Author: Jason Frisvold

Linux Upgrades – Installation from a software raid

I recently had to upgrade a few machines with a newer version of Linux. Unfortunately, the CD-ROM drives in these machines were not functioning, so I decided to upgrade the system via a hard drive install. Hard drive installs are pretty simple and are part of the standard distro for Redhat. However, the machines I had to upgrade were all set up with software raid 1.

My initial thought was to merely put in the raid location where the install media was located. However, the installation program does not allow this and actually presents a list of acceptable locations.

So from here, I decided to choose one of the 2 raid drives and use that instead. The system graciously accepted this and launched the GUI installer to complete the process. All went smoothly until I reached the final step in the wizard, the actual install. At this point the installer crashed with a Python error. Upon inspection of the error, it appeared that the drive I was trying to use for the installation media was not available. Closer inspection revealed the truth, mdadm started up and activated all of the raid partitions on the system, making the partition I needed unavailable.

So what do I do now? I re-ran the installation and deleted the raid partition, being careful to leave the physical partitions in-tact. Again, the installer crashed at the same step. It seems that the installer scanned the entire hard drive for raid partitions whether they had valid mount points or not.

I finally solved the problem through a crude hack during the setup phase of the installation. I made sure to delete the raid partition once again, leaving the physical drives in-tact. I stepped through the entire process but stopped just before the final install step. At this point, I switched to the CLI console via Ctrl-Shift-F2. I created a small bash script that looked something like this :

#!/bin/bash

mdadm –stop /dev/md3

exec /bin/bash ./myscript.bash

I ran this script and switched back to the installer via Ctrl-F6. I proceeded with the installation and the installer happily installed the OS onto the drives. Once completed, I switched back to the CLI console, edited the new /etc/fstab file and added a mount point for the raid drive I used, and rebooted. The system came up without any issues and ran normally.

Just thought I’d share this with the rest of you, should you run into the same situation. It took me a while to figure out how to make the system do what I wanted. Just be sure that your install media is on a drive that the installer will NOT need to write files to.

Voting in an electronic world

Well, I did my civic duty and voted this morning. I have my misgivings about the entire election process and the corruption that abounds in the government, but if I refuse to vote, then I really can’t complain, can I.

So, after waking up and getting ready for work, I headed to the local polling location to check out the Diebold AccuVote TSX system they wanted me to vote on. It’s a neat looking machine from afar, but once I got up close, I was sorely disappointed.

I can’t put my finger on it exactly, but these seemed to be very flimsy, rushed systems. The touchscreen didn’t feel right, tho it was presumably accurate, lighting up my choices as I chose them. There was a slight delay after I touched the screen, however, and that was annoying. The first time I tried to vote, it rejected the card I was given and flashed an error about being cleared. Well, I hope that’s what it said. Thinking back on it now, I’m upset that I didn’t take more time to read the screen. I’m honestly not sure if the error stated that the card was cleared, or that the machine was cleared. And when I returned the card for one that worked, the lady I gave it to mentioned that there were a bunch of cards she was having problems with. Not good..

On a positive note, the mechanism that held and ejected the voting card seemed to be well built. It worked well. I think that’s about the only piece that I thought was decent though. Kinda pathetic actually.

Speaking of the Diebold machines, I urge you to check out the HBO special, “Hacking Democracy.” The entire show is up on Google Video for your viewing pleasure. You can access the video here.

Geek Reading List

Wil Wheaton (Wesley from ST:TNG) writes a weekly column for Suicide Girls (NSFW). In a recent article, he writes about 5 books every Geek should read. He has some pretty good picks, but I’d like to add some more. Keep in mind though, I’m nowhere near as eloquent as Wil is.. :)

Diamond Age

Author: Neal Stephenson

Published: 1995

This, for me, was one of the greatest books I’ve ever read. In the future, where nanotechnology is the norm and matter compilers offer the basic necessities of living for free, a young girl is given a unique gift in the form of a book. But this is no ordinary book. This is the Young Ladies Illustrated Primer. What follows is a whirlwind of activity as the true nature of the primer is discovered, the balance of power is shifted, and a new class is formed.

