denyhosts: remove!

Anyone of you using denyhosts? It works quite well, but I regularly need to remove some false positives. Manually. And that sucks.

Manually removing an IP

To remove a false positive you need to remove the IP from the following files:

  • /etc/hosts.deny
  • $DENYHOSTS/hosts
  • $DENYHOSTS/hosts-restricted
  • $DENYHOSTS/hosts-root
  • $DENYHOSTS/hosts-valid
  • $DENYHOSTS/users-hosts

with $DENYHOSTS being the working directory of denyhosts, in Debian’s case it is /var/lib/denyhosts/. Open every file, search for $IP, remove the line. As soon as you have a few users that do not get used to using SSH keys this workaround gets annoying quite quick..

Fortunately, there are scripts!

The scripty way

Here is the script:

#!/bin/bash

if [ -z "$1" ]
then
    echo "give me an ip"
    exit 1
fi

echo Removing $1 from denyhosts tables
WORK_DIR=/var/lib/denyhosts/
IP=`echo $1 | sed 's/\./\\\\./g'`
service denyhosts stop
eval "sed -i /$IP/d /etc/hosts.deny"
eval "sed -i /$IP/d ${WORK_DIR}hosts"
eval "sed -i /$IP/d ${WORK_DIR}hosts-restricted"
eval "sed -i /$IP/d ${WORK_DIR}hosts-root"
eval "sed -i /$IP/d ${WORK_DIR}hosts-valid"
eval "sed -i /$IP/d ${WORK_DIR}users-hosts"
service denyhosts start

Just call it passing the IP address as an argument. Also available as bf-denyhosts-remove from my apt repo.

You’re welcome :)

node? No such file or directory..

I just wanted to install some software that uses NodeJS, but that failed with the following error:

/usr/bin/env: node: No such file or directory

I’ve been sure I installed NodeJS from the repository, so I had a look at the build script of the software that I was about to install. It started with:

#!/usr/bin/env node

As I just discovered, the debian package providing NodeJS installs the binary as:

$ dpkg -L nodejs
/.
/usr
/usr/bin
/usr/bin/nodejs
[...]

You see, on my system the NodeJS binary is called nodjs, not node (as assumed by the tool I wanted to install). Easy to work around this problem: Just create a link to nodejs and call it node:

ln -s /usr/bin/nodejs /usr/local/bin/node

I installed the link to /usr/local/bin/node because that’s also in my $PATH and won’t conflict with other software that might provide /usr/bin/node..

Useful git stuff

Aliases

Global aliases are stored in ~/.gitconfig. I’m using the following aliases:

# beautify the log: list actions of last 14 days in a tree like view
git config --global alias.lg "log --all --pretty=format:'%x09%C(bold blue)%an%Creset%x09%Cred%h%Creset %Cgreen%ad%Creset%x09%s%d' --graph --date=short  --since='14 days ago'"

# serach for a particular thing in the history
git config --global alias.search "log --all --pretty=format:'%x09%C(bold blue)%an%Creset%x09%Cred%h%Creset %Cgreen%ad%Creset%x09%s%d' --graph --date=short -m -i -G"

# shortcut for the status
git config --global alias.s "status"

# shortcut for commiting
git config --global alias.c "commit -a"

# shortcut for pulling and pushing
git config --global alias.d "pull"
git config --global alias.u "push origin master"


# diff two commits using meld
git config --global alias.meld "difftool -d -t meld"

Goodmorning jekyll!

As you can see, I left WordPress and moved to jekyll! Even if I really like the name, discarding WordPress was on my schedule for quite some time.

Why leaving?

The main reasons for leaving WordPress:

  • I always wanted to get rid of the whole overhead: admin interface, database connection, all the javascript stuff that slows the browser… All not necessary for just publishing some words…
  • I do not like software that calls home without asking me. Sure, it’s convenient for some people, but I hate such a behavior. And it makes me skeptic. No idea what is transferred exactly, but I’m almost sure they have my mail address..

There are some more reasons, but those two were sufficient to make me move.

Where to go?

