1000fires

The brain drivel of Hank…

About

Giving back to 'Open Source' and in particular Ruby on Rails ( RoR ). This site will serve as a place where I put my own lessons learned.

Where the heck is my .profile on Westhost?

October 2nd, 2008

~/.bash_profile does not work.

It’s actually /.bashrc.

So for me. I do this:

ln -s /.bashrc ~/.bash_profile

Posted in linux | No Comments »

My software mantra…

September 24th, 2008

See this:

My Software Mantras

Posted in software design | No Comments »

Using ruby to move subversion folders and files.

September 18th, 2008

I want to move all files in this svn dir:

svn list http://svn.atld1/svn-prodops/sysadmin

to:

svn list http://svn.atld1/svn-prodops/sysadmin/scripts

Doing svn mv would see obvious and using xargs or -exec might work. I prefer not to use any brain energy on a shell script. I just do it in ruby in 5 minutes:

svn list http://svn.atld1/svn-prodops/sysadmin > /tmp/script.list

Write this to a ruby file:

f = File.open("/tmp/script.list")
f.each_line {|line|
cmd = "svn mv http://svn.atld1/svn-prodops/sysadmin/#{line.strip}
http://svn.atld1/svn-prodops/sysadmin/scripts/ -m
\"moving #{line} to scripts \" "
puts "running: #{cmd}"
`#{cmd}"
}

Now execute the file above after double checking. Viola done even with relevant comments for each move!

Posted in ruby | No Comments »

My passenger config example.

September 17th, 2008

Passenger (a.k.a mod_rails) is getting some buzz (google it). Looking at the below config and the fact that deployments are automatic from Web Server with a simple file touch.

In http.conf:

LoadModule passenger_module /usr/lib64/ruby/gems/1.8/gems/passenger-2.0.3/ext/apache2/mod_passenger.so
PassengerRoot /usr/lib64/ruby/gems/1.8/gems/passenger-2.0.3
PassengerRuby /usr/bin/ruby
<VirtualHost *:80>
ServerName vwebadm11.atlis1
#DocumentRoot /var/www/apps/html
DocumentRoot /var/www/apps/provisioning_webservices/current/public
ErrorLog logs/prodops_errors_log
CustomLog logs/prodops_log combined
#RailsBaseURI /prov_websvc         # Passenger Rails link
RailsEnv test
</VirtualHost>
<Directory "/var/www/apps/provisioning_webservices/current/public">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>

Posted in Rails | No Comments »

Calling initialize in ActiveRecord model causes nil.has_keys? error.

September 2nd, 2008

When instantiating a model class this error occurs:

instance = MyModel.new
NoMethodError: You have a nil object when you didn't expect it!
The error occurred while evaluating nil.has_key?

This is rectified by placing a super within model class.

def initialize
super
logger.debug("initialize VirtualMta: #{self.class}")
end

Posted in Rails, ruby | 3 Comments »

Running Finder as root on OSX - to solve app install issues

August 22nd, 2008

open terminal
sudo sh
killall Finder
/System/Library/CoreServices/Finder.app/Contents/MacOS/Finder

Why? I’ve found sometimes certain applications require root to run/install. Office 2004 and an HP Officejet software are two examples.

Posted in OSX | No Comments »

‘OTP’ based sudo, with per process restrictions.

July 30th, 2008

Is it possible to audit Unix/Linux server root access per task and on temporary basis?

Yes.

Years ago I wrote a ’sudo’ equivalent in W32, but with a big twist. It was called “RunAuth”. It used the API “run as” mechanisms. It gave admin access based on an OTP (http://en.wikipedia.org/wiki/One_time_password). The OTP was NOT automatic. The person had to call the helpdesk to get a code. It was based on a shared secret and MD5. Secondly, the code provided  defined the exact process that could be executed by the RunAuth client.

Use Case:
Field Sales Person wants to install a new HP Printer. User does NOT have local admin. How to install a printer driver without shipping computer to IT?

