After my recent dark ages, is time to review my Debian security level... As a starting point, the Securing Debian Manual is a must for ANY Debian administrator. Moreover, there is some useful tools, e.g. tripwire, chkrootkit and fail2ban, too.
% echo "1 3\n2 4\n-5 -3" | perl -ane '$n+=$F[0]; END { print "$n\n" }'
-2
% echo "1 3\n2 4\n-5 -3" | perl -ane '$n+=$F[1]; END { print "$n\n" }'
4
这两天都没什么心思在干活,一有空就在不停刷新闻的页面,内心里急切地想知道最新的汶川地震的灾情和救灾的进展。
我之前无法确切的描述我内心的感受,直到在网络上看到《新京报》今天社论上的一句话——“血泪之地,生民之哀,家国之痛”,不由感慨万分。这真的是血泪之地,生民之哀,家国之痛!顷刻之间,多少家庭支离破碎,多少生命从此消逝,多少血泪汇流成河。那种情形,我都不敢细想,不敢去描绘,因为每每想到这里,内心已经开始发痛,身体已经开始发抖,眼泪已经开始奔流出来……
生活总得向前,希望留在心间。
我用我的心,为地震灾区的人们祈祷...
由星期一知道四川地震的消息後,傷亡人數持續增加,心裡一直也很不舒服,尤其看到當地災民痛失親友的苦況。
自己可以做的事實在不多,只能捐款略盡綿力,大家齊來捐款支持一下當地災民,也可以在各位的網站或 blog 上呼籲捐款,謝謝:
樂施會捐款方法 (捐款熱線:2394 2394)
捐款戶口:
匯豐銀行:001-537000-012
中國銀行:012-874-0010515-7
香港紅十字會 (捐款熱線:2802 0021)
捐款戶口:
匯豐銀行:567-650-155-016
恒生銀行:267-175-123001
中國銀行:806-0000-1617
東亞銀行:514-40399-663
Well.. Too bad that my server is being hacked by someone, and inject some zombie code to attack other servers. I found that on last night, clean those zombie code, change admin password and so on. BTW, it is still too late that No-IP have already block my user account... I should check my server more often.
I've started looking at forking ExtJS, after some considerable thought, I'm pretty close to the concluding that forking ExtJS is really option left, to retain the investment I've already made in it..
So, as I have a Zip file of 1.1.1 and it explicitly says that the Javascript code is Licensed under LGPL, (not ifs/ no but's) - I'm slowly putting the code into my subversion repo under www.akkbkhome.com/svn/extjs1 (*I'm looking at extjs1.1.1 as I have been using it and tend to prefer it, but there is nothing in the discusion below that precludes anyone helping/leading with the last extjs2 version that was released)
Now if this actually becomes a full fork (most forks fail BTW), It will need a bit of work, so If anyone is interested in helping out. I've no idea where this could go. But this fork ain't changing the license no-more...
The planI think there's quite a few things to do here... so Ideas or contributions.. -- feel free to email me, or just comment on this post. - At worst, it could form the brainstorming for anyone else actually doing this. (If you want to comment on if/should this be done - do it on my previous post, otherwise I will delete the comment)
The Code
The Project
The reasoning.
I have to admit after some reflection to being pretty pissed at this change, ExtJs was useful in a number of ways, other than being a reasonably well written, the forums where search-able, so you occasionally found fixes to issues that you where having. The doc's where not to bad. etc.
But basically I've committed 1000's of hours of time to learning, and writing huge codebases that depend on ExtJS, under the basic premise that it was availably for Free, with the only Caveat that If I modified ExtJS, then I would have to give back those changes. "Quid Quo-pro" as they say.
The Change to GPL has altered that equation in such a radical way that If this was not a 'software' product, and was something physical. you would be down at the consumer council, and filing a class action against Jack for things like Breach of trust, financial gain by deception etc. And filing claims for the loss of your time, and the cost of replacing his library..