Recently, Micha pointed me to jekyll. Jekyll is a software to generate websites. You can simply write your stuff using MarkDown and jekyll will build your page. Jekyll is really very simple. The generated page is static. And Jekyll is blog-aware.

I of course had a look at some other static-page-generators, but jekyll indeed seems to be the most convenient (and maybe sophisticated?) software.

But how?

Basically, building a jekyll blog is dead easy.

Install jekyll

You need to have ruby and ruby-dev installed, the just call:

gem install jekyll

Not you can create a new website using

jekyll new my-site

And you’ll find a directory structure as explained on their website. You can also just clone a git repository to get a start. There are also plenty of themes out there.

Start publishing

A bit trickier than installing: You need to think.. ;-)

Posts go to _posts and should always be named YYYY-MM-DD-identifier.md. They always have a preamble (so-called front matter) which looks like:

layout: post
title: Your title goes here.

But that’s it. Now you can start writing. Read more about posting.

Pages just live in the root of your jekyll instance. They will just be copy-translated. Thus, if you create a file about.html in the root jekyll will just translate included markdown and then copies it to your-site.com/about.html.

But how2?

Yes, of course, I didn’t want to start from scratch. So I was looking for tools to convert my WordPress stuff to markdown for jekyll. That was more or less successfull. There are tons of approaches. But non of them really met my needs. So I decided to extend on of those and forked a php-based wordpress-to-jekyll converted from davidwinter.

After a few commits the converter now exports posts, pages, and comments. It also distinguishes between published and draft. And downloads the attachments. Just give it a try and tell me if you experience any trouble.

Comments

You’re right. Comments on a static page is a bit contradictory. But not impossible.. ;-)
I saw some blogs using the crap of Disqus and Facebook and stuff. Not my world, obviously..

But there is also a static comment pluglin for jekyll. I forked it to implement my changes. I do not need the PHP stuff, to submit a comment for my blog you can use one of the following three options. I will then decide whether I’m going to include the comment in my blog. I guess that is the ultimate way to fight Spam..

Submit a comment

  • Send me an email with your comment. Do not forget to mention the article you want to comment. And optionally include a website and a name to sign the comment.
  • I am maintaining a feedback site. It is meant to receive feedback in general, for presentations, for my work, code, for the coffee that I serve to guests. Stuff, precisely. It is also available through the TOR network, so you can make sure you’re really anonymously. You can use this website to also create comments. Every page contains a link submit a comment through the feedback page, which brings you to that page. Just make sure to mention the article, and if you want me to give you the credits also add include your name and a mail address; and optionally a website.
  • You can simply fork the blog’s repository and create a comment yourself in the _comments directory. Just have a look at the other comments. Send me a pull request and I’ll have a look at it :)

Images

Converting images from WordPress was a bit trickier. There they use code similar to this:

[caption id="attachment_XXX" align="alignXXX" width="XXX" caption="XXX"]<a href="XXX"><img src="XXX" alt="XXX" title="XXX" width="XXX" height="XXX" class="size-thumbnail wp-image-XXX" /></a> XXX[/caption]

However, in jekyll you do not have the whole environment by default. After some searching I stumbled across a solution. Eventually, my wordpress-to-jekyll converter substitues these environments with

{ % include image.html align="alignXXX" url="XXX" img="XXX" title="XXX" caption="XXX" % }

and _includes/image.html (see GitHub) creates something that’s similar to the caption environment of WordPress. Some more CSS and everything worked like a charm! :)

I think that’s it for the moment. Moving to jekyll was not that difficult. And I now have a static website that’s hopefully changing from time to time…

gem installation fails? update gcc!

Just wanted to install a ruby package using gem. However, I’m not a ruby dev and it took me a while to work around a certain problem with gem..

I wanted to install the Effing Package Management:

% gem install fpm
Building native extensions.  This could take a while...
ERROR:  Error installing fpm:
        ERROR: Failed to build gem native extension.

    /usr/bin/ruby2.1 extconf.rb
*** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of necessary
libraries and/or headers.  Check the mkmf.log file for more details.  You may
need configuration options.