Solution:
Start RunAuth, choose install printer driver, a challenge code is presented. Tell the IT person over the phone the code. They provide a response that immediately executes the install printer wizard as admin. The actual MD5 signature of the DLL or EXE is also validated before running to ensure no trojan or backdoor is created. Upon completion of task, the machine logs out the user or requires reboot.

Point:
The same can be accomplished in Linux.
Think of sudo with one time password access. Why is this important? Because that means admins don’t have single control over root access. It requires “dual” access. Someone else who is not an admin, has to consent to the changes or stated objective to provide the admin a one time sudo password. So if the automated provisioning cannot handle a task or an emergency occurs, there is still a regimented procedure to perform ad hoc tasks,but there is change control enforced at the OS.

I’d like to have opinions?

H

Posted in Security, linux | No Comments »

How to set up mongrel_cluster on Westhost

May 20th, 2008

Goals:

  • To auto start with init.d, upon westhost restart, etc.
  • Use Apache to front end, via mod_proxy.

You’ll have to follow other sites on installing gems, etc. This Site has some very useful info, namely you need to symlink mongrel_cluster_ctl and ruby to /usr/bin/ (you’ll have to do a find / -name mongrel_cluster_ctl). Mine was here: /usr/local/ruby/lib/ruby/gems/1.8/gems/mongrel_cluster-1.0.5/bin/mongrel_cluster_ctl

So I linked into /etc/init.d/ like so:

ln -s /usr/local/ruby/lib/ruby/gems/1.8/gems/mongrel_cluster-1.0.5/bin/mongrel_cluster_ctl /etc/init.d/

chkconfig is not installed on westhost, so you have to do the init.d link/scrips the old fashioned way:

ln -s /etc/init.d/mongrel_cluster_ctl /etc/rc.d/rc3.d/S81mongrel_cluster

ln -s /etc/init.d/mongrel_cluster_ctl /etc/rc.d/rc3.d/K19mongrel_cluster

K = Kill, the number means the order

S= Start, “”

Posted in Uncategorized | No Comments »

Mixin Module Madness — why self ain’t really self

April 1st, 2008

This all came up b/c I wanted to write a shared mixin module to have attachment_fu ready actions for all my controllers that have attachments. No need to put that crap in every controller. So in a mixin module when you want to do some fun reflection/introspection like so:

    @this_obj = self.controller_name.classify.constantize.find_safe
(id,logged_in_user.id)

In Dev this worked great. Tests were good, my mostly view/template developer partner, approved. Deploy to test and WHAMMO!

    "NameError ("Blogs | ListAll" is not a valid constant name!):

…”

What gives? Mmm, seems when you include a mixin, that is included in a controller. The self.controller_name will report incorrectly in Test and Prod. So I had to adjust the code a little using a new method:

        @this_obj = self.this_controller_name.classify.constantize.find_safe(
id,logged_in_user.id)

Below is the method(which is basically David’s code for controller_name).

###############################
#This method is here b/c it is apparent that Rails
#ActionController.controller_name
# is unreliable in Test and Production for some reason.
# attachment_symbol_name: Blogs | List_all_attachments
# attachment_model ERROR: "Blogs | ListAllAttachment"
#is not a valid constant name
###############################
def this_controller_name
    self_class = self.class.to_s.sub(/Controller$/, '').underscore
end

Posted in Rails, Uncategorized, ruby | No Comments »

Cheap man’s SMS Gateway

March 10th, 2008

In a model or util class, parse number to determine the telecom provider (example: http://www.notepage.net/smtp.htm). Create an email message to the respective email @ address for that provider.

Issues:

SMTP is not as time sensitive.

But for a small web app, is this ok?

Posted in Uncategorized | No Comments »

« Previous Entries
RailsConf 2008

Search

Subscribe

RSS RSS ok

Pages

Categories

Archives

Blogroll

Meta

1000fires is powered by WordPress

I feel dirty theme by studio ST
Entries (RSS) and Comments (RSS).