The Illuminatus Trilogy

Author: Robert Anton Wilson & Robert Shea

Published: 1975

The ultimate conspiracy theory. From beginning to end, Wilson and Shea wrap theory after theory together creating, at times, a semi-plausible theory about the government and who truly runs it. Complete with Atlantis, Nazis, and even Shoggoths, this story will keep your head spinning. This is definitely not a tale for the faint of heart!

Discworld Series

Author: Terry Pratchett

Published: 1983 – Current

A flat world held up on the backs of four elephants, all standing on the shell of the Great A’Tuin, the star turtle. Enter hilarity. These are some of the funniest books I’ve ever read. If you like Douglas Adams’ novels, then you’ll love Pratchett. A mixture of magic, stone age technology, and general mayhem is presented in each book of this massive series. From the wizard Rincewind to Death himself, there are characters for every occasion.

The Lord of the Rings

Author: J.R.R. Tolkien

Published: 1954-1955

Tolkien is commonly known as the “father of modern fantasy”. This three volume series continues where The Hobbit left off, following the tale of the Ring as it passes into the hands of Frodo the hobbit. Frodo’s task is to take the ring to Mount Doom and destroy it. A journey of epic proportions follows as Frodo becomes the center of a battle for Middle Earth.

XNA Game Studio Express Beta 2 is out!

Saw over at both LetsKillDave and Gamasutra that XNA Beta 2 has been released. As with the previous release, VC# Express needs to be installed.

Unfortunately, I didn’t get to do much of anything with Beta 1, but I’m hoping to play around a bit with Beta 2. Definitely going to need to learn C# though. Just another language to add to the growing list of languages I’m familiar with.. :)

There are also a few sites dedicated to XNA development. Check them out :

LearnXNA

XNA Spot

XNA Resources

GarageGames has also been working a bit with XNA and their Torque engine and they’ve ported it over to XNA. It’s going to Beta on November 6th, but should be released around the same time XNA is officially released. Of course, release dates slip so don’t take my word for it.. Exciting stuff!

Book Review : Pro PHP Security

I just finished reading Pro PHP Security by Chris Snyder and Michael Southwell. I’m always looking for ways to improve my programming skills and security is an area I try to focus on. Secure web applications are becoming more important every day as more and more of our lives are placed online. With that in mind, I purchased this book to increase my PHP skills.

Overall the book was quite good. The book is broken into four parts. Part one is a general overview of security and it’s importance. Nothing really new here, but a good introduction nonetheless.

Part two delves into server-side security, outside of the realm of PHP. This includes shared hosts, firewalls, software installation, and more. None of this is really PHP specific per se, but still important topics. There is a decent introduction to encryption and it’s importance in security. There are a few PHP examples throughout these chapters that show how to handle SSH, SSL, hashing, and general encryption using the mcrypt() function. Part two concludes with an overview of authentication, permissions, and restrictions. There is a decent example of a single sign-on system, as well as an overview of PHP safe mode.

Part three covers more in-depth PHP programming practices designed to prevent many of the more common security problems. This section starts with a chapter on input validation, a very important topic indeed. The authors explain what input validation is and how to accomplish it. There are several examples that show how to validate the data you need and ensure that it’s safe to use throughout your program. Subsequent chapters cover SQL Injection, Cross-Site Scripting, Remote Execution, and Session Hijacking. Throughout each chapter are dozens of examples showing how to handle each situation.

Finally, part four covers user interaction with your programs. Since the majority of the web applications you will write are intended to interact with users, this is pretty important.  The authors cover ways to ensure that your users are, in fact, human users and not scripts.  Identity verification is covered with methods ranging from simple email response to SMS messages.  And once you’ve determined that your users are real, you’ll need to provide them with a list of actions they can perform.  The authors show how roles-based authorization can help with this and allow for a scaleable system that can be extended in the future.  In the next few chapters, the authors cover data loss, safely executing system commands, and handling RPC calls.  And finally, the authors explain the value of Open Source software and the advantages of peer review.

