Thursday, November 19, 2009

permissions with rsync

Quoting from rsync man page: to give destination files (both old and new) the source permissions, use --perms. To give new files the destination-default permissions (while leaving existing files unchanged), make sure that the --perms option is off and use --chmod=ugo=rwX

 rsync -av --no-p --chmod=ugo=rwX -e "ssh -i /path/to/key" src dest 

Tricky Back Button

I'm working on a web portal that uses CAS authentication, and would like to prevent someone from using the browser back button to see secure/private contents of a logged out user. It basically requires disabling the browser cache for dynamically generated pages. Obviously it's nothing new and got to have tons of perfect solutions out there. However, after spending days poking online, following tricks satisfied me a lazy amateur web developer:

  • JavaScript onUnload event: either use
     <body onunload="">
    at the beginning of the HTML page, or
     <script> window.onbeforeunload = function () {} <script> 
    before the end of HTML body tag.

  • Above worked with Safari and IE, but not Firefox 3.5. Next trick is to use HTTP Cache-Control attributes in a response header. Django code example:

    response['Pragma'] = 'no-cache'
    response['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
    response['Expires'] = 0

  • I have a form using the POST method in the page. After logging out, browser back button would resubmit the form information to the expired user session, and cause the browser to display unexpected connection drop error. Redirecting the page using
    right after the form submission solved the issue.

Friday, August 21, 2009

Apache2 Configuration on SLES

Different but rather organized. A few tips:

To enable a properly installed module, edit APACHE_MODULES in the file /etc/sysconfig/apache2

Most server configuration directives are located in /etc/apache2/default-server.conf

Readline Not Found with Python Installation

After installing a different version of Python (2.5.4) on my SLES server, it complains about "readline" module not found, though it does exist on the system.

Fix is to install the readline-devel package and rebuild/reinstall Python.

Thursday, August 20, 2009

To Blow a Hole on SuSE firewall

Yast --> System -> /etc/sysconfig editor --> network --> firewall --> susefirewall2 --> FW_TRUSTED_NETS

Or edit the corresponding variable in the file /etc/sysconfig/SuSEfirewall2 directly

Tuesday, July 21, 2009

Exclude Packages From Rug Update

Use additional rug features.

rug lock-add *kernel* prevents any kernel updates.