Saturday, November 16, 2013

Useful tool when helping Windows users install their OS

This post is more of a "note to self" than an attempt to be useful to somebody else.

I am even typing this post in Internet Explorer. It feels like a Pterodactyl is about to swoop into the room and try to shit on HTML standards.

In any case I gave my backup laptop to my kid and so had to install Windows on it. Why? Well I want her to be able to play games so Windows seems the best choice. Plus she can still learn open source programming languages, albeit in a funny way.

Luckily I remembered this blog that I read and they posted this really nifty tool called Ninite. Click the link here (http://ninite.com/). This helpful tool lets you download a single install file that installs free (either OSS or free to use) software like Libre Office, Flash, Notepad++, antivirus, etc.

Lets just say that it feels almost like an Ubuntu meta-package that helpfully installs everything you need, but you get to choose.

Plus it's all free and the only software I don't trust (at the moment) is Truecrypt. Why? Well we don't know who wrote it.

So save yourself a bunch of time and use Ninite :) It's a really useful tool to introduce kids to FOSS.

Thursday, September 26, 2013

A rare Google UI failure

A Google UI employee contemplating how to make
Larry and Sergei some money
I updated my Google Chrome mostly because I trust Google in terms of UI. In the past they've always released updates that make things faster or easier to reach (while perhaps adding new extra functions).

Why am I so disappointed? Well now when you open a new tab you're confronted with a Google search bar and your most visited sites. This most probably sounds like a good thing. BUT... your tab is in the omnibar which is the same as a Google search if you don't specify a valid URL. So to make use of the default Google search requires you to tab or click into the box.

More annoyingly you can't choose to have your installed apps show instead of a Google search box and an acknowledgement that they track your browsing activity and share that with the American spy agency. So instead of hitting CTRL-T and clicking feedly I have to face NSA surveillance by Google showing me they're tracking me, click on the top left to open apps, then click Feedly. Why? Because for some reason Google thinks it is more important for me to have no option but to use their search engine and that I am incapable of deciding to use applications instead of sites I visit regularly.

Do I support American spy surveillance? Not really. This nation has invaded a foreign nation every decade for the past 60 years. They're the only nation to have ever used nuclear WMD on civilian targets. They routinely hack and spy on neutral foreign nations. I trust the American government a great deal less than I trust Google.

Nonetheless, lets assume for the moment that using an American Internet product is somehow "safe".

You can't choose which search engine is default. Google says "Don't be evil" .... really? As soon as you have a majority browser share you enforce your search engine as a mandatory non-changeable option? And you require me to click into it? Fuck off Larry and Sergei.... you click (since you charge people for clicks ).

And now instead of pressing CTRL-T and hitting an app (like RescueTime or my REST interface or my news browser) I have to move my mouse to the top left? How is this beneficial to me, Larry or Sergei? It really reduces the usefulness of Chrome as a developer browser. What benefit is there for Chrome to load your Google default search into my app tabs when your omnibar works the same? Are you fucking retarded? Don't you see you're stopping me from hitting my apps quickly?

Fork Chromium and get a sensible community version.

Thursday, August 15, 2013

Fixing the "smsbox_list empty" error in Kannel

I got this error even though I had an smsbox defined. 

Unfortunately I had forgotten to create the smsbox-route group, so this is a very quick fix:

#---------------------------------------------
## SMS ROUTING
##---------------------------------------------
group = smsbox-route
smsbox-id = mainbox
smsc-id = ztemodem-smsc-group
sim-buffering = false
... continues ...

Just make sure the id's matchup, so my smsbox group begins with this:
#---------------------------------------------
## SMS BOX
##---------------------------------------------
group = smsbox
smsbox-id = mainbox
... continues ...

And my SMSC looks like this:
#---------------------------------------------
## GSM MODEM SMSC
##---------------------------------------------
group = smsc
smsc-id = ztemodem-smsc-group
... continues ...

This successfully cleared the "smsbox_list empty" error and allowed messages to be delivered properly. Kannel had until then been able to send messages and receive delivery reports, but was not reading messages stored on the SIM.

I've included sim-buffering = false in the above config because some people on the kannel mailing list suggested experimenting with it.

Also, the "message-storage" tag in my modem definition is set to "sm". Some people suggested trying it on "me", but this didn't solve the problem for me and setting to "sm" now works.

Wednesday, August 14, 2013

Setting up a Kannel SMS centre on a Raspberry Pi with a K3565-Z modem

Our office (who wants me to mention how awesome they are) had a need for a means to send/receive automated sms messages relating to online banking. We decided to give a Raspberry Pi the job and so I have had the fun of setting it all up.

First off I installed Rasbian ( http://www.raspbian.org/ ) which is a Debian fork and is sufficiently easy to do following the guide on eLinux ( here ) which is linked to from the Raspberry Pi project website downloads page.

Next came a standard LAMP stack install.  I needed to have a web-server running because we will be running a management package on the box to track messages etc.