Provided configuration options:
        --with-opt-dir
        --without-opt-dir
        --with-opt-include
        --without-opt-include=${opt-dir}/include
        --with-opt-lib
        --without-opt-lib=${opt-dir}/lib
        --with-make-prog
        --without-make-prog
        --srcdir=.
        --curdir
        --ruby=/usr/bin/ruby2.1
        --with-ffi_c-dir
        --without-ffi_c-dir
        --with-ffi_c-include
        --without-ffi_c-include=${ffi_c-dir}/include
        --with-ffi_c-lib
        --without-ffi_c-lib=${ffi_c-dir}/lib
        --with-libffi-config
        --without-libffi-config
        --with-pkg-config
        --without-pkg-config
/usr/lib/ruby/2.1.0/mkmf.rb:456:in `try_do': The compiler failed to generate an executable file. (RuntimeError)
You have to install development tools first.
        from /usr/lib/ruby/2.1.0/mkmf.rb:541:in `try_link0'
        from /usr/lib/ruby/2.1.0/mkmf.rb:556:in `try_link'
        from /usr/lib/ruby/2.1.0/mkmf.rb:642:in `block in try_ldflags'
        from /usr/lib/ruby/2.1.0/mkmf.rb:635:in `with_ldflags'
        from /usr/lib/ruby/2.1.0/mkmf.rb:641:in `try_ldflags'
        from /usr/lib/ruby/2.1.0/mkmf.rb:1762:in `pkg_config'
        from extconf.rb:15:in `<main>'

extconf failed, exit code 1

Gem files will remain installed in /var/lib/gems/2.1.0/gems/ffi-1.9.6 for inspection.
Results logged to /var/lib/gems/2.1.0/extensions/x86_64-linux/2.1.0/ffi-1.9.6/gem_make.out

Especially line 35 drove me insane: You have to install development tools first. That made me think I need to install more *-dev stuff. Took me some time to find out that there was a problem with gcc! Turns out that gcc version 4.8.3 (Debian 4.8.3-13) (gcc -v) wasn’t able to build the package for me. So I installed gcc version 4.9.1 (Debian 4.9.1-19) and everything worked like a charm. :)

Web Screenshots. W/O browser!

Just discovered a nice way to take screenshots of web sites from the command line! No browser needed. Cool.

The tool I’d like to advertise is called gnome-web-photo :

aptitude install gnome-web-photo

For instance. To take generate an image of my website just call:

gnome-web-photo --timeout=60  binfalse.png

Just take a look at binfalse.png to examine the result. I obtained a 1024x6334 image. I guess the main use case is to generate some kind of preview/thumbnail. To get a thumbnail simply add --mode=thumbnail :

gnome-web-photo --timeout=60 --mode=thumbnail  binfalse-thumb.png

Afaik, there is no option to generate a larger thumb, but you could just pass --width= without the --mode=thumbnail . And then crop the pic yourself (e.g. using imagemagick). However, you need to run X and you need to have GTK, if I understand correctly. Nevertheless, I like that solution.

Record Stream Using VLC

I just needed to record a video stream. Usually, I use mplayer for these kinds of jobs, but this time it failed. However, on the internet I found a way to do it using VLC, which apparently has quite a command line interface.

This comment revealed that the VLC media player comes with some command line magic. Of course, not much is documented in the man page, but the user guide on their website seems to be useful.

Long story short, I ended up with the following command to save the stream http://STREAM.mp4 to /tmp/file.mkv :

vlc http://STREAM.mp4 --sout="#std{access=file,mux=mkv,dst='/tmp/file.mkv'}" vlc://quit

Cool.

For the records, here are some alternatives:

# using mplayer
mplayer -dumpstream http://STREAM.mp4 -dumpfile /tmp/file.mp4
# using ffmpeg
ffmpeg -i http://STREAM.mp4 -acodec copy -vcodec copy /tmp/file.mp4

New GPG Key

It was time to finally replace my old GPG key. I created the key in 2008 and from today’s perspective a 1024 bit DSA key is really weak. Thus, today I decided to move to a new key and created a 4096 bit RSA key.

