首頁資訊聯播來源

Planet DebianHK

RSS feed
Planet DebianHK - http://planet.debian.org.hk/
網址: http://planet.debian.org.hk/
已更新: 20 分鐘 58 秒 前

Edison Wong: Some useful tools for enhenance Debian security

47 分鐘 25 秒

After my recent dark ages, is time to review my Debian security level... As a starting point, the Securing Debian Manual is a must for ANY Debian administrator. Moreover, there is some useful tools, e.g. tripwire, chkrootkit and fail2ban, too.

read more

tshuyang: DSA-1571-1 openssl -- predictable random number generator

2008, 五月 15 - 23:04
Date Reported:
13 May 2008
Affected Packages:
openssl
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2008-0166.

閱讀全文

Vern: Perl One Liners

2008, 五月 15 - 16:44
% echo "1\n2\n-5" | perl -ne '$n += $_; END { print "$n\n" }'
-2

% echo "1 3\n2 4\n-5 -3" | perl -ane '$n+=$F[0]; END { print "$n\n" }'
-2

% echo "1 3\n2 4\n-5 -3" | perl -ane '$n+=$F[1]; END { print "$n\n" }'
4

Joseph Wu: “血泪之地,生民之哀,家国之痛”

2008, 五月 14 - 11:34

这两天都没什么心思在干活,一有空就在不停刷新闻的页面,内心里急切地想知道最新的汶川地震的灾情和救灾的进展。

我之前无法确切的描述我内心的感受,直到在网络上看到《新京报》今天社论上的一句话——“血泪之地,生民之哀,家国之痛”,不由感慨万分。这真的是血泪之地,生民之哀,家国之痛!顷刻之间,多少家庭支离破碎,多少生命从此消逝,多少血泪汇流成河。那种情形,我都不敢细想,不敢去描绘,因为每每想到这里,内心已经开始发痛,身体已经开始发抖,眼泪已经开始奔流出来……

生活总得向前,希望留在心间。

我用我的心,为地震灾区的人们祈祷...

tshuyang: Debian Lenny in HPT37x RAID1 install

2008, 五月 14 - 11:04

Debian Lenny in HPT37x RAID1 install

2008, May 13, 2:55 PM

 

閱讀全文

Sam Tang: 捐款

2008, 五月 14 - 07:44

由星期一知道四川地震的消息後,傷亡人數持續增加,心裡一直也很不舒服,尤其看到當地災民痛失親友的苦況。

自己可以做的事實在不多,只能捐款略盡綿力,大家齊來捐款支持一下當地災民,也可以在各位的網站或 blog 上呼籲捐款,謝謝:

樂施會捐款方法 (捐款熱線:2394 2394)

捐款戶口:
匯豐銀行:001-537000-012
中國銀行:012-874-0010515-7

香港紅十字會 (捐款熱線:2802 0021)

捐款戶口:
匯豐銀行:567-650-155-016
恒生銀行:267-175-123001
中國銀行:806-0000-1617
東亞銀行:514-40399-663

網上捐款

Edison Wong: Server is being hacked...

2008, 五月 13 - 12:51

Well.. Too bad that my server is being hacked by someone, and inject some zombie code to attack other servers. I found that on last night, clean those zombie code, change admin password and so on. BTW, it is still too late that No-IP have already block my user account... I should check my server more often.

read more

Alan Knowles: ExtJs - talking forking

2008, 五月 10 - 18:42
<!-- #toc, .toc, .mw-warning { border: 1px solid #aaa; background-color: #f9f9f9; padding: 5px; font-size: 95%; } #toc h2, .toc h2 { display: inline; border: none; padding: 0; font-size: 100%; font-weight: bold; } #toc #toctitle, .toc #toctitle, #toc .toctitle, .toc .toctitle { text-align: center; } #toc ul, .toc ul { list-style-type: none; list-style-image: none; margin-left: 0; padding-left: 0; text-align: left; } #toc ul ul, .toc ul ul { margin: 0 0 0 2em; } #toc .toctoggle, .toc .toctoggle { font-size: 94%; }@media print, projection, embossed { body { padding-top:1in; padding-bottom:1in; padding-left:1in; padding-right:1in; } } body { font-family:'Times New Roman'; color:#000000; widows:2; font-style:normal; text-indent:0in; font-variant:normal; font-size:12pt; text-decoration:none; font-weight:normal; text-align:left; } table { } td { border-collapse:collapse; text-align:left; vertical-align:top; } p, h1, h2, h3, li { color:#000000; font-family:'Times New Roman'; font-size:12pt; text-align:left; vertical-align:normal; } h3 { font-family:'Arial'; font-weight:bold; margin-bottom:3pt; margin-top:22pt; page-break-after:avoid; } -->

I've started looking at forking ExtJS, after some considerable thought, I'm pretty close to the concluding that forking ExtJS is really option left, to retain the investment I've already made in it..

So, as I have a Zip file of 1.1.1 and it explicitly says that the Javascript code is Licensed under LGPL, (not ifs/ no but's) - I'm slowly putting the code into my subversion repo under www.akkbkhome.com/svn/extjs1  (*I'm looking at extjs1.1.1 as I have been using it and tend to prefer it, but there is nothing in the discusion below that precludes anyone helping/leading with the last extjs2 version that was released)

Now if this actually becomes a full fork (most forks fail BTW), It will need a bit of work, so If anyone is interested in helping out. I've no idea where this could go. But this fork ain't changing the license no-more...

The plan

I think there's quite a few things to do here... so Ideas or contributions.. -- feel free to email me, or just comment on this post. - At worst, it could form the brainstorming for anyone else actually doing this. (If you want to comment on if/should this be done - do it on my previous post, otherwise I will delete the comment)

The Code

  •  Tidy up Ext Js's source - see if it can be stored in one file per class, and have a simple classname->filename mapping... (eg. Ext.Dom in Ext/Dom.js) ** started..
    •  Sort out the CSS
    •   If Jack ever released any old CSS/images under a open licence (ext-yui source?) see if that can be used.?
    •   or Go through the classes and see what their requirements are for CSS
    •  Probably in batches - write a short document listing the required classes needed by the batch, enabling someone to contribute a CSS file that works.
    •  Posibly create enough CSS to make enough of it useable (probably with no images)
  •  Document image requirements (see above), then see if other open projects already have images that can be used? - otherwise see if someone want's to contribute themes..
  •  Break up Source into managable packages - Distribute ownership! - GIT or multiple SVN repos??

The Project

  • Build infrastructure
    • Create a command line tool that can compress then merge all the required components (and allows end users to do this)
    • Allows source to be taken from multiple sources (so you can create builds with extensions / or without stuff you don't need)
  • Forums
    • Set up a mailing list! (and archived, with a search feature!) - Anyone know a good hosted one available? - or should I just go off and set the infrastructure here..
    • No more 'premium' ... users! - equal, like open source is supposed to be!
  • Manual
    • Work out how to build a manual from the source!-- While Ext's manual is not bad, take the opportunity this time do it right, and have a bug reporting / user comments on it....
  •  A name??/ - May need some thought...

The reasoning.

I have to admit after some reflection to being pretty pissed at this change, ExtJs was useful in  a number of ways, other than being a reasonably well written, the forums where search-able, so you occasionally found fixes to issues that you where having. The doc's where not to bad. etc.

But basically I've committed 1000's of hours of time to learning, and writing huge codebases that depend on ExtJS, under the basic premise that it was availably for Free, with the only Caveat that If I modified ExtJS, then I would have to give back those changes. "Quid Quo-pro" as they say.

The Change to GPL has altered that equation in such a radical way that If this was not a 'software' product, and was something physical. you would be down at the consumer council, and filing a class action against Jack for things like Breach of trust,  financial gain by deception etc. And filing claims for the loss of your time, and the cost of replacing his library..

