Monday, November 30, 2009

Convenience, or the lack thereof

Frozen convenience foods are great for when you need food and you don't really feel like cooking. They shouldn't be consumed with great regularity due to their general lack of regard for nutrition, but they're good to have around. I'm thinking primarily skillet meals here. We keep a few skillet meals in the freezer as "emergency meals" to be cooked when nobody really feels like doing actual cooking.

We've been stocking the Stouffer's skillet meals, which are really easy to make. Get out your skillet, add contents of the bag, heat according to directions, then serve and eat. It doesn't need to be any more complicated than that, right?

Well, TGI Friday's thinks it should be more complex.

We've been ignoring the TGI Friday's skillet meals because they're more expensive and they have fewer varieties. But a few days ago we were given one (story largely irrelevant) and decided to make it.

Open up its bag and what do you have? Several smaller bags. There's a bag of sauce that needs to be thawed in a bowl of warm water, and bags for other individual ingredients, generally separating the meat from everything else. The directions say "Easy as 1-2-3!" but closer inspection reveals that their three steps are made up of sub-steps as you heat one part, then add the others in.

Portion-wise, the TGI Friday's skillet meals have smaller servings than the Stouffer's ones. They also generate a lot more trash, as you have to throw out all of the bags that were in the main bag, in addition to the main bag itself. With the Stouffer's ones, you only have one bag to toss out when you're done.

I like TGI Friday's as a restaurant. I like their boxed convenience items. But their skillet meals aren't convenient. What's wrong with just combining everything together like Stouffer's does?

They also tell you to confirm that the internal temperature is 165°F. I've already ranted about this, but... ovens and cooktops are way more consistent than microwaves, so there's no excuse for not knowing if your directions will get the internal temperature to the right level. Having to get out a thermometer and measure that isn't convenient at all.

The moral of the story: Stouffer's skillet meals are awesome.

Wednesday, November 25, 2009

My computer... again

This is a complete history of everything I think is relevant regarding the gradual degradation of my computer gaming experience. Sprinkled throughout are links to relevant blog posts I've written about these events.

During MAGFest 5 (which was in January 2007), something happened to my computer and the power supply died. Due to general idiocy I didn't figure this out for a while. When I got my computer up and running again with the new power supply, I began noticing odd occurrences while playing Guild Wars. This problem eventually evolved to be a lot more serious. Specifically, the entire computer would freeze after about an hour. Sometimes this was accompanied by my screen turning off, sometimes it would almost freeze and then Windows would say that nv4_disp.dll had stopped responding. Sometimes it would just run horribly, like I was trying to run GW with max settings with a much lower-specced computer.

When it froze (either with video or without) the only way to get it back was to hit the reset button on my case. When I got the dialog about nv4_disp.dll, I could just click OK and continue playing, and it would run perfectly well after that. When it ran horribly (or as I've said in the past, "shat bricks"), looking at the Commit Charge figure in Task Manager reveals that it had gone through the roof, but the numbers for Virtual Memory and RAM usage (which I think are added together to make "commit charge", such a useless name) just didn't add up.

A lot of other people have had issues with nv4_disp.dll entering an infinite loop and generating a BSOD. I haven't ever seen a BSOD when this happened.

When this originally started happening, I was running WinXP Service Pack 1. I updated to SP2 just before MAGFest 7 (that would be in December of 2008). Still had the issue.

I found a workaround that would postpone the inevitable, which was to turn the graphics all the way down. It would still eventually run into one of the aforementioned problems, but it took 5-6 hours instead of one. It wasn't very pretty, but it worked.

Then the freeze issue started happening in other games. Specifically UT2004, but since then I traced it to any 3D game.

After I overreacted when my motherboard's onboard LAN died and reinstalled XP, I updated to SP3. The issue was still present, but I noticed something: playing games windowed allowed me to jack the graphics back up and have it still work for 5-6 hours. To this day I've been playing GW windowed. I haven't touched UT in forever.

Just recently I've been on GW a lot more (all the while still successfully maintaining a social life, see kids it is possible to play online RPGs and have friends in real life) and I haven't encountered any issues at all, which is making me start to think I might be able to run the game fullscreen again, as well as other resource-intensive 3D games like UT. But then again, my computer enters "shit bricks" state if I run the latest ZSNES, whether fullscreen or windowed. I'm using ZSNES v1.42 because it still works. I'd heard somewhere that 1.42 was the last decent version of ZSNES, and if this is the reason, I guess I'm never updating. I can run another OS in a virtual machine just fine, but the mere act of running the latest version of a SNES emulator (never actually getting to the point where I could start a game) bogs my computer down like crazy.

Earlier this morning I was browsing around nVidia's forums and happened upon a thread about nv4_disp.dll infinite loop problems. It proclaimed the fix was turning off some memory write queue register. Skeptical as always I read through the thread. People posted issues, suggested that the OP's fix either worked or didn't work, or suggested other fixes (turning off AGP fast write, which won't work for me since I have a PCI-Express x16 video card and not an AGP video card; and updating Realtek sound drivers, which my onboard sound is a Realtek but I haven't updated the drivers). There doesn't seem to be a unified, concrete "do this and it'll work" solution, but the point was made and substantiated that XP and nVidia don't get along very well.

I've been thinking that maybe another operating system would work properly, but I lack the desire to nuke an otherwise perfectly good XP install that I still consider "just set up" (heck, I just got around to fixing permissions on my two non-OS drives so that my new user owned everything instead of my old user) or go through setting up a dual boot just to try something else. I've wanted to dual boot Linux for a while, and I'm interested in Windows 7.

Also on my mind is getting a new graphics card, though honestly if I do that I'm going to build a new computer since this one was built in 2004.

Actually, let's go with that. I need a new computer.

Monday, November 23, 2009


A while back I wrote a quick PHP script that, given the dimensions of an image and the target aspect ratio, it would compute a few dimensions in the target aspect ratio that required minimal cropping/editing to obtain. Content that it worked, I let it sit there and forgot about it until today when I found a low res image on /w/ that I wanted to make 4:3. (foreshadowing a wallpaper update?)

Looking at its code, I told myself there had to be a better way to calculate the nearest resolutions. In my haste to have a working solution I just took the easy way out and used loops that decremented/incrimented the width and height by one until it found something that fit the desired aspect ratio.

I figured it would be faster to rewrite it so it didn't use loops at all. Using the handy-dandy modulus operator, I rewrote the function so it just did straight calculations instead of stupidly looping. Since the most it ever has to incriment/decrement is within the modulus of the relevant portion of the aspect ratio, we can use the width modulus the aspect width to see exactly where we stand, the same for the height. In best-case, the modulus is zero and we just have to do one calculation. Worst-case it's nonzero and we have to do two.

The loop algorithm always calculated by increasing and decreasing both the height and the width, regardless of anything. By design it wouldn't loop if the value we started with was a multiple, but it didn't use any modulus to check. In fact, all the original algorithm got was the computed floating point representation of the aspect ratio, whereas the new one gets the separate width and height components of the aspect ratio and computes the floating point representation for ease of calculation later on. That and computing a value once and storing the result is faster than recomputing the same value four times.

Tested it with the new algorithm, and it works, with a bonus: It now does a minimal amount of redundant output elimination purely by design. Since we check to see if the modulus is zero, some but not all redundancy is eliminated. Perhaps I'll facepalm and realize how I can change it so that all redundant output is eliminated (without specifically checking post-calculation), but for now I'm satisfied.

Then I wondered just how much faster it really was. So I added in an option in the HTML form to let me select whether or not I wanted to compare the two algorithms, and wrote the code to calculate how long each one takes to execute. It's pretty simple, in PHP 5 you can just call microtime(true) before and after the function and then do a little math and call sprintf to format the result.