Â

Overall this is an excellent book and I highly recommend it.  While this book is geared towards PHP programming, it does cover a wide variety of topics that are not strictly PHP specific.  While I was aware of many of the topics covered within this book, I did learn a variety of new tricks for dealing with security threats.  If you’re interested in learning more about security and how to secure your programs, I definitely recommend reading this book.

Firefox 2.0 Released!

Firefox 2.0 was released earlier today. I wrote previously about this latest release while it was still in Beta. I recommended then that you check it out, and with the final release here, I’ll say it again! This is one of the best browsers out there. Give it a try, it’s easy to uninstall if you find you don’t like it!

Internet Explorer 7.0 Released

Well, it looks like Microsoft has finally released Internet Explorer 7.0 to the public. Initially you have to download and install it manually, but they plan on releasing this on Windows Update in the near future.

I’m a huge fan of Firefox, so why am I bringing this to your attention? Well, there are a couple of reasons. It’s more secure than IE 6.0, much closer to being standards compliant, and if you have to use IE at all then this should make life a little safer and easier.

If you use Firefox exclusively, then please, continue doing so! And maybe even take a glance at version 2.0! But if you need IE at all, even for the IE Tab extension for Firefox, then please update IE to this latest version.

Interactive Searching

Saw this over at LetsKillDave.. I guess the Windows Live team has been playing around with the idea of interactive searching. They’ve come up with something they call Ms. Dewey. It’s pretty neat to play with. Just ask her a question and just before she returns the results, she converses with you. Some of the responses are quite funny. Check it out.

Some ideas for questions :

r u hot? (Thanks Ozy)

These are from one of the comments at LetsKillDave :

Where can I get a date?
Where can I get tested for STDs?
How do I tell my mother she’s a grandmother?
Are you gaining weight?
Where do republicans come from?

Or ask her about Bill Gates or George Bush. I think I’ve seen about 20-30 different responses so far. I’m not sure how many there are total.

Other ideas.. Ask about suicide, the weather, or just simply curse at her. All unique responses.. This is quite the time waster.. Highly recommended!

Update : Try telling her to take her clothes off… No, really, try it..

powered by performancing firefox (yeah, I’m checking it out)

Windows Live Writer Beta

I’m writing this post using the new Windows Live Writer Beta. It’s a blogging tool that allows you to write your blog entries offline and upload them later. Useful, I guess, if you’re not connected all the time. For me, it’s just something to play with. Time will tell whether I like it or not.

To use Writer with a Serendipity blog you’ll need to install the XML-RPC plugin. Once that’s up and working you need to tell Writer what kind of blog you’re using. After it fails the auto-detect you’ll need to choose the API to use. I’m using the Metaweblog API and it seems to be working fine. It also asks for the URL for publishing. For the XML-RPC plugin, the URL will be something like this : http://www.example.com/blog/serendipity_xmlrpc.php

So, for now, I’m just messing around with the system to see what it’s capable of. It seems to be a fairly nice system, pretty at least. Just a document editor with the standard font options on the surface. Hyperlinks are available (as they should be), and it seems to handle media as well such as pictures, movies, audio, etc. I’ve haven’t dealt with media yet on this blog, so I’m not that interested in those capabilities.

Writer won’t download the categories I have set up on my blog, so I’ll have to hand-edit that after I publish. No big deal I guess, but kinda defeats the purpose of this utility. I also don’t see a way to add serendipity tags, so that’s another hand-edit. You can add third party tags such as those from Technorati, LiveJournal, and others, but I have no interest in that.

The web preview is pretty nice. It shows you exactly what the web page will look like when you publish it. It’s pretty cool and seems to work well.

Well, I guess it’s a little nicer than the JavaScript WYSIWYG editor that’s built into serendipity, but between the need for XML-RPC and the lack of serendipity features, I don’t think I’ll be continuing to use Live Writer. While trying to get Writer to work, I also ran across two other tools, w.bloggar and Performancing. The first is a program similar to Writer that seems to allow offline editing. The second is a Firefox plugin that seems to have a ton of features. I’ll be checking both out in the near future.