My old key was

pub   1024D/446DB306 2008-07-15 [expires: 2017-07-13]
      Key fingerprint = 0E75 62A5 405E 65B1 B477  4215 D9B3 5173 446D B306

And the new key is:

pub   4096R/8D2DD9BD 2014-01-15 [expires: 2019-01-14]
      Key fingerprint = 08E6 6E72 A83A 9871 CD49  3441 E81B C307 8D2D D9BD

For those of you who already trust my old key I created a transition note which is signed by both my old and my new key.

To import my new key to your key chain you can use the following command:

gpg --keyserver pgp.mit.edu --recv-key 8D2DD9BD

The new key is already signed by the old key. Those of you trusting my old key may verify the signature using:

gpg --check-sigs 8D2DD9BD

To sign the new key execute the following command:

gpg --sign-key 8D2DD9BD

And it would be nice if you upload the signed to one of the key servers:

gpg --keyserver pgp.mit.edu --send-key 8D2DD9BD

You are of course free to give me a call in order to verify the fingerprint ;-)

Gajim idling error

Just stumbled upon a small bug in Debian’s version of Gajim (0.15.4-2 – currently in testing and sid).

The following error occurs when Gajim starts to idle:

Traceback (most recent call last):
  File "/usr/share/gajim/src/common/xmpp/idlequeue.py", line 533, in _process_events
    return IdleQueue._process_events(self, fd, flags)
  File "/usr/share/gajim/src/common/xmpp/idlequeue.py", line 394, in _process_events
    obj.pollin()
  File "/usr/share/gajim/src/common/xmpp/transports_nb.py", line 420, in pollin
    self._do_receive()
  File "/usr/share/gajim/src/common/xmpp/transports_nb.py", line 606, in _do_receive
    self._on_receive(received)
  File "/usr/share/gajim/src/common/xmpp/transports_nb.py", line 620, in _on_receive
    self.on_receive(data)
  File "/usr/share/gajim/src/common/xmpp/dispatcher_nb.py", line 488, in dispatch
    handler['func'](session, stanza)
  File "/usr/share/gajim/src/common/connection_handlers.py", line 2009, in _StreamCB
    conn=self, stanza=obj))
NameError: global name 'obj' is not defined

This results in a dis- and a subsequent reconnection. As the traceback already suggests the error can be found in /usr/share/gajim/src/common/connection_handlers.py on line 2009. This is the corresponding function:

def _StreamCB(self, con, iq_obj):
        log.debug('StreamCB')
        gajim.nec.push_incoming_event(StreamReceivedEvent(None,
            conn=self, stanza=obj))

Obviously, there is no variable obj : The passed argument is called iq_obj … To fix that mistake just substitute the function definition with (replace iq_objobj in line 2006):

def _StreamCB(self, con, obj):
        log.debug('StreamCB')
        gajim.nec.push_incoming_event(StreamReceivedEvent(None,
            conn=self, stanza=obj))

This bug is already fixed in their repository (13861:239ec662de5a). Thus, this article is mainly for people not familiar with python/programming, who need a quick fix. (wasn’t able to find something on the Internet)

Btw. I’m not sure why, but this error just affected one of my four machines which are running Gajim.

Challenge is over.

SEMS challenge
SEMS challenge

About 6 or 10 moths ago we were searching for a student to work with us in the SEMS project. In order to reduce the number of applications I started a challenge. To solve this challenge you had to show some understanding for basic techniques and programming languages, so we didn’t waste our time with people not able to write a single line of source code.

And what should I say? It was successful! We’re now a great team with three students :D

However, currently this challenge seems to spread over the internet. And lot’s of people try to solve it (and many submit a wrong answer^^). But even worse, some of you guys try to exploit it by submitting something like

"; SHOW TABLES;

In general I don’t care. It was just some lines of PHP that send me an email in case of a correct answer. There is no database and the worst that can happen is a full inbox, but now I decided to close this challenge and instead forward users to this article.

Thus, if you arrive here feel free to apply for a job! I guess all of my readers, even if they didn’t solve this challenge, are perfect fellows…

If you nevertheless want to give it a try you can download the challenge.