Here are the tests I did:

Best case test data:
Aspect ratio: 16:9
Width x Height: 1920x1080 (1920 / 1080 == 16 / 9)

Mixed case test data:
Aspect ratio: 16:9
Width x Height: 1920x720 (1920 % 16 == 0, 720 % 9 == 0, but 1920 / 720 != 16 / 9)

Worst case test data:
Aspect ratio: 16:9
Width x Height: 1928x725 (1928 % 16 == 8, 725 % 9 == 5, basically here the given dimensions are halfway between multiples of their relevant portions of the aspect ratio)

After running several tests it turns out my new algorithm is approximately 1.5-2x faster. I'll take that.

Oh and here's the script so you can play around with it.

Sunday, November 22, 2009

Maybe I'm too paranoid

I was being paranoid about what my computer was connected to earlier today, which prompted among other things a reboot.

One of the domains in my netstat output had caught me off-guard: Don't try it in your web browser, it doesn't work. I did some searching and then promptly facepalmed as I realized it was owned by Google. 1e100 = 1 * 10^100 = a googol = another of Google's bad jokes. It shows up as the reverse DNS for GTalk and GMail. That's almost as bad as Microsoft's faked reverse DNS of whatever.phx.gbl for when you're connected to MSN.

In the process of discovering this I happened upon a pretty neat tool called TCP View. It shows you not only what your computer is connected to, but also which process owns each connection. It's basically netstat on steroids. In addition, it updates constantly, letting you know what's happening. It also provides some useful tools, such as the ability to kill the process or the connection, or to whois the remote host.

The verdict: eases paranoia.

Thursday, November 19, 2009

This is driving me crazy

Every so often, my trackball's driver's "Snap mouse pointer to default button" option mysteriously re-enables itself. I'll notice it's back on, go and turn it off, then forget about it only to notice it's re-enabled later. This is highly annoying, I wish it'd just stay off like it used to.

For anyone reading this (all maybe two of you), I have a Kensington Expert Mouse (you can even read my review of it on Newegg, though depending on the age of this link you may have to navigate pages to see it) which is a really awesome trackball with a scroll wheel that's allowed the tendonitis in my wrist to almost completely go away. I got said tendonitis from using a mouse improperly.

I think it's an accessibility option or something, but it's hardly intuitive. I don't want my mouse pointer going anywhere unless I manually move it there. I don't automatically want to click the default button on every single dialog that comes up. This includes dialogs like Open File dialogs where I'd need to navigate somewhere, using the mouse, so moving the pointer is pointless because I'm just going to be moving it around to find the file I want.

I'm hoping a reboot will fix the issue. Some very weird things in Windows and Windows applications require restarting either the application or the computer in order to truly take effect. I'm thinking mainly of Foobar2000, where if you change anything on the options dialog, it doesn't actually save it to its preferences file until you close it manually. So if you change a setting, listen to music for a few hours/days/whatever, then turn your computer off or reboot or something and Foobar2000 closes because of the shutdown/reboot, it doesn't fucking save your preferences.

I think the mouse issue might be related to something that happened towards the end of last month. My parents went to the beach for a week and left me to take care of the house and the dog. I figured "hey, while they're gone, I'll move my computer into the other room and use the plasma tv as a second monitor and watch some anime or something!"

So I did. However, when I turned my computer back on after moving it, first off, the mouse didn't work until after I logged in (it's USB, though I could have sworn I enabled Legacy USB Keyboard/Mouse support in my BIOS). Then I had to reconfigure all the buttons to my usual layout. During this I missed the tab of the dialog with the "snap to default" bug/feature. I watched the episode of Darker Than Black 2 that was current at the time, played some Guild Wars (with GuildWiki open on the monitor so I could easily reference stuff I was doing or looking for or whatever), and then my computer promptly shat bricks. I think it was related to the dual monitor setup because I've played GW with Firefox open with all my usual tabs and then some since moving my computer back and it hasn't happened.