I have seen postings that appear to claim Jack plan's to 'send notice' to people using a fork, but as far as I can see, he released the Javascript code as LGPL, and from every reading I've seen of that, I have the absolute right to distribute the Javascript code, along with any modifications. - This is the purpose of the license!!! - so by claiming otherwise he is not honoring his own license, not a good omen for the future of ExtJs even under GPL!
I'm floating this, as a plan... - shout if you are interested/ have some ideas..?? - (or you can find real technical flaws - not FUD flaws please).
I think that basically sums up my reaction to Jack's GPLv3'ing a library. For those who are not aware, As I was not, when I visited the extjs web site a few days ago to grab a copy of the old 1.1 version and found all references to download it had disappeared. Digging a bit deeper on the site, I started spotting a few comments about the new licensing.
While I can say that Jack as the author (of I presume most of extjs?) has the right to change the license to whatever he likes, I think he has probably just destroyed the project. I could not commit to writing new code with a "Library" that is GPL, unless I was working on a GPL project (which is unlikely at present - got bills to pay). And for commercial or spec projects, that are not turning revenues yet, I can't really justify my time in committing to develop stuff that may, or may-not be able to fund today's and whatever Jack feels like charging in the future for the non-commercial license.
I've seen too many people burned by this closed source dependencies that they build their businesses around, only to have the effective rental for their office yanked through the roof, and no other option than a huge effort moving to another library or software causing chaos.
All that said, I'm not sure if v2.0 and v2.1 are really worth bothering with anyway, I've tried them on 2 projects so far, and the general sense I get, is that compared to v1.1 they are a little finicky, and tend to produce slightly unpredictable results. Which is tempting me to stick with 1.1..
The problem I see though is that the community that has built up around extjs has been supported by quite a few handy tools, the wiki, the doc's and the rather nasty forum (which is a good way to waste time finding answers to issues). So I guess someone setting up a openext? (I saw something on the net about it) should probably sort out those issues first, then start solving the technical issues about how to replace all the images and css in extjs which where not previously licensed under LGPL.
I would hate to have to go looking at the alternatives again, So sticking with v1.1 + hacks may be the best long term plan for me anyway.
wget 是很好用的 command line 下載工具,如果遇到需要密碼才可以下載的檔案,wget 的選項 –user=username 及 –password=password 便可解決,這兩個選項支援 HTTP 及 FTP 連線,用法也很簡單:
MRTG 是一套網路流量分析工具,可以經由網頁介面監看主機的網路流量。MRTG 是透過 SNMP (Simple Network Management Protocol) 收集資料,所以要使用 MRTG 記錄流量數據的主機要先安裝 SNMP,以下是在 FreeBSD 安裝 SNMP 及 MRTG 的方法:
安裝 SNMP
首先安裝 SNMP,在 FreeBSD 透過 ports 安裝很方便,在指令模式輸入以下指令:
安裝完成後便要設定 SNMP,新增一個文字檔 /usr/local/share/snmp/snmpd.conf,加入以下內容:
以上設定的是 community name,是一個明碼字串,可視作為一個密碼。完成後在 /etc/rc.conf 加入以下一行:
然後使用以上指令手動啟動 SNMP。
