Thu, 30 May 2013
GPS Tracking Systems
I use my smartphone in addition to the cyclocomputer in order to be able to record my speed, and later compare the speeds at the same place amongst various conditions. The problem is what to use for tracking and what for reviewing and comparing the recorded tracks?
So far I record the tracks using Move! Bike Computer on my Android phone. It is far from ideal, but at least it stores tracks as a GPX files which are accessible directly from the flash. It uses 1-second intervals, and as a bonus, it can display the track using Google maps. The drawback is that it sometimes does not switch the GPS on, so it needs to be switched on manually from the Android top bar menu. The other drawback is that while it can send the GPX files by e-mail to the desktop computer, it does not remember the prefered export format (GPX instead of KML for me) and the prefered export method (e-mail using K-9 mail to a predefined address). So sending tracks from my phone for further archivation is not so easy. But at least it can be done. Another problem is the start and end of the track: I usually start this app before leaving home, and stop it some minutes or hours after reaching the destination. The recorded tracks then cannot be easily compared, because their durations vary in the order of tens of percent, even though the real time of activity is roughly the same. The auto start/stop feature of the cyclo computer is much more precise - the GPS always report at least some movement because of its imprecision and noise.
As for the viewer, the situation is even worse. So far the best I have found is Endomondo, (and "the best" here does not imply "good" at all). Endomondo can import the tracks in the GPX format, and display them on top of Google map, can generate the speed and height profile, etc. On the other hand, it is way too skewed to training and fitness (computing calories, etc.), and has way too much useless social features. It also has its own proprietary Android App, which makes sending data to Endomondo easier, but with this app it is impossible to get your own data back in an open format. Moreover, when importing GPX data with 1 second granularity, Endomondo rescales it to something more coarse (tens of seconds to even minutes), so it makes comparing the speed at a given place pretty meaningless.
What do you use for your sports tracking, and how does it meet your data accessibility and openness requirements?
0 replies for this story:
Reply to this story:
Fri, 24 May 2013
File Manager
The last file manager I have used was Norton Commander back in the DOS era. Many years after that, during the flame wars between proponents of spatial and single-windowed Nautilus, I have only laughed at them, thinking that the command line was much better. Why would anybody need a GUI file manager? I feel slightly ashamed now, but I have to admit that for the last two weeks, I have also been using a GUI file manager.
I work on various things with respect to cabling, electricity, a new datacenter, and so on in the new building of Faculty of Informatics. The problem with the building specifications, projects, and so on is, that they are stored in the deep structure of directories, with names containing whitespace and even non-ASCII characters (in different character sets), and each directory contains many files or subdirectories with common prefixes shared by a set of files. So the usual tab-completion does not help - it is necessary to actually look at the completion prefix in order to know what character to add next. Here is an example of such a file name, starting from my automount point:
stavba_cerit_dok/01_ZADAVACI_DOK/02_zadavaci_projektova_dokumentace/\ FIMU_GD_SOD_příloha č. 1/!!!_02_FIMU_GD_SoD_Priloha_1_II.A_PD_DVD_PROJEKTOVA_DOK_1.etapa!!!/\ FI_F.3_03_PS 03 SUPERPOCITAC, DATOVE CENTRUM_DVD/\ F.3_03_5 SLABOPROUDE ROZVODY_DVD/F.3_03_5.2.01_PUDORYS 5NP - SLABOPROUD.pdf
In order to be able to quickly navigate inside such directory tree, I have started to use a GUI file manager. So far I use Thunar, the default file manager in XFCE. It can easily switch to any directory along the current path, and it has bookmarks for fast access to frequently-used directories. I use this feature a lot, because of the main drawback of GUI file managers: It is not possible to descend into a directory, which is an automount point (and which, from the VFS point of view, does not exist yet).
Do you use a GUI file manager?
3 replies for this story:
Milan Zamazal wrote:
I use Dired in Emacs. Powerful, text based, utilizing common Emacs features (e.g. bookmarks) and excellently integrated with the whole Emacs environment. I don't know how it compares to current file managers but it used to be much more powerful than anything I've seen in the last century. Considering my recent experience with some popular e-mail clients and discovering how primitive they are I've got some reasons to believe there are still not many file managers comparable to Dired. But does it make sense to use Dired without using Emacs generally? Probably not as environment integration is an important part of file manager usage. For instance, it's impractical to have different sets of bookmarks in a file manager and in other applications or it would be annoying if you renamed a file in a file manager and the corresponding change didn't happen in your editor having the file open for editing at the same time.
