Quadrennial Linux Install (and what I installed)

Once upon a time, it was Windows that required a biennial install. Today, Windows seems to run for five years or more without a reinstall.

Linux, on the other hand, which used to go for years with only package updates, now requires reinstalls. I'm doing one after nearly five years without a clean install. That's a pretty long time.

My .vimrc

set nocompatible " be iMproved, required
filetype off " required

" set the runtime path to include Vundle and initialize
set rtp+=~/.vim/bundle/Vundle.vim
call vundle#begin()
" alternatively, pass a path where Vundle should install plugins
"call vundle#begin('~/some/path/here')

" let Vundle manage Vundle, required
Plugin 'gmarik/Vundle.vim'

" All of your Plugins must be added before the following line
call vundle#end() " required
filetype plugin indent on " required
" To ignore plugin indent changes, instead use:

Intermittent Django REST Framework glitch examined with Apache Benchmark

While programming in the rest framework, I hit this error, intermittently, but over and over, along with others:

Could not resolve URL for hyperlinked relationship using view name "parseuser-detail". You may have failed to include the related model in your API, or incorrectly configured the `lookup_field` attribute on this field.

Being a noob, I hit the books (documentation) again, and again, and thought I had it right, or close. (Don't start out creating Django models for non-Django-managed tables. It's pretty hard. It's better to learn the vanilla Django way first, if possible.)

Instant CORS in PHP

Here's a snippet of code that will make your PHP REST API work cross-domain, through the magic of CORS:

/**
 * CORS is a way to allow scripts from other domains to post to this URL.
 */
if ($_SERVER['REQUEST_METHOD']=='OPTIONS') {
    header('Access-Control-Allow-Origin: *');
    header('Access-Control-Allow-Methods: POST, OPTIONS');
    header('Access-Control-Allow-Headers: Content-Type');
    exit();
}
header('Access-Control-Allow-Origin: *');

Django Rest Tutorial, Inverted

[I hesitate to post this, because it makes me look like I'm a slow learner... but, oh well. I hope someone finds this interesting.]

An Unsafe Version of the PHP Example

This is an unsafe version of the Model PHP Script example. It is more useful for learning PHP. An explanation follows, about what it does, and why it's unsafe.

<?php

/* 
 * Sample PHP form and database example.
 * This is an *unsafe* example, based on the safe example.
 */

// 1. config variables
$dbhost = 'localhost';
$dbuser = 'mysite';
$dbpass = '12JNdie8Ds3';
$dbname = 'mysite';

// 2. get the value from the form
$x = $_POST['x'];

Model PHP Script Example

I just whipped this script up to demonstrate some techniques for writing relatively safe web forms with PHP. This example doesn't strive to look nice or even be easy to understand. It should be a jumping off point for learning some PDO, some htmlspecialchars, some filter_var, and a functional style of composing pages. The last thing - not such a great idea, but it works for really short pages.

This script is written to try and avoid SQL injection attacks, and cross site scripting (XSS).

Code is attached, and below.

Studying Docker.io is a little easier with this Linux Containers Tutorial

I was getting through the docker.io docs, and not quite getting it, and learned it was based on Linux Containers. Followed a link to a series of tutorials by one of the committers, and it's really good so far.

LXC is basically "chroot[1] on steroids" with a isolated networking and processes in addition to isolated files. It allows you to create software within what looks like a lean Linux environment.

Replacing a Flaky Disk in Windows RAID 1

I had a disk failing, and had to remove it. The "right" way is to break the mirror or remove the disk from the plex, but it was preventing a boot for the third time, so I shut down and removed it.

The computer booted from the second disk (after selecting it with the F10 boot menu, then the Windows boot menu).

So I added the replacement disk, restarted, and then went to work on rebuilding the mirror.

The new disk was initialized as MBR.

The remaining disk in the RAID plex was working, but the plex was gone. When I tried to reactivate the volume, it said the plex was gone.

North Carolina Judge Expands definition of "Computer Professional" to Include Admins

North Carolina Judge Upholds Employer Classification of Employee as Exempt Computer Professional

This is a big loss for net admins. The exemption was intended for programmers (and even that might be considered a loss).

Semantics

So I'm reading this computer stuff, and come across:

"What separates a mixin from multiple inheritance? Is it just a matter of semantics?"

"Yes. The difference between a mixin and standard multiple inheritance is just a matter of semantics;"

What the heck did that mean? Different words, same meaning... or different words, different meaning? I am pretty sure they meant the former, but I had to double check, because "semantic" means "meaning", and in technical reading, I tend toward the literal interpretation over traditional or colloquial one.

MicroSIP Phone Audio Setup Weirdness with Different Headsets

Computer sound sucks.

Theory

There are three major contexts for computer-based sound: watching the computer like a TV, using it for video or audio phone, and using the computer as a multitrack recording studio or a multi-channel mixing board for a PA.

The problem is, the designers of Windows (and Linux, and Mac OS somewhat) have chosen to focus on enabling the usage on the right.

SQL Injection Attacks

I was looking at some special logs we keep, and found these attempted SQL injection attacks.


admin
'
a'or' 1=1--
'or 1=1--
'or''='
'or'='or'
admin' or 'a'='a
admin'or 1=1#
"or "a"="a
'or 1=1/*
'or'a'='a
'or 1=1\0
"or"="
"or"="a'='a
"or1=1--
"or=or"
''or'='or'
') or ('a'='a
'or' '1'='1
'or''=''or''='
'or'='1'
'or1=1--
a'or' 1=1--
a'or'1=1--
or 'a'='a'
or1=1--
'.).or.('.a.'='.a 
'or.'a.'='a
')or('a'='a
1'or'1'='1
aaaa
admin
admin' OR 1=1/*
or 1=1--
"or 1=1--
"or 1=1\0
'xor
1 or '1'='1'=1
1 or '1'='1' or 1=1
' UNION Select 1,1,1 FROM adm

Operations on a Remote MySQL Server

A demo of how to incorporate SSH tunnels into a Python system administration script.

Like all sysadmins, I write scripts to automate routine operations. Lately, though, I have needed to write scripts that automate routine operations on a remote system, and we need the security barriers to be a little higher than in the "old days".

We're accessing our database through an SSH tunnel, rather than via a regular encrypted socket. (The SSH connection will eventually require key pairs, and disallow regular passwords.)

Two Big Monitors, Justified

I was never one to think I *needed* two monitors after the HD monitors came out, but having used two for a couple months, I think it's totally worth it. I don't even have the second monitor on all the time, but when you're coding and testing interactively, it helps a lot.

I set it up to show four regions: editing, reference, interaction, and debugging. I keep a terminal underneath the editing window, too. Click the image to enlarge.

Syndicate content