Next came Kannel.  I used the default package available from the Rasbian repositories so there was no need for fiddling.

My kannel.conf file was the next hurdle.  For the most part this is pretty easy to set up from the examples given on Kannel's site and elsewhere on the web.  I want to just mention the modem part, which was perhaps the most challenging part of this endeavour:

 #---------------------------------------------                
 ## GSM MODEM SMSC  
 ##---------------------------------------------   
 group = smsc  
 smsc = at  
 smsc-id = ztemodem-smsc-group  
 device = /dev/gsmmodem  
 log-level = 0  
 connect-allow-ip = "127.0.0.1; localhost; 192.168.3.*"  
 modemtype = auto  
 speed = 9600  
 my-number =   
 sms-center = +27831000113  
 #validityperiod = 167  
 alt-charset = "ASCII"  
 #---------------------------------------------                
 ## MODEM DEFINITION  
 ##---------------------------------------------   
 group = modems  
 id = vodafone  
 name = "vodafone"  
 detect-string = "ZTE INCORPORATED"  
 message-storage = sm  
 init-string = "ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0"  

Note that I've set an init string explicitly. This is because I was getting the "got +CMT but pdu_extract failed" error consistently when I sent a message. I obtained that init string by using wvdialconf, so if you have a modem other than the K3565-Z you might be able to use it to get your init string. Apparently it's not required for all modems though.

Ah, but I'm missing the best part... how do you actually get the modem to be a modem? The K3565-Z is a "zerocd" modem. When you plug it into a Windows box it mounts as a CD-ROM, installs drivers, which then flip it into being a modem.

To illustrate here is the output of lsusb on the Raspberry with the modem as it is on powerup:

 Bus 001 Device 002: ID 0424:9512 Standard Microsystems Corp.  
 Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub  
 Bus 001 Device 003: ID 0424:ec00 Standard Microsystems Corp.  
 Bus 001 Device 004: ID 19d2:2000 ZTE WCDMA Technologies MSM MF627/MF628/MF628+/MF636+ HSDPA/HSUPA  

And here is the output after using usb_modeswitch -c /etc/usb_modeswitch.conf to flip it into a modem:

 Bus 001 Device 002: ID 0424:9512 Standard Microsystems Corp.  
 Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub  
 Bus 001 Device 003: ID 0424:ec00 Standard Microsystems Corp.  
 Bus 001 Device 006: ID 19d2:0063 ZTE WCDMA Technologies MSM K3565-Z HSDPA  

Note that the device product has changed, as well as the description. I am not sure why but the stick was never mounted as a cdrom for me, so I could not eject it to flip its state. So I had to use usb_modeswitch to do it.

 sudo usb_modeswitch -c /etc/usb_modeswitch.conf  

I found the correct settings for this on a forum (here ) which also gives some useful information on how to accomplish the flip. You need to append the following snippet to your /etc/usb_modeswitch.conf file.

 #######################################################  
 # ZTE-K3565 , VODAFONE BITE GSM  
 # Gediminas Simanskis  
 # www.edevices.lt  
 DefaultVendor= 0x19D2  
 DefaultProduct= 0x2000  
 TargetVendor= 0x19D2  
 TargetProduct= 0x0052  
 MessageEndpoint=0x01  
 MessageContent="5553424308E0CC852400000080000C85000000240000000000000000000000"  

You will need to experiment on finding the best way to execute the flipping, but this is really the only complication in the setup.

Monday, February 11, 2013

Installing phpMyAdmin and removing the popup authentication in CentOS 6

Installing phpMyAdmin is a snip in CentOS, but there is a little trick that most tutorials skip out. For some reason the default setup (using standard repositories) does not like you having a null password for your mySQL root account. I know that you are supposed to be able to set a blank password in the pma config file and set the option to allow blank passwords to true, but this did not work for me until I set a root password. I kept getting a popup box that looked exactly like a .htaccess Apache protect but was actually just a Javascript prompt.

So here goes:



Step One - enable your EPEL repo:



 $ cd /tmp  
 $ wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-7.noarch.rpm  
 # rpm -ivh epel-release-6-5.noarch.rpm  


Step Two - Install phpMyAdmin

 # yum search phpmyadmin  
 # yum -y install phpmyadmin  


Step Three - optionally edit your Apache conf

If you get Apache forbidden errors (should not be the case) you can try editing your .conf file
 # vi /etc/httpd/conf.d/phpMyAdmin.conf  


So that it looks like this:

 <Directory /usr/share/phpMyAdmin/>  
   Order Allow,Deny  
   Allow from All  
 </Directory>  


Remember to restart Apache afterwards

Step Four - Set a mySQL root password

 $ mysqladmin -u root password "hackme"  


Step Five - Edit your config.inc.php file

You should be able to navigate to http://localhost/phpmyadmin/setup and use that to create your config file, but I rather copied the sample to a new file.