安裝 MRTG
安裝 MRTG 同樣使用 ports 來安裝:
// 安裝後產生 MTRG 設定檔
# cd /usr/local/etc/mrtg
# rehash
# cfgmaker mrtg@hostname >mrtg.cfg
上面 cfgmaker mrtg@hostname >mrtg.cfg 的一行,mrtg 是在 snmp 設定的 community name,而 hostname 是主機的位置。
然後開啟 /usr/local/etc/mrtg/mrtg.cfg,設定裡面的 WorkDIR 選項,改為想要儲存 mrtg 網頁的位置,例如 /home/httpd/mrtg。接著便建立 MRTG 的目錄及網頁:
// 以上已經完成設定了,最後執行 MRTG:
# /usr/local/bin/mrtg /usr/local/etc/mrtg/mrtg.cfg
執行以上指令後會出現錯誤訊息,這是因為第一次執行 mrtg 的關係,沒有一些舊圖,只要再執行一次就行了。最後一步就是輸入 crontab -e 設定每 5 分鐘自動執行 mrtg:
設定完成後,便可以用瀏覽器開啟 /home/httpd/mrtg 的相對網址查看。
慣性教人在 Ubuntu 或 Debian 連上 xDSL 都是使用文字模式的 PPPoE 設定程式 pppoeconf 。不過跟據多年教人使用 GNU/Linux 的經驗,很多人對就算遇然打一兩句命令或文字模式的程式都很抗拒的。號稱人性化的 Ubuntu 多年來仍只用文字模式的 pppoeconf 來設定 xDSL 連線,似乎有點說不過去。
不過令天倒留意到 GNOME System Tools 2.22 中的 network-admin 似乎有了 PPPoE 的支援。翻查 changelog ,PPPoE 和 GPRS/UMTS 是在 2.21.4 時加入。(去年 12 月推出)
只要選取 系統 -> 管理 -> 網路 執行 network-admin ,雙擊 “點對點連接” (Point-to-Point connection) 。

在 ppp0 的屬性中,勾選啟用這個連線 (Enable this connection),就在連線類型 (Connection Type) 中,選擇 序列數據機 (Serial Modem)、 PPPoE 或 GPRS/UMTS 。

因為本人的寬頻供應商不使用 PPPoE ,所以未能測試這個新功能。如果有人可以幫手測試一下,並郵寄一兩個 screenshot 給我, 我會感激不盡。
AWstats is a good replacement of Analog and Webalizer: it provide a good interface, and can analyze different type of log files, including HTTP, FTP and SMTP. It is not too difficult to setup under Debian etch, but need some tricky skill. On the other, AWstats provide an official Webmin module. So may we make use of both Webmin and AWstats, for a handy configuration and management?
This mini-HOWTO will cover the required step for installing AWstats and its Webmin module, also a simple example for how to make use all of this.
今年頭三個月股市大幅下跌,自己的投資組合最多下跌近 30%。雖然經過四月的升市後,已大為收復失地,但以四月結算計,如果不計及年初的趁低吸納,仍比年頭下跌了 4.34%。
目前我的三大持股為中移動、平保及中人壽,三間公司的 08 年首季業績已經公怖,只有中人壽盈利倒退 60%,其餘的也有增長。但仍然對中人壽充滿信心,因為 A 股即使仍未跌夠,但距離底部的下跌空間應該不大,近來也有回穩的跡象。而且細看中人壽的首季業績,她們還有二百多億的浮盈未釋放,一於安心做個小股東。
而近期開始學習巴菲特,以公司老闆的心態去看待持有的股票,發覺原來用這個心態去持股輕鬆很多。
So I am really pissed off recently about a bug of iPhone: when you are using EDGE, no matter it’s Safari or IRC or whatever, incoming calls never come through.
I am still not happy after reading the apple KB article on this problem. Basically it is saying “yes, you may not be able to receive incoming calls when you are using EDGE”. I would definitely consider this as a bug and no bullshit.
And later I found a good explanation on this one. Yeah, hit *3001#12345#* and open up the “GPRS Information” page, if you see “nom” is “2″ beware when you use EDGE…
cp is different from rsync and usually not provide enough debug message during file coping, e.g. how many bytes transferred. A simple command can give you a great hand:
For sure that you can replace ls -la * as other Linux command/ Try man watch for more information :)
Another useful tips: when download a huge file with wget, we may hope to run as wget -bc, so wget will run as background and give us a log file for monitor. For sure that we can monitor this log file with tail -f -n 50, but what if we have multiple download running in parallel? In this case watch will give us a great hand:
You may hope to keep trace Apache log for web server debug, you may hope to keep trace Exim log when your mail server looks buggy, you may... Anyway, just run the following command: