Llamarada

Tomar de la élite lo que pertenece a todos

Centraly Manage Authentication With LDAP and SSH Keys

| Comments

I have been experiencing how useful LDAP is for centralized login of users, everything from email (imap, pop, smtp), to authentication for web apps, jabber even some asterisk stuff can be used, but you can also use it to store your ssh login information, even ssh keys, this is very useful for multi-server environments and it is an alternative to Kerberos.

Project name is openssh-lpk Happy Hacking :)

Use Shotgun to Speed Up Your Development

| Comments

You should be using shotgun to speed up your development, instead of killing your web app server everytime you want to reload code changes into webrick, mongrel or any other rack compliant server you could be using shotgun and have it watch your files for changes and reload the code automatically

Install the shotgun gem
1
$   gem install shotgun

That is it! Now launch your shotgun app server:

fire shotgun
1
2
$   cd my_app
$   shotgun

This will launch shotgun with the default settings:

  • Listen only on **http://127.0.0.1:9393**
  • Run on development environment
  • Look for config.ru on the current directory

Now lets say you want to use something like 192.168.0.3:3000 using the production environment

customize shotgun params
1
$   shotgun -E production -o 192.168.0.3 -p 3000
  • -E lets you set the environment
  • -o configures the address the server will bind to
  • -p sets the port the server will bind to

happy hacking

MonitorMixin Woes

| Comments

MonitorMixin is pretty awesome, it allows you to safely perform operations that can be thread-unsafe any class can be MonitorMixin enabled quite easily.

adding MonitorMixin to any class is easy
1
2
3
4
5
6
7
8
9
10
11
12
class MyClass

  include MonitorMixin

  def add_item(name, item)
    @list[name] = item
  end

  def remove_item(name)
    @list.delete name
  end
end

That was half of the story, now to really protect your potentially unsafe operations you need to guard them inside a syncronize block: That is it, now you can turn your potentially unsafe operations into safer ones by doing:

thread proofing your methods
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
class MyClass

  include MonitorMixin

  def add_item(name, item)
     syncronize do
      @list[name] = item
     end
  end

  def remove_item(name)
     syncronize do
      @list.delete name
    end
  end
end

Problem arises when you try to override initialize

be careful when overriding initialize in a class that uses MonitorMixin
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
class MyClass

  include MonitorMixin

  def initialize
    do_something_awesome
  end

  def add_item(name, item)
     syncronize do
      @list[name] = item
     end
  end

  def remove_item(name)
     syncronize do
      @list.delete name
    end
  end
end

If we used this code we would get an error about initialize having the wrong number of arguments, looking in google i ve found that i need to call super() inside my initialize method, this should be fairly obvious but make sure to use super() not super, or it wont work and i am not sure why

oops
1
$ `initialize': wrong number of arguments

I am asking my self why this happens if i didnt subclass MonitorMixin, i only included it, for all i know MyClass is not a subclass of MonitorMixin, i think i will read back about the ruby object model and maybe peek a bit inside MonitorMixin to see why it is working this way

Finally here is a version that works

Final version
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
class MyClass

  include MonitorMixin

  def initialize
    do_something_awesome
    super()
  end

  def add_item(name, item)
     syncronize do
      @list[name] = item
     end
  end

  def remove_item(name)
     syncronize do
      @list.delete name
    end
  end
end

Asterisk 1.8 and Fail2Ban Woes

| Comments

I had to upgrade my dev asterisk server to version 1.8.x because that is what we are using at Mojo Lingo, the next day, I started to see tons of connection attempts to my box, and I think to myself, shouldnt Fail2Ban be taking care of this?

I checked iptables with iptables -L -v and found nothing, then checked the /var/log/asterisk/messages logs and there were a lot more attempts that my fail2ban max of 5. Is fail2ban running? Yes it is….

What is happening?

I begin to analize the logs and see that the attack attempts couldnt possibly be catched by the regex that the current fail2ban-asterisk filter configuration had. Strangely the Asterisk logs were including the remote host port number, and weretherefore been ignored by fail2ban.

after a quick search in google i found the following regex lines at the Fail2Ban asterisk page

Asterisk 1.8 regex match lines
1
2
3
4
5
Registration from '.*' failed for '<HOST>(:[0-9]{1,5})?' - Wrong password
Registration from '.*' failed for '<HOST>(:[0-9]{1,5})?' - No matching peer found
Registration from '.*' failed for '<HOST>(:[0-9]{1,5})?' - Username/auth name mismatch
Registration from '.*' failed for '<HOST>(:[0-9]{1,5})?' - Device does not match ACL
Registration from '.*' failed for '<HOST>(:[0-9]{1,5})?' - Peer is not supposed to register

I added those RegEx to my /etc/fail2ban/filter.d/asterisk.conf file and restarted fail2ban, after a bit, the offender was blackliste in my iptables firewall. Bless

MYSQL Stored Procedures & Triggers

| Comments

List mysql stored procedures

mysql stored procedures
1
mysql> SHOW PROCEDURE STATUS;

List mysql triggers

mysql trigers
1
mysql> SELECT trigger_schema, trigger_name FROM information_schema.triggers;

Adhearsion 1.0.1 Released

| Comments

Release Highlights:

  • Ruby 1.9 Compatibility
  • Improved Rails 3 Compatibility, by fixing an underlying dependency issue (Rubigen)
  • Improved Asterisk 1.6 and 1.8 Event handling

Go here for the official announcement

Thanks to Ben Klang and all the Adhearsion team for their hard work

Rails Dirty Objects

| Comments

Rails is truly the work of visionary people, leveraging the all powerful Ruby language they came up with something that is really nice to use and that produce very powerful results, digging into the API i find a very powerful feature called Rails dirty objects, i havent heard about that until recently, when i learned that you could so stuff like this:

Rails dirty objects
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
  person = Person.find_by_name('uncle bob')
  person.changed?       # => false
  person.name = 'Bob'
  person.changed?       # => true
  person.name_changed?  # => true
  person.name_was       # => 'uncle bob'
  person.name_change    # => ['uncle bob', 'Bob']
  person.name = 'Bill'
  person.name_change    # => ['uncle bob', 'Bill']
  person.save
  person.changed?       # => false
  person.name_changed?  # => false
  person.name = 'bob'
  person.changed        # => ['name']
  person.changes        # => { 'name' => ['Bill', 'bob'] }

neat isnt it?

How to Delete All Ruby Gems

| Comments

zap all your ruby gems (on the current gemset)
1
2
GEMS=`gem list --no-versions`
for x in $GEMS ; do gem uninstall $x; done

Taken from

Using Gemfiles on Rails 2.x Apps

| Comments

If your Rails 2.X applications stored its gem configuration in the config/environment.rb file and you want to begin using Gemfiles then you need to follow a few simple rules

Gemfile syntax
1
2
3
4
5
6
7
8
9
10
11
#if the line reads like this:
$   gem "authlogic",  :version => '>=2.1.3'

#then in your Gemfile you should put 
$   gem "authlogic",   '>=2.1.3'

#if it reads like this
$   gem 'activerecord-tableless', :lib => 'tableless', :version => '0.1.0'

#then the corresponding Gemfile entry should go like:
$   gem 'activerecord-tableless', '0.1.0', :require => 'tableless'

Easy isnt? Now you only need one more thing

Install your gems
1
$   bundle install

and you are ready to go