Your /usr/share/phpMyAdmin/config.inc.php file should include the following:

 /* Authentication type */  
 $cfg['Servers'][$i]['auth_type'] = 'config';  
 $cfg['Servers'][$i]['user'] = 'root';  
 $cfg['Servers'][$i]['password'] = 'hackme';  
 $cfg['Servers'][$i]['AllowRoot'] = true;  

Friday, December 7, 2012

Role based authentication in Cake 2.x

I do not like reinventing the wheel so really just want to build on existing tutorials and provide some background information and experience.

 Firstly make sure you understand the difference between ACO and ARO. To put it in very simple terms an ACO is something that is protected by ACL and an ARO is something that uses ACL to access the ACO.

 It might help to think of ARO as users (groups) and ACO as controller actions. You will be marking your user and group models as requester objects and setting ACO on controller actions across the board.

The Cake manual really is good in explaining the concept of ARO, ACO, ACL. Please make sure you read it and understand it before continuing.  Unless you understand what ARO, ACO, and ACL mean at this point the rest of this post will make no sense.

Please RTFM before continuing.

Okay, now read through the Cake page that introduces the ACL shell (here). Ignore the sections "Create and delete nodes" and "Grant and Deny Access". We will be using tools to do these tasks since manually assigning permissions for even a medium sized project (20 models) would be unmanageable - especially if you are using a feature driven Agile approach.

Read and preferably try out the tutorial found on the Cake book site (here). Following this tutorial will give you a role based authentication system. Since we are predominantly interested in Role Based Authentication please make sure that you follow the instructions regarding "Group-only ACL" (here).

Still with me? Okay - I typically use a feature driven Agile approach when developing. CakePHP really lends itself to this development methodology. BUT it does mess around a bit with ACL when you need to add new models and controller methods. So what's the fix?

Well, in my opinion, the AclExtras plugin (available here) that the tutorial I linked to earlier is an indispensable tool. By using it to sync the ACO table (read the tutorial) you can quickly create/recreate the ACO tree.  Now you should understand why I told you to ignore the section "Create and delete Nodes" from the Shell Manual.

Go back to the page about the ACL shell (here). At the bottom of the page there are instructions to output the tree. I personally like to output it into a text file and store it in my documents folder. Not only is it useful to have a list of the ACO's but it really helps in creating the initDB method in the Users controller (see the tutorial).

 Please don't make the mistake of making every model an ARO. Only the User/Group tables need to be ARO. The tutorial doesn't explicitly say this and I remember the first time I worked with ACL I made this mistake. Do not copy and paste the ActsAs requester into each model!

Development is never static (unless you are using a Waterfall approach in a legacy environment like Cobol or Fortran). So working with ACL in CakePHP will require some tweaking as you go along.

 Fixing the ARO table is relatively simple. There are a couple of ways to fix it:

1) Truncate the table, add the allow method from the tutorial to your before filter in Users controller and add new users who are linked to the appropriate groups. Remember: We are focused on role based authentication so you should have assigned group as parent to user.
2) Truncate the table and manually add the groups required (should only be a handful)

Once you have fixed your ARO table you should rerun the initDB method in your Users controller to recreate the join table (aros_acos). I'm not sure why this join table is named in such a way as to break Cake conventions but truncating it and rerunning your initDB method (see the tutorial) is the way to fix permissions.

What happens if you get a node error? No problem really - resync your ACO table with AclExtras plugin (see tutorial). When will this occur? If you add a new controller, or a new method to a controller. This is why I use the ACL shell (linked above) to export the ACO tree (created with AclExtra's plugin). It allows me to quickly check what nodes exist.

What do the tables do?

  1. 'acos' => objects that can be requested by ARO
  2. 'aros' => requester objects that require access to protected ACO
  3. aros_acos => join table linking the permissions
In the tutorial linked above the initDB method sets up the 'aros_acos' join table.

Any questions?  Please comment on the post and I will answer.

Wednesday, December 5, 2012

Adding a cross-browser transparent background

Adding a transparent background that is cross browser compatible is relatively simple.  It does not rely on CSS3 and so this method works for the current versions of Chrome and Firefox as well as IE8 and above.

Add this to your template:
<div class="container">
   <div class="content">
       Here is the content. <br />
       Background should grow to fit.
   </div>
   <div class="background"></div>
</div>

Then add this to your CSS:

   .container {  
     position:relative;  
   }  
   .content {  
     position:relative;  
     color:White;  
     z-index:5;  
   }  
   .background {  
     position:absolute;  
     top:0px;  
     left:0px;  
     width:100%;  
     height:100%;  
     background-color:Black;  
     z-index:1;  
     /* These three lines are for transparency in all browsers. */  
     -ms-filter:"progid:DXImageTransform.Microsoft.Alpha(Opacity=50)";  
     filter: alpha(opacity=50);  
     opacity:.5;  
   }  


This was an answer on StackOverflow