A blog on rails, php, computing, my bass guitar and stuff
September 10th, 2008 — development, Ruby
First of all I did a:
capify .
And used this deploy.rb
Then to setup the current, releases, etc. directories:
cap deploy:setup
Then, when I tried to login via ssh with shared key: nothing!
After some searching I found out that capistrano messed up the permissions on the .ssh directory 
To fix it:
chmod 755 $HOME chmod 755 $HOME/.ssh chmod 644 $HOME/.ssh/authorized_keys
July 16th, 2008 — development
I was surfing for some ticketing / project management software and it returned the following result:
Especially Sifter looks really nice! But… it isn’t open source. So too bad. I went with Redmine: open source, ruby on rails and already a nice feature set!
A nice overview of bug/issue tracking systems can be found on wikipedia.
July 15th, 2008 — development
I was reading a nice article on Ruby on Rails flesh messages. It linked to an article about styling message boxes with css.
I’m a real sucker for nice message boxes. If you are too: this is a must-read.
July 2nd, 2008 — development, Linux
The default vpnc in Ubuntu comes without openssl support. Bugger… But with these few lines of code this is solved:
sudo apt-get update sudo apt-get build-dep vpnc sudo apt-get install libssl-dev mkdir ~/src/vpnc -p cd ~/src/vpnc apt-get source vpnc cd vpnc-* dpkg-buildpackage sudo dpkg -i ../vpnc*.deb
Et voila: vpnc with openssl!
June 29th, 2008 — development, Linux, Ruby
There were some vulnerabilities in Ruby which are supposedly fixed in ruby 1.8.7. Because of that and because it’s always nice to have the latest, I installed ruby from Ubuntu Intrepid on Hardy Herron.
And while I was doing that I also decided to install guessnet from Intrepid. So I don’t have to compile guessnet anymore.
It involves two steps:
Create /etc/apt/sources.list.d/intrepid.list and copy the following code into it:
deb http://nl.archive.ubuntu.com/ubuntu/ intrepid main restricted multiverse deb-src http://nl.archive.ubuntu.com/ubuntu/ intrepid main restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://nl.archive.ubuntu.com/ubuntu/ intrepid-updates main restricted multiverse deb-src http://nl.archive.ubuntu.com/ubuntu/ intrepid-updates main restricted ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## universe WILL NOT receive any review or updates from the Ubuntu security ## team. deb http://nl.archive.ubuntu.com/ubuntu/ intrepid universe deb-src http://nl.archive.ubuntu.com/ubuntu/ intrepid universe deb http://nl.archive.ubuntu.com/ubuntu/ intrepid-updates universe deb-src http://nl.archive.ubuntu.com/ubuntu/ intrepid-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. ## Uncomment the following two lines to add software from the 'backports' ## repository. ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. deb http://nl.archive.ubuntu.com/ubuntu/ intrepid-backports main restricted universe multiverse # deb-src http://nl.archive.ubuntu.com/ubuntu/ intrepid-backports main restricted universe multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. This software is not part of Ubuntu, but is ## offered by Canonical and the respective vendors as a service to Ubuntu ## users. deb http://archive.canonical.com/ubuntu intrepid partner # deb-src http://archive.canonical.com/ubuntu intrepid partner deb http://security.ubuntu.com/ubuntu intrepid-security main restricted multiverse deb-src http://security.ubuntu.com/ubuntu intrepid-security main restricted deb http://security.ubuntu.com/ubuntu intrepid-security universe deb-src http://security.ubuntu.com/ubuntu intrepid-security universe
If /etc/apt/preferences does not exist, touch it!
Then copy this code into it:
Package: * Pin: release v=8.10 Pin-Priority: -1 Package: ruby Pin: release v=8.10 Pin-Priority: 500 Package: ruby1.8 Pin: release v=8.10 Pin-Priority: 500 Package: libruby Pin: release v=8.10 Pin-Priority: 500 Package: libruby1.8 Pin: release v=8.10 Pin-Priority: 500 Package: rdoc Pin: release v=8.10 Pin-Priority: 500 Package: rdoc1.8 Pin: release v=8.10 Pin-Priority: 500 Package: ri Pin: release v=8.10 Pin-Priority: 500 Package: ri1.8 Pin: release v=8.10 Pin-Priority: 500 Package: irb Pin: release v=8.10 Pin-Priority: 500 Package: irb1.8 Pin: release v=8.10 Pin-Priority: 500 Package: libopenssl-ruby Pin: release v=8.10 Pin-Priority: 500 Package: libreadline-ruby Pin: release v=8.10 Pin-Priority: 500 Package: libreadline-ruby1.8 Pin: release v=8.10 Pin-Priority: 500 Package: ruby-dev Pin: release v=8.10 Pin-Priority: 500 Package: ruby1.8-dev Pin: release v=8.10 Pin-Priority: 500 Package: guessnet Pin: release v=8.10 Pin-Priority: 501
That’s all! “Aptitude update” & “aptitude install ruby guessnet” and you are good to go.