Yenya wrote: Re: Emacs
Well, the feature with rename probably does not work when the file in question is renamed by something else (possibly over a network FS), altough it can be partially solved with inotify. Apart from that, I don't want to boot another OS just to use a file manager.
thanh wrote:
I use tc (Total Commander) on windows, and mc (Midnight Commander) on linux/mac, both are very similar to nc. Another plus is that it's not required to have emacs (or vim) to use it ;)
Reply to this story:
Fri, 03 May 2013
Laptop Upgrade?
I've got my laptop, ASUS F3E, in September 2008. So maybe it's time for a new laptop. Last year I have briefly considered buying a new one, but I have found that after upgrading F3E to 4 GB of RAM, 9-cell battery, and a fast solid-state disk (OCZ Vertex 2), then-current models provided no significant improvement compared to my F3E. Is this year's offer better?
There are several problems with my F3E:
- Glossy display (no explanation needed, I think)
- Plastic chassis, which is already broken in two corners
- Slightly slower CPU than needed (I had problems playing full-HD video without frame dropping once or twice, but I am not sure whether mplayer can use both CPU cores)
- The WiFi interface supports 2.4 GHz band, not 5 GHz one
What parameters should my hypothetical new laptop have? Of course, it would need to be better than my upgraded F3E in every aspect, and meet the following criteria:
- Size: less than 16", preferably not smaller than 14"
- OS: sold without Windows (I don't want to pay the Microsoft tax)
- Display: matte, at least 1280x800, possibly with touch input
- RAM: at least 4 GB
- Graphics: supported in Linux using open source drivers, including 3D acceleration (so most probably I don't want nVidia)
- HDD: preferably SSD, but I can reuse the SSD from F3E
- CD/DVD/...: preferably none
- Battery: at least 4 hours with moderate usage
- Keyboard: with long backspace, double-height enter, inverse-T arrow keys, and preferably without separate numeric keypad; backlit if possible
- Chassis: aluminium or similar, definitely not plastic
Does such a laptop exist, my dear lazyweb? Or shall I stay with my upgraded ASUS F3E for another year?
10 replies for this story:
dan wrote:
Some time ago I bought Lenovo X230 and I'm ok with it. It has (or can have) everything you described above except of the screen size, which is less than 14", and MS tax. I believe it can be equipped with a 3-band antenna which allows 5Ghz wifi, but in this case you wouldn't have the webcam. Check the specs to be sure. Optionally you can have a backlit keyboard or thinklight. I have even managed to squeeze in a 16GB of RAM and an msata SSD, along with a regular HDD. Battery life is about 5-7 hours with 6-cell battery, but I suspect that the power management in my system sucks. In windows it's much better.
dan wrote:
I forgot - you may also check out Lenovo X1 Carbon, it has similar specs to X230, but the screen is larger with higher resolution I think. You can cut your vegetables with it :-).
Peter Kruty wrote:
You are describing mac book air in your criteria :). (If I can take the liberty of ignoring 'preferably not smaller than 14"'.
Yenya wrote: Re: Macbook Air
Is it really supported in Linux with open source drivers, or have you took the liberty of ignoring this requirement as well?
honzah wrote:
@Peter Kruty: How is paying the Apple tax better than Microsoft tax? You can at least fight that one, I bet there is no chance to get your OS money back from Apple. @Yenya: Why do you have so small requirements for the display? Every other _phone_ has better resolution these days.
Peter Kruty wrote: mac book air
@Yenya: Oh, somehow I assumed this is solved problem for Intel graphics (not really watching this closely). So, yes I took the liberty too. In general looks like so called ultrabooks are matching most of your requirements. @honzah: Yenya was mentioning not willing to pay MS tax (nothing about Apple). Regarding Apple Tax: I believe this is different situation Apple HW and SW are designed for each other and from same vendor. I don't blame Apple for that, because it works very well for usability. Variety of generic laptop vendors are locking their hw to windows, while we can hardly talk about same tight integration for a user's benefit (and I mean a generic computer user, not someone like Yenya with very specific requirements).
Yenya wrote: Re: Macbook Air
Well, I didn't know that Apple uses Intel graphics - this is actually well supported under Linux. That said, even though I did not mention it explicitly, Honzah is right that for me, Apple tax is almost the same as Microsoft tax. Why would I buy a hardware from a vendor which explicitly does not want me to use it with Linux?
thingie wrote:
Basically, you can have a generic crap with some disastrous 1366x768 display (it doesn't matter if glossy or matte, it doesn't, it doesn't, it'll have faded vomitty colors anyway), they are all absolutely same. Or you can have something more decent, but then, it's either the macbook, or perhaps some more high-end-ish ultrabook.
Peter Kruty wrote: Dell XPS 13
Quite expensive, but you are paying for your specific requirements :) http://www.zive.cz/bleskovky/dell-xps-13-linuxovy-ultrabook-s-ubuntu-dostane-full-hd-displej/sc-4-a-167668/default.aspx
Yenya wrote: Re: Dell XPS 13
Looks interesting, thanks. The specs (even on the Dell site) are shallow, though. No mention whether it has matte display, and how exactly the keyboard looks like. Also, no SD card reader, but I guess this is the price for being so thin. OTOH, I am ok with the cost. But according to zive.cz, it is not (yet?) sold in CZ.
Reply to this story:
Mon, 11 Mar 2013
Are the Directories Evil?
Jimmac has an interesting blog post about how GNOME users are not satisfied with the current look of GNOME folder icon, explaining the reasons behind its current state. The blog post contains an interesting reasoning, but I wonder whether the fact that an explanation was actually necessary does not invalidate it. For me, however, the most enlightening part of his blog post is this:
Exposing the directory structure is the pre-GNOME 3 world. What we focus on now are the applications.
This is exactly the kind of mentality which leads us to the world of systems with severe usability problems like Android, GNOME 3, or most current MP3 players. Maybe this is a news for some of you, but the concept of directories actually is useful!
I hate it when the audio player Android app cannot present the albums that I have on my SD card neatly sorted into directories (also) as those directories. I hate it when my car stereo cannot use subdirectories with depth greater than 1, and does not have a "shuffle subtree" function, making the whole "shuffle" thing unusable: I have songs, tales for kids, audiobooks, and language courses stored there, and I obviously don't want to shuffle through all of these, intermixing random language lessons with songs and audiobook chapters.
Why do I have to use a domain-specific "directory sorter" (e.g. MP3 or photo tagging application), when the system already has a general purpose means of grouping various files together: the directory tree?
5 replies for this story:
Vašek Stodůlka wrote:
I have mixed impressins on this topic. I really liked Palm way of doing this - you pressed "Documents to Go" and the documents was there (!), without folders and anything, and only documents were listed, the same with other files. It was like a magic. :-) I like Google's "folderless" email, I configured Thunderbird same way. But on the other hand - current audio players are stupid for not having the tree structure, which I sometimes want and sometimes not.
Yenya wrote: Re: Vašek Stodůlka
I am not against tags per se, but I would like my apps to use _also_ the directory tree, because it is possible to put the files into directories by almost any tool, be it command-line or GUI. The problem is that not all albums on my disk have consistent tags (or have tags at all), and I don't want to spend time looking up and possibly retyping the names of tracks.
Gris wrote:
I couldn't care less about stupid eye candy, but I, too, absolutely loathe all the 'music library' shit. Just because all the various content sellers don't have to care about directory structure doesn't mean that the approach is cool and everyone should use it. Fortunately, there are still alternative applications that allow the user to choose the approach that suits them best. As for Jimmac, I suggest we start a relief fund so that he can go buy a clue.
thingie wrote:
When I think about all that time lost in pointless and retarded sorting of stuff into some directories, which I could, finally, stop doing some short time ago... And everything is much better now. So much better.
Yenya wrote: Re: thingie
Well, if it works for you, it's great, more power to you! But for me it is simply not possible to throw all the tracks newly downloaded from my favourite artist's website, or converted from CD to one heap, because everybody uses different tagging styles, genre name variants, and so on. It would be a bigger mess than creating a new directory with the name and location conforming to my own style, and downloading/converting directly there.
Reply to this story:
Thu, 17 Jan 2013
Fedora 18
Fedora 18 has finally been released after being delayed several times. So far my experience is not so bad - upgraded systems mostly work. What are the biggest problems?
Most of them of course are in the rewritten Anaconda/FedUp combo. In my opinion, developers should be explicitly told to not rewrite things from scratch, if there is at least a small possibility of getting to the similar set of features with incremental modifications. The problem is that the previous codebase mostly works, and have lots of working features even for many corner cases. This resembles the infamous gdm-2.20 rewrite. Here is the list of problems I have ran into so far, using F18 on my laptop, on my workstation at work, and on a testing virtual machine:
- Gdm still cannot set the X server command line options, even though the developers promised the feature to be restored more than three years ago.
- FedUp provides no visual feedback about the progress of update. Who the f* wants to see the flashing Fedora logo during the upgrade, instead of some meaningful information? Are we trying to emulate MacOS or what?
- The new Anaconda cannot setup the storage the way user wants it to be set up, even though the old version worked even in this case. The developers response? Use Kickstart.
- Anaconda can select only one desktop environment for the installation. The response is the same as above. WTF?
- On my laptop, there was no way to select the correct time zone using mouse.
- Configuration files are being gradually
replaced with
systemdservices, which communicate over D-Bus, and have their configuration stored elsewhere. Replacing a three-line/etc/sysconfig/clockwith a permanently running daemon which needs its own command-line utility which talks to it over D-Bus seems really questionable for me. - My laptop is switching off when I close the lid. Apparently, another
systemdcomponent is doing this. Here is the workaround. - Jindřich's TeXlive page is yet to be updated for F18. There is the texlive-release.rpm package, but it points to a non-existent directory. I have yet to solve this.
- On the positive side,
systemctlno longer needs the.servicesuffix for the services.
To sum it up, we are slowly heading to the distribution where find(1) and grep(1) are no longer the sysadmin's friends, and
the sysadmin will need to use the specific D-Bus interfaces to talk to the
most parts of the system. It is kind of sad.
3 replies for this story:
Peter Krutý wrote:
> FedUp provides no visual feedback about the progress of update. Who the f* wants to see the flashing Fedora logo during the upgrade, instead of some meaningful information? Are we trying to emulate MacOS or what? I see very nice progress bar, when my macbook is updating :).
Vašek Stodůlka wrote:
I switched to Debian with Gnome 3 and Gnome 2 removal. I'm probably too conservative (and old) for Fedora. :-)
Yenya wrote: Re: Vašek Stodůlka
The problem with Debian is that it is, well, Debian. I prefer RPM over DPKG for technical reasons, and I prefer my system without the mandatory GNU/ prefix for political reasons. I also like the short release cycle of Fedora.
Reply to this story:
Thu, 29 Nov 2012
Secure Login at Alza.CZ
Here is how the "secure" login works at alza.cz, one of the biggest e-shops in the Czech Republic:
In the login form, user can click to the link named "SSL", which leads to the SSL-encrypted page with an alternative login form. The problem is, that this page apparently sends the login form data unencrypted, so the usage of SSL to display the login form is completely pointless.
3 replies for this story:
dan wrote:
I agree, their login form is weird. I checked it with firebug and fortunately the credentials are not sent over in plaintext - it's still HTTPS. It seems that something in the way they are sending them confuses the browser - they are not using a standard HTML form, they are sending the credentials using XHR request. The login doesn't even work with JS turned off.
toto wrote:
Ty máš co kritizovat...spíš si oprav CSS. http://imgur.com/PBm7C
Yenya wrote: Re: toto
Well, the "official" URL of my blog does not start with https, so it is not my problem that it contains http-only images or whatever when accessed over https. Also, there are no private data sent over the net during communication with my blog (as opposed to Alza.cz).
Reply to this story:
Wed, 28 Nov 2012
SOAP::Lite
Today's daily WTF goes to the SOAP::Lite CPAN package and its non-configurability and mis-design.
For example, look at this:
HTTP Basic authentication is accomplished by overriding the get_basic_credentials suboutine in LWP::UserAgent (which SOAP::Transport::HTTP::Client is a subclass):
BEGIN {
sub SOAP::Transport::HTTP::Client::get_basic_credentials {
return 'username' => 'password';
}
}
So apparently the only way how to use Basic authentication is to override
a global function in some foreign namespace. And what to do when I want to
use two SOAP servers with two sets of credentials inside a single application?
There are more similar "features" in SOAP::Lite. For example, tracing can
only be set up globally in compile-time, or by manually calling ->import().
My dear lazyweb, is there a SOAP module with cleaner design?