I have seen postings that appear to claim Jack plan's to 'send notice' to people using a fork, but as far as I can see, he released the Javascript code as LGPL, and from every reading I've seen of that, I have the absolute right to distribute the Javascript code, along with any modifications. - This is the purpose of the license!!! - so by claiming otherwise he is not honoring his own license, not a good omen for the future of ExtJs even under GPL!

I'm floating this, as a plan... - shout if you are interested/ have some ideas..?? - (or you can find real technical flaws - not FUD flaws please).

Alan Knowles: Ouch, what a mess, - Extjs goes GPL3

2008, 五月 7 - 00:09

 I think that basically sums up my reaction to Jack's GPLv3'ing  a library. For those who are not aware, As I was not, when I visited the extjs web site a few days ago to grab a copy of the old 1.1 version and found all references to download it had disappeared. Digging a bit deeper on the site, I started spotting a few comments about the new licensing.

While I can say that Jack as the author (of I presume most of extjs?) has the right to change the license to whatever he likes, I think he has probably just destroyed the project. I could not commit to writing new code with a "Library" that is GPL, unless I was working on a GPL project (which is unlikely at present - got bills to pay). And for commercial or spec projects, that are not turning revenues yet, I can't really justify my time in committing to develop stuff that may, or may-not be able to fund today's and whatever Jack feels like charging in the future for the non-commercial license.

I've seen too many people burned by this closed source dependencies that they build their businesses around, only to have the effective rental for their office yanked through the roof, and no other option than a huge effort moving to another library or software causing chaos.

All that said, I'm not sure if v2.0 and v2.1 are really worth bothering with anyway, I've tried them on 2 projects so far, and the general sense I get, is that compared to v1.1 they are a little finicky, and tend to produce slightly unpredictable results. Which is tempting me to stick with 1.1..

The problem I see though is that the community that has built up around extjs has been supported by quite a few handy tools, the wiki, the doc's and the rather nasty forum (which is a good way to waste time finding answers to issues). So I guess someone setting up a openext? (I saw something on the net about it) should probably sort out those issues first, then start solving the technical issues about how to replace all the images and css in extjs which where not previously licensed under LGPL.

I would hate to have to go looking at the alternatives again, So sticking with v1.1 + hacks may be the best long term plan for me anyway.

Sam Tang: wget 下載密碼保護檔案

2008, 五月 6 - 15:11

wget 是很好用的 command line 下載工具,如果遇到需要密碼才可以下載的檔案,wget 的選項 –user=username 及 –password=password 便可解決,這兩個選項支援 HTTP 及 FTP 連線,用法也很簡單:

$ wget –user=username –password=’password’ http://address/download/foo.pdf

Sam Tang: FreeBSD 安裝 MRTG 流量分析

2008, 五月 4 - 16:05

MRTG 是一套網路流量分析工具,可以經由網頁介面監看主機的網路流量。MRTG 是透過 SNMP (Simple Network Management Protocol) 收集資料,所以要使用 MRTG 記錄流量數據的主機要先安裝 SNMP,以下是在 FreeBSD 安裝 SNMP 及 MRTG 的方法:

安裝 SNMP
首先安裝 SNMP,在 FreeBSD 透過 ports 安裝很方便,在指令模式輸入以下指令:

# cd /usr/ports/net-mgmt/net-snmp
# make install clean

安裝完成後便要設定 SNMP,新增一個文字檔 /usr/local/share/snmp/snmpd.conf,加入以下內容:

rocommunity mrtg

以上設定的是 community name,是一個明碼字串,可視作為一個密碼。完成後在 /etc/rc.conf 加入以下一行:

snmpd_enable=”YES”
/usr/local/etc/rc.d/snmpd.sh start

然後使用以上指令手動啟動 SNMP。

安裝 MRTG
安裝 MRTG 同樣使用 ports 來安裝:

# cd /usr/ports/net-mgmt/mrtg
# make install

// 安裝後產生 MTRG 設定檔
# cd /usr/local/etc/mrtg
# rehash
# cfgmaker mrtg@hostname >mrtg.cfg