Why would you ever want your mouse pointer to snap to the default button of a dialog in the first place?

I wouldn't have this issue using it under Linux, mainly since they don't have their bullshit driver available for Linux. It works anyway (and is fully configurable) using xmodmap, xbindkeys, and the xte program from your distribution's xautomation package. You can use xev to figure out what button sends what event so you can hook it up properly in .xbindkeysrc. The beauty of all of this is that it's independent of whichever window manager you use, since it just modifies how X interprets the events that it receives; and like the rest of Linux, it operates in a "set it and forget it" manner. Maybe in a later post I'll go into greater detail on the finer points of messing around with xbindkeys.

If it weren't for the computer games, I'd migrate my desktop over to ArchLinux already... I really need to get a new gaming computer so I can turn this one into a Linux box.

Oh wow I've drifted topics this much? I guess I should just end this post now.

Monday, November 9, 2009

Nekocon 12 report


Getting there was simple. In fact, I beat out both the other cars, both of which were armed with GPSes. By a half hour. My only problem was that I got dyslexic about the exit number we had to get off of I-64 at, but thakfully I was dyslexic in the direction that didn't cause us to miss said exit and we reached the hotel without issue.

Since we beat the other cars there, including the car containing the all-important Person Who Paid For The Rooms And Therefore Must Be Present So We Can Check In (i.e. Citrus) wasn't there, so we got some food (my once-annually visit to McDonald's). When we finished everyone else rolled up. Apparently one car stopped for food on the way down and the other made a wrong turn and ended up having to go around multiple sections of a cloverleaf to turn around. GPSes for the win, amirite?

Honestly, the trip isn't that difficult.

Dealers' room was closed when we got there, so I checked out everything else. I was disappointed that there wasn't a Rock Band 2 setup in the game room, even though they had the controllers for it.

Since everything went JUST AS PLANNED finance-wise (actually, BETTER THAN PLANNED, by $90), I was able to get a full weekend reg.

We discovered almost right away that the door to our hotel room didn't lock properly. It wasn't an issue when we were inside it, since we could just close the little thing that prevents the door from being opened all the way, but we couldn't leave anything valuable in it. We informed the hotel of this and they said to use that thing overnight.

I can never sleep at conventions, I don't know why. Part of it was that when we went to sleep I'd only been up for about 14 hours, so I still had energy and had to lie there for at least an hour before actually falling asleep.


We stormed the hotel's free breakfast and made our way to the convention. Since the dealers' room was now open, I debated about buying some volumes of Negima before ultimately deciding to take a look around at the other vendors first. I ended up buying the 10th Anniversary re-release of Azumanga Daioh in Japanese. All three volumes. I can't read it (moon runes and no furigana to help with kanji), but I know what's going on anyway so it doesn't really matter. I've read the three new chapters written for the re-release scanlated, so... otaku badge of honor?

Besides, I couldn't remember which volumes of Negima I didn't have and I forgot to write it down before leaving. I leafed through a few but since I've been reading the scanlations, I remembered everything and couldn't figure out on the fly where I'd left off.

We got back to the hotel and stashed some stuff in my trunk (since it would lock), then went up to the room and discovered that the lock had been fixed. I discovered this by turning the handle and walking headfirst into the door. Anyway, now we could leave stuff (merchandise, laptops, etc.) in the room!

Also, in the room containing Artist's Alley, there's the R/C Racing thing. These aren't your ordinary toy R/C cars, these are the high quality racing ones that are really expensive, and a couple of professional-quality tracks to race them on (one easy, one difficult). Unfortunately it wasn't up and running when we checked it out, and was desolate the rest of the weekend.

While I was in Artists' Alley I remembered that I'd gotten the Yomi button I was wearing there, so I decided to browse for more buttons (or anything else worth buying). Apparently buttons sold pretty well last year (when about two people had them), because this year almost everyone had them. I happened across a Churuya button, which I immediately bought. Unfortunately, MAGFest didn't have a table/projector/MAME ROMs in there this year, so I couldn't bug Brendan or play any Michael Jackson's Moonwalker. If I had any emoticons I'd put a sad face here.