UPDATE 2012/11/28: Tracing
FWIW, it is probably easier and cleaner to do both basic authentication
and tracing at the transport level - the transport module here is
LWP::UserAgent (thanks Adelton for the hint!), so for example handlers described in the LWP::UserAgent manpage work:
$soap->transport->add_handler(
request_prepare => sub {
shift->authorization_basic($login, $pass);
},
);
$soap->transport->add_handler(
request_send => sub { print STDERR shift->content; },
);
$soap->transport->add_handler(
response_done => sub { print STDERR shift->content; },
);
I wonder why the SOAP::Lite manpages suggest such dirty ways
of handling this (and I have not even started mentioning things
like $SOAP::Transport::HTTP::Client::USERAGENT_CLASS global
variable; ugh)
3 replies for this story:
Adelton wrote:
From man page: Because "SOAP::Client" inherits from "LWP::UserAgent", you can use any of "LWP::UserAgent"'s proxy settings. Can't you really apply the same to the ->credentials call? Eg, $soap->transport->credentials($netloc, $realm, $uname, $pass); ?
Adelton wrote:
By the way, who is holding a gun to your head to force you to use SOAP?
Yenya wrote: Re: Adelton
Well, why TF they have "redefine the get_basic_credential" in the POD as their prefered way of handling basic auth then? (ISDS is the gun holder there, but fortunately this is not my job, I just tried to help one of my colleagues :-)
Reply to this story:
Tue, 27 Nov 2012
Cookies Auth and 403 Forbidden
In IS MU we have recently abandoned the HTTP basic authentication and replaced it with cookie-based authentication. The main reason was that there is no portable way of logging out of the basic authentication. So I have based our new solution on Apache2::AuthCookie. The problem is, that it does not work correctly with some clients because of the way how the login form is handled.
When the yet-unauthenticated user accesses an URL for authenticated users only,
Apache2::AuthCookie returns the HTTP response with "403 Forbidden"
status code, and with text/html body containing the login
form. That way, the client cannot be possibly lead into the false assumption that the page it just received is in fact the content it wanted to receive.
So the user fills the login form, submits it, and the server returns the real
page for that URL, this time with "200 OK" status code.
This approach seems to be correct (even after reading the RFC 2616 :-). However, we observe problems with
the following two use cases:
- Nokia Symbian-based phones. After receiving 403 from the server, they display their own error message, and ignore the returned HTML altogether (except for the page background :-).
- Microsoft Word. When the link to the authenticated page is embedded inside the Word document, and user ctrl+clicks it, Word apparently starts MSIE to get the page. However, in this special case MSIE does not display the login form after getting the 403 status, but reports the error to its caller (MS Word) instead. So Word displays a generic error pop-up to the user, without the user being able to log in.
What to do now? The problem is clearly in the HTTP status code 403, and in its
mis-interpretation by some clients. I don't want to return the login form
in a 200 OK response, because I need e.g. the web crawlers to know that this
is not actually the page they tried to access. As for Symbian, they can be
clearly identified by their User-Agent string, so I can
return 200 OK only for them. But as for MS Word, I have no clue: what I see
is the request made by MSIE (and again, I probably don't want to return
200 OK to every unauthenticated MSIE request).
Any other suggestions, my dear lazyweb?
2 replies for this story:
Adelton wrote:
I'm not sure about that 403: "Authorization will not help and the request SHOULD NOT be repeated". Since you are using cookies for something it's not technically supposed to be used (authentication), I wouldn't worry about that 200 that much. I'd either make it 200 or 302 to some login page, ideally with some Pragma: no-cache so that spiders don't index/cache it.
Yenya wrote: Re: Adelton
Well, the request after 403 is not repeated (by the browser itself). Apache2::AuthCookie returns a login form in that request, and the action of this form is some different URL (which, by coincidence, returns 302 to the original URL, if correct credentials are submitted). So I still think 403 is a perfectly legal way of returning the login form.
Reply to this story:
Mon, 12 Nov 2012
Desktop Environment-Specific Apps
I have recently came across this two years old bug report, filled to the bug tracker of Transmission (a Bittorrent client) where a GNOME developer suggests removal of the notification area icon from the application on the basis that GNOME 3 does not support notification area at all.
So if I understand it correctly, we are now living in a world where all the GUI applications have to be dependent on the particular desktop environment, and it should be no longer supported to run - say - Transmission under XFCE, or GIMP under KDE, at least according to GNOME developers. "We GNOMErs do not support notification area icons, so this application should not use it" (even though the application is not used exclusively under GNOME)? Where are the freedesktop.org cross-DE interoperability recommendations?