上面 cfgmaker mrtg@hostname >mrtg.cfg 的一行,mrtg 是在 snmp 設定的 community name,而 hostname 是主機的位置。

然後開啟 /usr/local/etc/mrtg/mrtg.cfg,設定裡面的 WorkDIR 選項,改為想要儲存 mrtg 網頁的位置,例如 /home/httpd/mrtg。接著便建立 MRTG 的目錄及網頁:

# mkdir /home/httpd/mrtg
# indexmaker -title ‘Traffic Monitoring’ -output /home/httpd/mrtg/index.html mrtg.cfg
# cd /usr/ports/net-mgmt/mrtg/work/mrtg*
# cd images
# cp * /home/httpd/mrtg/

// 以上已經完成設定了,最後執行 MRTG:
# /usr/local/bin/mrtg /usr/local/etc/mrtg/mrtg.cfg

執行以上指令後會出現錯誤訊息,這是因為第一次執行 mrtg 的關係,沒有一些舊圖,只要再執行一次就行了。最後一步就是輸入 crontab -e 設定每 5 分鐘自動執行 mrtg:

*/5 * * * * /usr/local/bin/mrtg /usr/local/etc/mrtg/mrtg.cfg

設定完成後,便可以用瀏覽器開啟 /home/httpd/mrtg 的相對網址查看。

狗爺語錄: 鹽湖城的頭幾天

2008, 五月 4 - 05:29
  • 冷衫上鋪滿雪了天氣很不穩定,一時會接近 20 度,有時又會跌到接近 0 度。當地人都說這很不尋常,一般三月就接近停雪了。


  • pizza 店第二天本來想外出看看的,就是因為突如其來的大風雪,途中被迫進了最近的一家店吃東西兼避難。很大份 pizza,兩個人吃不完,雖然不是很好吃,還是可以接受的。


  • 猶他主場對火箭本來在網上找不到票,準備不看 NBA 的了(其實是找到的,但它沒保證需要多少時間送到手上,那時已經沒多少時間剩了),但後來找到有黃牛票,差價不算離譜,於是可以全場看足三小時。那兒很奇怪,據聞是私人地方,警察不能進去捉人,才令黃牛票這麼猖獗。我不是看波之人,但去到現場後也大概了解美國人對籃球有多狂熱。坐我旁邊那個人的口哨吵死人了。



孖寶兄第 T-shirt
有誰想買孖寶兄第的 T-shirt?

來醫: Ubuntu 上的圖形介面 PPPoE 連接程式!? Gnome System Tools 2.22

2008, 五月 3 - 02:40

慣性教人在 Ubuntu 或 Debian 連上 xDSL 都是使用文字模式的 PPPoE 設定程式 pppoeconf 。不過跟據多年教人使用 GNU/Linux 的經驗,很多人對就算遇然打一兩句命令或文字模式的程式都很抗拒的。號稱人性化的 Ubuntu 多年來仍只用文字模式的 pppoeconf 來設定 xDSL 連線,似乎有點說不過去。

不過令天倒留意到 GNOME System Tools 2.22 中的 network-admin 似乎有了 PPPoE 的支援。翻查 changelog ,PPPoE 和 GPRS/UMTS 是在 2.21.4 時加入。(去年 12 月推出)

只要選取 系統 -> 管理 -> 網路 執行 network-admin ,雙擊 “點對點連接” (Point-to-Point connection) 。

GNOME System Tools 的 network-admin

在 ppp0 的屬性中,勾選啟用這個連線 (Enable this connection),就在連線類型 (Connection Type) 中,選擇 序列數據機 (Serial Modem)、 PPPoE 或 GPRS/UMTS 。

PPPoE 設定

因為本人的寬頻供應商不使用 PPPoE ,所以未能測試這個新功能。如果有人可以幫手測試一下,並郵寄一兩個 screenshot 給我, 我會感激不盡。

Edison Wong: AWstats + Apache + Webmin, on Debin etch mini-HOWTO

2008, 五月 3 - 01:29

AWstats is a good replacement of Analog and Webalizer: it provide a good interface, and can analyze different type of log files, including HTTP, FTP and SMTP. It is not too difficult to setup under Debian etch, but need some tricky skill. On the other, AWstats provide an official Webmin module. So may we make use of both Webmin and AWstats, for a handy configuration and management?

