Thursday, November 19, 2009

permissions with rsync

Quoting from rsync man page: to give destination files (both old and new) the source permissions, use --perms. To give new files the destination-default permissions (while leaving existing files unchanged), make sure that the --perms option is off and use --chmod=ugo=rwX

 rsync -av --no-p --chmod=ugo=rwX -e "ssh -i /path/to/key" src dest 

Tricky Back Button

I'm working on a web portal that uses CAS authentication, and would like to prevent someone from using the browser back button to see secure/private contents of a logged out user. It basically requires disabling the browser cache for dynamically generated pages. Obviously it's nothing new and got to have tons of perfect solutions out there. However, after spending days poking online, following tricks satisfied me a lazy amateur web developer:

  • JavaScript onUnload event: either use
     <body onunload="">
    at the beginning of the HTML page, or
     <script> window.onbeforeunload = function () {} <script> 
    before the end of HTML body tag.

  • Above worked with Safari and IE, but not Firefox 3.5. Next trick is to use HTTP Cache-Control attributes in a response header. Django code example:

    response['Pragma'] = 'no-cache'
    response['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
    response['Expires'] = 0

  • I have a form using the POST method in the page. After logging out, browser back button would resubmit the form information to the expired user session, and cause the browser to display unexpected connection drop error. Redirecting the page using
    right after the form submission solved the issue.

Friday, August 21, 2009

Apache2 Configuration on SLES

Different but rather organized. A few tips:

To enable a properly installed module, edit APACHE_MODULES in the file /etc/sysconfig/apache2

Most server configuration directives are located in /etc/apache2/default-server.conf

Readline Not Found with Python Installation

After installing a different version of Python (2.5.4) on my SLES server, it complains about "readline" module not found, though it does exist on the system.

Fix is to install the readline-devel package and rebuild/reinstall Python.

Thursday, August 20, 2009

To Blow a Hole on SuSE firewall

Yast --> System -> /etc/sysconfig editor --> network --> firewall --> susefirewall2 --> FW_TRUSTED_NETS

Or edit the corresponding variable in the file /etc/sysconfig/SuSEfirewall2 directly

Tuesday, July 21, 2009

Exclude Packages From Rug Update

Use additional rug features.

rug lock-add *kernel* prevents any kernel updates.

Monday, July 20, 2009

S.M.A.R.T resources

Smartmontools for SCSI devices

Monitoring Hard Drive Health on Linux with smartmontools (a nice blog entry)

And then there's man page

Init Script Templates

RHEL: /usr/share/doc/initscripts-*/sysvinitfiles

SLES: /etc/init.d/skeleton

Myri10ge under SLES 10

A mysterious kernel update happened on my SLES server, maybe I was not paying enough attention when saying "yes" to "rug update". It would have gone unnoticed for a long time if I were not just reading /var/log/messages for entertainment. I'm really unhappy to have a running kernel quietly overwritten under me, even if it's somewhat my fault. The new kernel broke the 10GigE interface, which real sysadmins helped to fix when I just installed SLES 10. Here are steps to bring things back to normal:

rmmod myri10ge
lsmod | grep myr10ge
download, build and install the latest driver from Myricom
modprobe myri10ge
modinfo myri10ge
ethtool eth2

At least this time I didn't need to have /etc/sysconfig/kernel modified with MODULES_LOADED_ON_BOOT="myri10ge" to make it load automatically on boot.

Wednesday, March 4, 2009

Bad Script Interpreter

I ran into the exact same problem with python today as described in this blog post.

In short, if a shell barks at the interpreter line like "#!/usr/bin/python" in your script while the path is absolutely correct, try run "dos2unix" on the source file.

I am a PC and I'm 4 and a half.

Monday, February 16, 2009

Linux Shell Meets Java UID

Java Unique ID generator (java.rmi.server.UID().toString()) can come in handy when needing unique directory names. However some basic Linux shell commands like ls, cd, rm, etc. may not like the "-" part in directory names like "-2374f8d0", Either "ls ./-2374f8d0" or "rm -- -2374f8d0" can do the trick.

Ant Launcher

I don't remember (or ever know) if you can use ~ in place of /home/username/ for Java classpath settings. But I got "Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/tools/ant/launch/AntMain" for ant-launcher.jar. Internet says one should also check $ANT_HOME value when running into similar errors.

Change Axis2 Client Read Timeout

RPCServiceClient serviceClient = new RPCServiceClient();
Options options = serviceClient.getOptions();

Thursday, February 12, 2009


Finally found this not so pita blogging tool for Mac, especially when it comes to handling image insert to Blogger. Maybe I should pick up blogging again.