Distinctly notable in Artists' Alley was the unfortunate lack of anything K-On!. No prints that I saw, no buttons, nothing. The dealers' room was short on it as well, there were some posters and other assorted flat things but I kind of expected more. The lack of it in the dealers' room was forgivable since the series hasn't had the chance to generate much merchandise, but Artists' Alley? Seriously, was everyone who had a booth in there living under a rock? Prints/buttons/stuff from K-On! would have sold like wildfire. I probably could have commissioned something, but didn't really feel like it.

Despite having had a large breakfast (two sugary-fruity-iced-pastry-like-things, sausage patties, eggs, a waffle, a muffin of unknown type, a cup of grape juice, a cup of orange juice, and two cups of coffee), I tagged along and made a second visit to McDonald's for lunch. Since I wasn't all that hungry I had some chicken nuggets and a soda. I tend to stock up on calories since so much of congoing is walking around (and fangasming about things), but the lunch was kind of unnecessary.

So then for dinner we decided to go to a Chinese restaurant listed in the con program book. Getting there meant driving, but it wasn't that far away and looked pretty easy to find.

Except that it didn't exist.

So after calling people and talking (hey, who'd'a thought cell phones would be useful?) we went to Denny's.

Decided to go to the game room and play some Rave Racer for a while. Same old gimpy machine as the one at MAGFest where the left side's screen flickers any time either player hits the brake pedal. I demonstrated this at one point because the left side had glitched to be "letterboxed". I hit the brake pedal on the right side and it un-glitched. Then we got kicked out because some Call of Duty fags wanted to have a tournament or something. I thought that was a PC game, but apparently they released it on consoles as well. The controls are guaranteed to suck anyway. Also, the room right next door was the tournament room. Bleh, whatever.


There's nothing ever really worthwhile happening at an anime convention on Sunday. So we had breakfast, checked out of the hotel, packed up the cars, hit up the dealers' room one last time, and left. I grabbed a Setsuna plushie in the final raid on the dealers' room.

Since last year I had to stop at a rest stop and buy a caffeinated soda to stay awake while driving, this year I planned ahead and bought the drink from a vending machine in the hotel. This was important because the Virginia Department of Transportation recently closed the rest stop I stopped at last year.

Luckily nobody left anything in my trunk this year.

I will note that I spent the weekend sober, since CAINE's resident alcoholic was in a different hotel. Asshole.

Last but not least I totally hijacked Enigma's laptop and used the hotel's free wifi to write the Friday and Saturday portions of this down so I wouldn't forget them when I got back. Writing in the past tense about something that's currently happening is difficult, so if it reads strangely, that's probably why.

Merchandise (with pictures!)

10th Anniversary Azumanga Daioh (all three volumes)
Churuya-san button (to go with the shirt, which I was wearing when I bought it)
Sakurazaki Setsuna plushie (yay Negima!)

A shot of both buttons

Here are the pictures from last year. I don't remember having linked them before.
Yomi button
Churuya shirt

Sunday, November 8, 2009

Blogger's new post editor

So I was cruising through my options at random after setting up Google's web developer tools so I could get some pageview statistics and shit and I noticed they have a newer post editor.

I typed this post in it.

The first thing I noticed is how fucking sluggish it is.  Text appears in bursts rather than immediately.

They've added a strikethrough button (yay!), but they're still neglecting underline.  What the hell.

There's also a "jump break" button, which I guess would allow me to post a short bit of the post on my main page and then the whole thing is expanded when you view the post by itself.

Their page listing the new features goes into more stuff, most of which is cool like not fucking adding <br /> tags inside the more complex HTML markup like lists and tables, so that you can actually view your markup without it just being a huge word-wrapped jumbled mess.

