Tales of an IT Nobody

devbox:~$ iptables -A OUTPUT -j DROP

How to show us your company is immature. June 9, 2015

I’ve seen ‘Sentry‘ pop up a few times – it’s a neat SaaS that ails the pains of logging and monitoring  for development level logging. It’s pretty neat, has a spot for business for sure.

Here’s the problem and I touched base on this a while ago – your business WILL be judged on it’s class. (As in ‘classy person’).

2015-05-01 21_03_05-Sentry_ Track exceptions with modern error logging for JavaScript, Python, Ruby,

Want my business’s money? Be more eloquent.

Remember, not everyone with a pocketbook is looking to trust critical data and infrastructure decisions on a company that thinks unnecessary words are professional enough for their home page slogan.

I can swear like a fish some days, but I maintain professional behavior to those outside my ‘circle’; there’s a song and dance you need to do for B2B and government relationship to open up the coffers for you. (This ain’t it).

No Comments on How to show us your company is immature.
Categories: rant Uncategorized

A better way to give Logstash permissions to your logs April 12, 2015

So you’re ready to rock out Logstash to ship your logs – there’s one little headache: You still need to give it access to your files. Chances are, you want “all of the files!”

The internet will (at the moment) instruct you to use “setfacl”, or various chown/chmod techniques or even add logstash to various groups.

READ THIS TECHNIQUE FIRST!

Why setfacl won’t work

Logrotate can be scripted, but sudo-io (sudo logging) can’t. There are other exceptions where logs not managed by logrotate don’t persist setfacl settings.

Why chmod/chown and adding “logstash” to groups its a bad idea

You’re making too many exceptions, and relinquishing flexibility to give access to the logs in a normal basis. (meaning, not using something like setfacl, but instead normal linux groups)

Then what works best?

It’s so clean and tidy: either through mount –bind or  bindfs.
Feast your eyes on this:

 

OR (in the case of ext4)

You’re given a tidy ‘ro’ binding of the /var/log dir ONLY readable by the logstash reader.

I hope this helps those who want to ship “all of the things!” – this is a good separation of concerns for managing logstash access.

‘bindfs’ is available in the default Debian repos as well!

 

No Comments on A better way to give Logstash permissions to your logs
Categories: Uncategorized

PHPCodesniffer and Zend Studio/Eclipse – Part 1 April 29, 2010

Threw together some videos for future reference for myself and general users. Hope they help someone else out there.

( Double-click video to view more clearly )

No Comments on PHPCodesniffer and Zend Studio/Eclipse – Part 1
Categories: Uncategorized

Is apt apting nasty? March 15, 2010

Doing spring cleaning on our dev box today – apt has been starting to harp me about wanting to autoremove a lot of useful packages – including apt itself! Odd! I’ve learned a few new things today, that’s for sure.

So I went on a mission today to clean up everything package related on the box. In the end, I cleaned out packages, and freed ~800MB.

You can see more diagnostic information/steps on my linuxquestions forum post.
I also came across a handy resource in downgrading that goes into good depth here.

Here’s some things you might find useful if apt is being a pain – My biggest problem came in the form of a nasty autoremove message from apt:

The following packages were automatically installed and are no longer required:
   apt libwrap0-dev
The following packages will be REMOVED:
   apt libwrap0-dev

That’s right – apt wanted to remove itself! Turns out this is a product of having a misconfigured sources.list:

  deb http://debian.uchicago.edu/debian/ stable main contrib

Somehow, running dist-upgrade over time caused apt to update to the squeeze version of apt

  0.7.20.2+squeeze1

To fix this, I had to change stable to lenny in my sources.list, then you can perform a downgrade on a specific package like so:

  deb http://debian.uchicago.edu/debian/ lenny main contrib
  cd /var/cache/apt/archives/
  rm -rf *
  mkdir partial
  apt-get update
  apt-get install apt/stable
  apt-get update && echo “For good measure!”



Because of your sources.list change, apt will think the proper version is the ‘stable’ one, and will REINSTALL/DOWNGRADE apt for you. This fixed the version issue.



1 Comment on Is apt apting nasty?
Categories: Uncategorized

Using PHP_CodeSniffer June 12, 2009

INSTALLATION
There’s many ways to install PHP_CodeSniffer.
You could try (on debian-base) apt-get install php-codesniffer – or if you have pear installed you could try pear install PHP_CodeSniffer. Or lastly, the way I like to do it, manually.

I like to perform a manual installation on tools like this so I know where to find them and manipulate them in the future.

Manual install:


Next, you need to replace the php_bin path in the phpcs file with the path to the php binary:

Test it out with:
./phpcs /path/to/some/phpfile.php

Now to finalize the install, there’s many places you could place the binary, I personally prefer to camp the working files like this in /usr/local/bin

No Comments on Using PHP_CodeSniffer
Categories: Uncategorized

Obligatory ‘Hello world’ post. June 11, 2008

Consider this the obligatory ‘hello’ world post. Believe it or not I am also analyzing the rich text editor (‘RTE’) blogspot uses to see how they maintain consistency for bloggers.

One of the challenges of my job is to create ‘user-friendly’ interfaces for our faculty/staff. What’s on my mind right now is a rich text editor (‘RTE’) that has a Microsoft Word-like interface that people can become familiar with quickly so they may modify content on our website.

While it is quite common these days for web developers to implement this feature into their content management systems. Some do not take the time to evaluate how such a system could affect the consistency and overall professionalism of their site.

For example: An ‘out-of-the-box’ install of Xinha allows users to choose a typeface from a dropdown menu, which then inserts a respective HTML markup to enforce the typeface. All the RTE’s have this out of the box.

The problem: Everything else on the page is set in your CSS defined typeface. However the User input will stand out like an eyesore. Breaking the professionality and consistency of your websites aesthetic styling.

Further evaluating the problem and fixes: There are several approaches that a web developer can take to work with this.

The first one that comes to mind would be throw the input through strip_tags(); The problem is by doing so, you’ve effectively queltched the very purpose of an RTE, who’s job is to create the markup for submission into your page data.

Another idea is to limit the choices by modifying the configuration of such a canned RTE. If you know your way around, you can remove the typeface dropdown from the editor interface, as well as any other options that you do not want to empower users with. This idea is quite effective; unless a user copy-pastes content from Microsoft Word. When you do that, the markup to mimic a word document is injected into the RTE interface. Microsoft’s HTML exporting from Word is … quite hairy and the markup takes up more space than the actual subject matter that is being pasted in.

The next approach – and the approach I am inspiring to implement in a unique fashion here at MSCTC, is to use a custom WIKI markup.

Further posts on this blog will follow the strategy and progress of the implementation, along with everything else! So bookmark this blog and visit again soon!

No Comments on Obligatory ‘Hello world’ post.
Categories: Uncategorized