Roland's blog

I always thought that web hosting companies would be decent enough to provide security but they do not.

They cannot protect you from people modifying dynamic content such as your blog. Here's how it works.

When you upload your blog your hosting company, it will have a username and password for the database to which it should be connected to.

Each file has the following permisssions: your_username:your_username . The first item before the colon means that's the username, and the second indicates the group. Yeah, you are a member of your own group. Stupid eh?

When you upload a file to your host, the default permissions are:

You can read and write into the folder/file
Your group can read and write into the folder
Everyone can read

Yeah, everyone can read. The reason behind this is that the webserver process, which runs under a different username, needs to read your files. What needs to happen is that a special group between you and the web server username needs to be created. Or the username of the webserver needs to be added onto your own username. That way, you can remove read access to everyone and give read access only to yourself.

This really sucks. If you are a savy user you can find several places where you can find usernames of people in the system. Sometimes, hosting companies place everyone's username in a file for their benefit. Guess what if you thought that gave you security, tough luck.

Now you're thinking, why on earth don't they do this. The answer is stupid: they are lazy. They don't want the overhead of troubles which comes with this configuration. Making sure a user is a member may require more time on their side. So, they say: Since you can't afford to buy a VPS, you can't afford to protect your data. Yep, they think like that.. Yet another wtf for the day!

I have Ubuntu Hardy server running on my machine. The cool thing is that I wanted to run a mail server on it too, and selected the mail option when I installed. Today, I realized that authentication is done over ssl which is really cool. I already have an email account set up and it works pretty well.

The mail server included postfix and dovecot. So cool! It even had the certificates created for me.

The cool thing about arch linux is that you can upgrade to the latest releases, but it is very probably you'll screw up your system. I upgraded to kernel 2.6.27-2 which wasn't a very wise decision. I got a kernel panic on reboot saying the /init could not be found. I tried setting the init param in menu.lst but still it didn't work.

Hmm, I think I did something wrong during the upgrade. I remember klibc screaming about errors, maybe it had something to do with it. Either way, I used by ubuntu install to chroot and reinstall the kernel26. That did it. The kernel itself didn't work at first so I used the "fallback" version. The reason  is that /sys/ didn't map to the right location. I don't know where it's supposed to map. I only mapped dev. Oh, well, after using the fallback kernel, I was able to reinstall kernel26 with pacman. This fixed my system.

I'm glad to see that ndiswrapper is not whining anymore about the kernel like it did with 2.6.26. Yeay! back on track. Also, I managed to move all my blogs from my old blog, and blogger into a this new one. Aint't it cool?

To connect to the Sql Server in from Rails in Linux there are some very useful resources such as:
HowtoConnectToMicrosoftSQLServerFromRailsOnLinux.

Note that HowtoConnectToMicrosoftSQLServer works only if the Rails app lives in a windows environment. In Linux there's no "win32ole", which helps with the ADO connection. So, we have to rely on ODBC. The weird thing is that I developed a rails app that connected to Sql Server 2005 a few years back, but we did it in windows and had not to worry about something like this. Oh well, c'est la vie!

On my laptop I run Arch Linux so these instructions are pretty much for Arch, but as the first resource says, they can be adapted to pretty much any other distro. First, start off by installing freetds. Luckily, freetds on Arch is built with odbc support (you can see that the PKGBUILD of freetds depends on unixodbc).

Another reason why mod_rewrite won't work is because a VirtualDocumentRoot is set up. This is maddening because it doesn't overrides the way mod_rewrite rewrites urls. This might be a good setup if you have subfolders such as "subdomain" subdomain.domain.com, but it breaks a mod_rewrite, so refrain from using it.
In Centos 4, check /etc/httpd/conf.d/virtual_hosts.conf

<VirtualHost *:80>

  ServerName subdomain.domain.com

  VirtualDocumentRoot /var/www/%1

  DirectoryIndex index.html index.shtml index.php

</VirtualHost>

If you care to have this working, then check out http://drupal.org/node/20804, they say that "VirtualDocumentRoot causes mod_rewrite to set an incorrect default value for RewriteBase", so you have to set a "RewriteBase /" in all your .htaccess files.