A new option that I used on this post allows you to control what it does with HTML typed into the WYSIWYG editor.  Either it will interpret it and use it to format your post, or it'll show it literally (basically automatically adding &lt; to it so the tag doesn't get picked up by the browser)

Seriously though, this text burst thing is driving me crazy.  I'm going to switch back to the older post editor just because of it.  I don't know if it's related to the performance of my computer, but an AMD64 3200+ with 2GB of RAM should be able to handle typing a fucking blog post.

One thing I'd love to see is the ability to add custom formatting buttons.  I have some CSS classes set up for things like keyboard keys that when I use them I tend to use them extensively and it means a lot of copying/pasting since I can't just highlight the text and add the style.  It would also be a short term fix for the "lack of underline button" issue. I can do this with Greasemonkey, but that's retarded.

The preview function is better but still far from perfect.  It still doesn't show the post as it would appear on your blog after publishing it.  This means there's still no way to be 100% certain of the appearance of your post until you publish, and then it becomes a game of "edit, publish, read, disapprove, repeat" until you get it looking like you want it to.

Okay, the text burst issue affects HTML mode as well. Definitely switching back to the older editor.  It preserves double spaces now, which is neat.  And it properly escapes HTML entities, which I hated how it evaluated them to the unicode character before so once this annoying text burst thing gets fixed, it'll be a useful editor.

I call it "text burst" but it's more like "input burst" since it affects all keystrokes, not just alphanumerics and symbols.  Trying to move around this post or use Backspace is a real chore.  Given that I'm making lots of typos because text isn't appearing immediately, I'm using Backspace a lot.

Let's try a link and see what happens.  Okay, first off it still doesn't give the option of setting target="_blank" (I added it manually as usual), and second off, typing at the end of the line puts text inside the link tag instead of after it.  Which means wallpaper updates are still going to be a chore since I can't easily add target="_blank" in after the fact either.

(the excessive line break after that is the new editor's fault, not mine. It puts a newline at the end of the link text and another after the closing link tag, then it gets to the one I added.)

At least now it won't fucking timestamp a post until I hit publish, almost all of my posts have an incorrect timestamp because it timestamped them when I started typing them instead of when I finished and hit publish.

Oh and Nekocon report up whenever I get around to taking pictures of the stuff I bought. Which since it's on my mind, will probably be soon. Either that or I'll schedule the post to publish later just to be a dick.

Edit: It fucking removes my custom CSS classes when I switch between HTML and WYSIWYG modes. What the shit.

Friday, November 6, 2009

Thank You Internet

More Linux stuff in this post. If you don't really care, then go ahead and skip, I'll only hold it against you for the rest of your life.

There's lots of fixed-width-font formatting in here that won't be visible unless you're actually reading it on my blog. It really adds a lot of helpful emphasis, so your opinion of my technical writing should go up by reading it with that emphasis intact. (and down from the sheer number of parenthetical statements, but whatever)

So after successfully getting my server set up and running lean and mean with ArchLinux, I figured it was time to pimp it a bit. I wanted to see if I could get Samba working (Samba = the Windows Network file-sharing protocol) so I could have a directory be remotely accessible from a Windows computer with no password (i.e. a public share, necessary to make drop boxes and stuff).

Samba's configuration has way more options than are initially in smb.conf but eventually I got it. So now I have a subdirectory in my home directory (aptly named "share", though it appears on the network as "eckstee" because that's what I named its section in smb.conf.) shared with no password, and I can browse to it on Windows and read (and even modify, since I allowed write permissions) the file I stuck in it (named youfoundit.txt).

That actually happened several days ago. What just happened tonight, however, was something that I'd wanted to do for a while but never really knew how to do.

When you install Apache, there's a certain directory set as its document root (configured by the aptly-named DocumentRoot directive in httpd.conf) that files are loaded from when you request http://servername/filename.ext. This directory (/srv/http/ on ArchLinux), by default, has its permissions set so you have to be root in order to create or modify anything in it. Now, there isn't really that much of a problem there, since I know my root password, but I really don't want to be doing things as root with full root privileges. Bad Things™ can happen when you do that.

