wilfblog

A common problem with firewalls is that you want to allow certain ports from a list of trusted hosts. For example, you have 3 locations that you commonly log into your machine from, and you want to allow ssh and mysql from these locations, but not from elsewhere. If you just added rules to the INPUT chain, you would need 3 rules for ssh, and another 3 rules for mysql, and each source address would be specified twice, once for each of these services. This is not very efficient, as adding another source would involve inserting 2 rules. Furthermore, the number of rules multiplies rapidly as additional ports or source addresses are needed.

Here's how to avoid this problem by using custom chains in iptables to allow connections from a range of different sources without having lots of similar rules in the INPUT chain. I'm doing this on Ubuntu, but this can obviously be applied to any distro.

After upgrading from Dapper to Edgy and re-running vmware-tools-install, I got this error when trying to start the vmware console:

/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libpng12.so.0/libpng12.so.0: no version information available (required by /usr/lib/libcairo.so.2)

I found a thread about it here: http://www.vmware.com/community/thread.jspa?threadID=38856&tstart=0

The fix that actually worked was to remove libdbus-1-2:

apt-get remove libdbus-1-2

Many thanks to PsyDoc on the VMTN forum!

As we all know, in the real world things are rarely simple, and the deployment of Ruby on Rails sites is certainly no exception to this rule. In fact it can sometimes seem that what Rails gives with its ease of development, it takes away when it comes to the quagmire of deployment. First you have to choose your server - Apache with FastCGI? Lighttpd? Apache with Mongrel cluster? The options can seem baffling to the newcomer.

Running first on a Debian platform, I initially deployed my Rails sites using Apache 1.3 with FastCGI. However, this proved so unreliable that eventually I was forced to take all my sites offline in order to protect the health of the rest of the system. Frequently I would notice sluggish performance, and log in to find a zombie ruby process hogging all available CPU. And I'm not alone.

So when I recently rebuilt my server using Ubuntu Dapper Server I decided to try LightTPD - AKA Lighty. The Mongrel cluster approach was out, as this requires Apache2.2, and I wanted to stick to the Ubuntu packages for ease of ongoing maintenance, and avoid compiling anything from source. My server also hosts a number of sites running happily on Apache and using PHP, so the new Lighty solution had to co-exist with these.

Based on my experience, I'm going to show how you too can build the ultimate server (tm) - one that can handle virtual hosting of Apache/PHP sites alongside multiple Rails sites on Lighty, where any site can use MySQL or PostgreSQL as its database, and all this can be made to coexist on one server using nothing more than an installation of RubyGems and the standard Ubuntu packages.

I'm now officially certified!

Dear James:

The results of your RHCE Certification Exam are reported below. The RHCE Certification Exam allows candidates to qualify for the Red Hat Certified Engineer (RHCE) and Red Hat Certified Technician (RHCT) certificates. Please note that the RHCE designation is understood to both include and supersede the RHCT designation.

SECTION I: TROUBLESHOOTING AND SYSTEM MAINTENANCE
RHCE requirements: completion of compulsory items (50 points) overall section score of 80 or higher
RHCT requirements: completion of compulsory items (50 points)

Compulsory Section I score: 50.0
Non-compulsory Section I score: 50.0
Overall Section I score: 100

SECTION II: INSTALLATION AND CONFIGURATION
RHCE requirements: score of 70 or higher on RHCT components (100 points) score of 70 or higher on RHCE components (100 points)

RHCT requirement: score of 70 or higher on RHCT components (100 points)

RHCT components score: 90.9
RHCE components score: 78.6

RHCE Certification: PASS

Congratulations -- you are now certified as a Red Hat Certified Engineer!

So I was round at my parents house last weekend, when I heard the dreaded words "can you have a look at the computer, it says we've got a virus". Switching on the PC, I was puzzled when some minutes after logging in, lo and behold, a window popped up onto the screen kindly informing me that the PC was infected by some sort of nasty, and inviting me to part with cash to procure an AV product known as "WinAntiVirus". I was not running IE at the time, and the window wasn't a browser window. So there was definitely something nefarious on the PC.

When you "sudo apt-get install proftpd" on Ubuntu, debconf will tell you that if you're using xinetd then you're on your own. Here is what you need to put in /etc/xinetd.d/proftpd to make it work:

# default: on
# description: ProFTPD FTP server
service ftp
{
   flags = REUSE
   socket_type = stream
   instances = 50
   wait = no
   user = root
   server = /usr/sbin/proftpd
}

Then just do "sudo /etc/init.d/xinetd restart", and you're all set.

So there I was, browsing through various Typo blogs and wondering why mine didn't have syntax highlighting of code blocks like all the cool kids out there. After some googling, and installing the syntax gem, I was puzzled to find that my code was still not being highlighted.

Turns out that, of course, the syntax highlighting relies on the CSS. And the stylesheet supplied with the Scribbish theme doesn't define any styles for the .typocode classes used by the syntax highlighting. So I decided to do something about that.

Anyone wanting to run virtual machines on Ubuntu will be interested to hear that VMware currently have a beta version of VMware server available for free download. However, installation has a few pitfalls, so here is how to do it.

The Problem

As you probably know, when a model fails validation, the errors can be displayed at the top of the form by including this little snippet:

<%= error_messages_for("model") %>

However, this only accepts one model as an argument. What to do if your form updates more than one? I have a checkout form that creates an order, and also creates associated user, address and shipping_address models. The easiest solution is to do this:

<%= error_messages_for("order") %>
<%= error_messages_for("address") %>
<%= error_messages_for("shipping_address") %>
<%= error_messages_for("user") %>

However, this results in up to 4 big red error boxes - not exactly user-friendly.

So, I'm using SaltedHashLoginGenerator in my project. All the buzz seems to be around acts_as_authenticated at the moment, but I wasn't too impressed. It seems to lack basic functionality such as 'forgot password'. So I stuck with SaltedHashLoginGenerator, figuring if it ain't broke, don't fix it. However, I have added a few neat tricks to make it easier to use, which are described here.