for example) (CNY-3428)
• Running Conary updates in single-threaded mode correctly execute group trove scripts. (CNY-3431)
• Size stored in troveInfo now excludes any capsules (CNY-3432)
• The sizeOverride metadata field can be used to override the reported total file size of a trove. (CNY-3432)

• Combined TroveCache and TroveCacheWrapper objects in build code.

rBuild 1.2.4 is a maintenance release.

• The "rbuild checkout" command now takes a "--factory=" option. Also, when checking out a package with a name that starts with "factory-" it is automatically set to be a factory. (RBLD-125)
• rBuild now logs all its actions and outputs to a .rbuild/log file either in the checkout (where possible) or under $HOME (otherwise). (RBLD-225)

• The "rbuild checkout --derive" command has been changed to match Conary changes, and will now work only with Conary 2.1.16 or later. (CNY-3348)