I tried using the “Package” keyword with wildcards, but that’s a no-go
June 29th, 2008 — development
I’m starting with Python/GtkBuilder and I wanted a nice IDE for Python. Because I really like using netbeans for coding ruby, I gave it a try for python. But the support for python is still alpha.
For it to work you have to download the latest (nightly) netbeans build and the netbeans python plugin(s)
June 26th, 2008 — development, Linux
I had to make a couple of diff’s lately and I always forget what switch to use 
So here is it:
diff orig_file patched_file -u
June 25th, 2008 — development, Linux
On v2 of my website I wrote a post on configuring a webserver for testing/developing purposes. In that post I explained how to adjust the umask of Apache. I did that by changing the Apache startup script. But, of course, when apache is updated/upgraded, you custom mod will dissapear. In coincidence I stumbled upon a post that explained how to add environment variables to apache without modding the distribution scripts.
All you do is adding the desired variables to “/etc/apache2/envars”. That’s it!
June 20th, 2008 — development, Linux, Ruby
I’ve installed puppet recently and I’m know trying to understand how it works and make use of it 
If that’s not difficult enough, I encountered this weird behaviour that the –noop argument didn’t do anything. After an hour of searching I realized it was my own stupid fault!
I had to puppet configuration files: /etc/puppet/puppetd.conf (old way) and /etc/puppet/puppet.conf (new way). I browsed throught the source code and it looks like puppet first checks the old file, if it is found it parses that one. If it’s not found, the new file is parsed. I don’t know why, but if the old file is used, the –noop argument isn’t parsed by puppet. So removing /etc/puppet/puppetd.conf was all I had to do. Pffff….
But why did I create the puppetd.conf file? Because I’v read the “Pulling strings with puppet”-book. And althought it’s fairly new, puppet is advancing at a very high rate. So the book is becoming out-of-date already.
June 14th, 2008 — development, Linux, PHP
At Tim_online we have several webservers and each of them have apache2 installed running php with fcgid (a fastcgi implementation). Why this configuration and not mod_php? Because it is reasonably fast (at leaster faster than plain cgi) an secure (because it doesn’t run under the apache user).
For it to run php scripts as the website owner, you need suexec.
Suexec is a mechanism supplied with Apache that allows to execute CGI scripts as the user they belong to, rather than Apache’s wwwrun user. This improves security in situations where multiple mutually distrusting users have the possibility to put CGI content on the server.
So when u visitor requests one of the webpages of one of my customers the proces looks like this:
request -> apache -> fastcgi -> suexec -> proxy -> php file
I don’t exactly know anymore why the proxy is required, but it is
Know the problem is: suexec (by default) can’t execute the proxy file, because it isn’t owned by the php file owner. So you have to hack suexec to make this work.
I did this. And everything worked. The webservers were happy to serve al these requests untill one day apache get updated. The automatic ubuntu updates push a new version of apache with a new suexec binary. Problem!
So when you come at work there are 16 “missed incoming calls” and you co-workers are going mad with all the dissapointed customers. You look at the apache logs: hmzzz, suexec is giving 120 errors… What could that be? !Ping! Suexec ofcourse. Let’s see, how did I solve this problem the last time. First let’s download the apache sources. ./configure. Yes. now where’s suexec.c? Ah, cd support. Now, make suexec. Wait, missing headers. Let’s install those first. Make suexec. Arrgh. It doesn’t work! Suexec -v. Wait, forgot to adjust the ap_httpd_user, ow, and comment out the offending lines. Yes, this should work. Ok. Copy it to /usr/lib/apache2. Ok, it works!
But at that time, an hour has past. If you can find the right files at once. So I decided to write down the steps I took to download, configure and compile suexec the quickest and simplest way. Here we go:
sudo apt-get install apache2-threaded-dev mkdir -p ~/src/suexec cd ~/src/suexec sudo apt-get install apache2-threaded-dev wget http://svn.apache.org/repos/asf/httpd/httpd/trunk/support/suexec.c wget http://svn.apache.org/repos/asf/httpd/httpd/trunk/support/suexec.h wget http://www.vanutsteen.nl/wp-content/uploads/2008/06/suexecc.patch patch suexec.c suexec.c.patch -o suexec.patched.c gcc -DLOG_EXEC='"/var/log/apache2/suexec.log"' -DAP_HTTPD_USER='"www-data"' -DAP_DOC_ROOT='"/var/www"' -I/usr/include/apr-1.0 -I/usr/include/apache2 -o suexec suexec.patched.c
That’s it! Test it by doing: sudo ./suexec -V
That should output:
-D AP_DOC_ROOT="/var/www" -D AP_GID_MIN=100 -D AP_HTTPD_USER="www-data" -D AP_LOG_EXEC="/var/log/apache2/suexec.log" -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin" -D AP_UID_MIN=100 -D AP_USERDIR_SUFFIX="public_html"
Basically what I did:
LeonB @ GitHub