This mini-HOWTO will cover the required step for installing AWstats and its Webmin module, also a simple example for how to make use all of this.

read more

Sam Tang: 截至四月的投資回報

2008, 五月 2 - 23:16

今年頭三個月股市大幅下跌,自己的投資組合最多下跌近 30%。雖然經過四月的升市後,已大為收復失地,但以四月結算計,如果不計及年初的趁低吸納,仍比年頭下跌了 4.34%。

目前我的三大持股為中移動、平保及中人壽,三間公司的 08 年首季業績已經公怖,只有中人壽盈利倒退 60%,其餘的也有增長。但仍然對中人壽充滿信心,因為 A 股即使仍未跌夠,但距離底部的下跌空間應該不大,近來也有回穩的跡象。而且細看中人壽的首季業績,她們還有二百多億的浮盈未釋放,一於安心做個小股東。

而近期開始學習巴菲特,以公司老闆的心態去看待持有的股票,發覺原來用這個心態去持股輕鬆很多。

Ivan Wong: iPhone: EDGE and incoming calls

2008, 四月 30 - 23:28

So I am really pissed off recently about a bug of iPhone: when you are using EDGE, no matter it’s Safari or IRC or whatever, incoming calls never come through.

I am still not happy after reading the apple KB article on this problem. Basically it is saying “yes, you may not be able to receive incoming calls when you are using EDGE”. I would definitely consider this as a bug and no bullshit.

And later I found a good explanation on this one. Yeah, hit *3001#12345#* and open up the “GPRS Information” page, if you see “nom” is “2″ beware when you use EDGE…

狗爺語錄: 到達鹽湖城

2008, 四月 30 - 08:57

坐廿小時飛機不是說笑的,現在骨頭都散了。但趁現在 Anthony 還未到, 我可以先休息一下。這就是酒店房間:

酒店房 酒店房的窗口

鹽湖城機場的手推車

還有,我到鹽湖城的機場後,沒有用手推車。如無必要的話,應該不會有人用。


在三藩市沒有留意 daylight saving time, 幾乎錯過了上機時間, 幸好察覺附近的人行為有異, 不然就麻煩了。

Edison Wong: HOWTO keep running a CLI task handily?

2008, 四月 28 - 15:48

cp is different from rsync and usually not provide enough debug message during file coping, e.g. how many bytes transferred. A simple command can give you a great hand:

watch -n1 ls -la *

For sure that you can replace ls -la * as other Linux command/ Try man watch for more information :)

Another useful tips: when download a huge file with wget, we may hope to run as wget -bc, so wget will run as background and give us a log file for monitor. For sure that we can monitor this log file with tail -f -n 50, but what if we have multiple download running in parallel? In this case watch will give us a great hand:

watch -n1 tail -n 10 wget-log*

Vern: 无题

2008, 四月 28 - 15:44
偏激的言论会受到重视,低劣、粗俗的言论被人重视,并不是因为这些言论重要.因为在噪
音强的一个空间里,某些偏颇的声音因为刺耳而被关注.就像在疯人院里,正常的、合乎情
理的表达没人重视,而一个疯子脱了衣服狂奔会被人重视.这是网民的心理在作祟.

Edison Wong: HOWTO keep trace a log file change?

2008, 四月 28 - 15:44

You may hope to keep trace Apache log for web server debug, you may hope to keep trace Exim log when your mail server looks buggy, you may... Anyway, just run the following command:

tail -f -n 50 /var/log/apache2/access.log

12345678next ›last »