I upgraded the arch kernel to 2.6.26 and ndiswrapper went bonkers, locking up my computer and what not. It just didn't know how to downgrade to the 2.6.25 kernel and ndiswrapper 1.52.

After a while the kernel got upgraded and so did ndiswrapper to 1.53. Well, this brought some reliability, but not much. If too many connections were made the system would lock up.

Today I finally succeeded to downgrade. I found an answer to downgrading in arch, which solved my question. Basically, Arch doesn't have have a downgrade functionality "per se" because older packages are not kept in the repository. However, if you didn't clean up the pacman cache you can downgrade.

The cached packages are in /var/cache/pacman/pkg. Then you will have to do a pacman -U kernel-2.6.25.. I had also virtualbox-ose and ndiswrapper-1.53 that were conflicting with that install.
You will have to manually remove the ndiswrapper and ndiswrapper-utils (with pacman -R of course), and then install the kernel, and finally put back in the older versions of ndiswrapper and virtualbox.

Yeay, back to stability.

I have been trying to compile the Netsuite code for a while now.
When doing ant deploy or ant compile you have to set this:

To compile the code from
Sample Applications on netsuite.com, you will need get the following:

• NetSuite_WS_Sample_CRM_Java_1_3_1_0.zip from netsuite.com
• axis_1_4.zip Axis patch from netsuite.com
• j2sdk-1_4_2_17-linux-i586.bin Java SDK from sun.com
• apache-ant-1.7.0-bin.tar.bz2 Apache Ant
• axis-bin-1_4.tar.gz Apache Axis Framework
• jaf-1_1_1.zip Java Activation Framework
• javamail-1_4_1.zip Javamail

Step 1: Create a netsuite directory

mkdir ~/netsuite

Step 2: Extract NetSuite_WS_Sample_CRM_Java_1_3_1_0.zip into ~/netsuite

mv NetSuite_WS_Sample_CRM_Java_1_3_1_0.zip ~/netsuite
cd ~/netsuite
unzip NetSuite_WS_Sample_CRM_Java_1_3_1_0.zip

Step 3: Extract the sdk and move to ~/netsuite

mkdir ~/netsuite/java
mv j2sdk-1_4_2_17-linux-i586.bin ~/netsuite/java
cd ~/netsuite/java
chmod +x j2sdk-1_4_2_17-linux-i586.bin
./j2sdk-1_4_2_17-linux-i586.bin

Step 4: Extract ant into ~/netsuite/java/lib

mv apache-ant-1.7.0-bin.tar.bz2 ~/netsute/java/lib
cd ~/netsute/java/lib
tar xjf apache-ant-1.7.0-bin.tar.bz2

Step 5: Extract Java Activation framework

mv jaf-1_1_1.zip ~/netsuite/java/lib
cd ~/netsuite/java/lib
unsip jaf-1_1_1.zip

Step 6: Extract Javamail

mv javamail-1_4_1.zip ~/netsuite/java/lib
cd ~/netsuite/java/lib
unzip javamail-1_4_1.zip

Step 7: Extract the Axis patch

unzip axis_1_4.zip
unzip axis_1_4.zip    

      
roland's blog
Add new comment
Read more
    
  

So, I waisted over a week trying to figure out shared memory semaphores in linux.

The only way semaphores are shared in memory is by giving them names and then doing a sem_open to open the memory address. Then you use sem_init to initialize.

There's another way of working the shared memory; that is using mmap.

The way mmap works is:

int file_descriptor = open( ... );
write(filename, sem_t something, 1); /// This is a bit weird. You write binary data to a file
unlink(filename);

then mmap(.... pass fd=file_descriptor... )

This will make sem_t available to all processes that have been forked.

Now, I didn't try it with mmap this particular example, but i have made a linked list with mmap.

It seems I finally understood how mmap works. Basically, you can write a size of N of something (Node *) in memory. Then you can iterate through each object and place pointers accordingly.