So I said to myself, "I'll just make a group called 'webdev', stick my account in it, then configure the permissions on that directory so anyone in the group webdev has write permissions!"

The first part of this was relatively easy. Made the webdev group, stuck my account in it, changed the group on the directory to webdev, chmod'ed it to 775, then logged out and back in for the group change to take effect. I can now create and modify files in the directory using my normal account.

Then the problems arose. First off, the group owning the new files I was creating to test was the primary group my account was in, users, instead of webdev. That was easily fixed with chmod by setting the setgid bit on the directory. For reference the command is chmod g+s directoryname. You could do it with octal (it would be chmod 2775 directoryname), but using octal obliterates existing permissions whereas the letter syntax leaves them alone. Now when I make new files, webdev owns them and the proper permissions can take effect.

The second problem was just that: permissions. The default permissions are read/write for owner, and read only for the group on the directory and for everyone else. I wanted the permissions in this directory and this directory alone to default to both the owner and the group having read/write.

A quick Google search told me I'd have to use an ACL to make this happen, and even showed some sample commands designed to do just this. Except that the command (modified for what I was trying to do, of course) wouldn't work. Every time I ran it I got an error message saying I hadn't provided enough arguments.

Some more Google searching with the proper command name (I had searched 'umask', not 'setfacl', silly me) found me the reason why my attempts at setting up an ACL weren't working. There's a mount option you have to set on that partition in /etc/fstab (aptly named acl) to actually enable them. So I did that and rebooted (I probably could have just told mount to remount the root partition, but rebooting works too), and then after some slight facepalmery, the command succeeded.

I made a new file and crossed my fingers. One ls -l later, I was pleased to see that the new file had the exact permission set I wanted. Running getfacl on the directory now shows that for the group webdev, permissions are overridden so that group read/write are always available.

So in case anyone else happens to want to do this (I ran across a few forum posts in my Google searches where people were asking how to do exactly this), here's a quick reference. You'll have to do most if not all of this as root. If you're a lower-level linuxmancer like myself, look all the commands (and the one file) up with man before doing anything. Also of interest would be mount's man page.
  1. In /etc/fstab, make sure the partition containing the directory you want to change default permissions on has the acl mount option.
  2. Remount the partition, or if you're lazy and/or a BOFH, reboot.
  3. Make a new group with groupadd, then put your account (and any other accounts you want to be in the group) into the group with groupmems.
  4. If any of those accounts are logged in, log them out and back in (or tell people to do that if you're in a multi-user setting). Once this has happened, running groups as the user(s) you added to the group should return a list of groups including the group you just created. For instance, mine returns users webdev.
  5. Change the group on the desired directory to the one you just set up, using chgrp.
  6. Change the permissions on the directory to have the group write and setgid permissions bits set. Easy way out = chmod g+ws directoryname.
  7. Now use setfacl to tell it that the group permissions for all new files should be rw-. Your command should look something like this: setfacl -d -m group:groupname:rw- directoryname.
Now if you ls -ld directoryname, you should see something similar to this: drwxrwsr-x+ 2 owner groupname 4096 2009-11-06 00:13 directoryname. The s in the group bits indicates setgid, and the + indicates that there's an ACL in effect on the directory. You can view the ACL with getfacl directoryname. Any files created in the directory after this will also have a + at the end of their permissions bits. You'll have to chmod and setfacl existing files and directories to the appropriate values manually. Keep in mind that both chmod and setfacl take the -R argument which makes them recurse subdirectories, so keep that in mind if you've got a large directory structure and you just said "fuck my life!" because you thought you'd have to manually chmod and setfacl everything.

Important to note is that so long as you don't fuck with the everyone read permission, Apache will still be able to serve files from the directory. So basically it Just Works™. And I like that.

On a non-Linux note, I'm going to Nekocon this weekend, so expect a con report late Sunday evening/early Monday morning.