That said, notification area as such sucks - what I liked most was the original approach of X11: using on-desktop icons for minimized applications (instead of applications and documents shortcuts), and applications displaying their own status in their icon (handled by every window manager using the same ICCCM specification).
3 replies for this story:
Martin Putniorz wrote:
GNOME devs are just a bunch of guys who think of themselves as the team of Steves (Jobs). More about it here https://igurublog.wordpress.com/2012/11/05/gnome-et-al-rotting-in-threes/
Yenya wrote: Rotting in threes
Yep. I have also discovered that blog post yesterday. Quite disturbing read, isn't it? And it is not only GNOME, but Ubuntu and others as well.
Milan Zamazal wrote:
Interesting reading, it explains a lot. I'm pretty happy and quite stable with simple and highly customizable environments (StumpWM + Emacs + uzbl) last years. The problem is that such environments are not suitable for nonprogrammers. It seems that Xfce is still going in the right direction, i.e. being easy to use, easy to set up and running well on old hardware. So I'm going to replace GNOME and KDE desktops of my users with Xfce on the next upgrade. Other users may have other needs. E.g. one of positive effects of Ubuntu was that some developers and users preferring smaller and unstable distribution with frequent updates and more buzz have left Debian in favor of a somewhat similar distribution better suited to their needs. This is all right and there has been less tension in Debian since then as there are less attacks on its principles -- I think both Debian and Ubuntu users and developers are happier now.
Reply to this story:
Fri, 12 Oct 2012
Failed SSD
Yesterday I went to a meeting and brought my laptop with me. I made
notes to a text file, and after the meeting closed the lid (my laptop
is configured to suspend then) and went away. After returning to my
office I have opened my laptop and seen only error messages from
the sda drive.
The drive was totally dead, and did not work even in another computer.
After plugging it in the SATA controller only printed something like
"resetting SATA channel", so it did notice something has
been plugged in, but nothing more. I had to teach my UNIX course in two
hours, so I had to quickly find a replacement, install a new system,
and configure it for presentation. Fortunately, I had a "spare" 2.5" drive
prepared as a replacement of the root FS of my workstation. So I deleted
the already configured system for my workstation, and used that.
Have you anybody seen a similar problem? The drive was "iops-optimized" OCZ Vertex II, about a year old. Fortunately, I use LUKS, so I can send it back to the vendor without worrying about my data.
2 replies for this story:
Lukas wrote:
We have SSD drives (250GB KINGSTON) in our workstations. For last year and half, we encouraged 5 total drive failures in our 7 member team. I think that this technology is still immature.
Jakub wrote:
If you still run Fedora, make sure that TRIM is enabled w/ LUKS: http://forums.fedoraforum.org/archive/index.php/t-278455.html
Reply to this story:
Mon, 06 Aug 2012
Enterprise Bug Fixes
Today, an unimportant but interesting bug #313291 has been fixed in RHEL 5. Here is the timeline:
- 2007-09-30: I reported the bug.
- 2007-10-03: The package maintainer found the upstream change which fixed the bug.
- 2007-10-05: I have verified that this trivial patch fixed the bug for me.
- 2012-08-06: The errata and the fixed package have been released.
I am grateful that the bug has been fixed after all this time,
but I don't use RHEL 5 anymore, and mutt in RHEL 6 got the fix
from the upstream.
I wonder why they even bothered to fix the bug after so much time,
and even release the new mutt package fixing this single bug.
This is not a complaint, this is hopefully an interesting insight to
the release process of RHEL packages. Maybe some high-profile customer
wanted this bug fixed. Who knows?
2 replies for this story:
Vašek Stodůlka wrote:
...or maybe some package maintainer, whose salary is dependent on how many bug fixes he delivers, wanted to earn some easy money, or package maintainers have a new boss, who want to earn some points and he wants to have "fixed bugs in month" key performance indicator higher, than the previous man. :-)
wrote:
... or maybe we just reached 5th year of fixing more important issues of RHEL5. :))
Reply to this story:
Mon, 02 Jul 2012
404: /undefined
In IS MU, we log and evaluate errors in HTTP
requests, including "404 not found". When the Referrer header
points back to our site, we try to look for a broken link.
Recently (last month or so), strange 404 requests started to appear in our
log file:
These requests point to the location /undefined, with referrer
being our root document, /. And the referrer is not fake,
there is always a successful request to / from the same IP
address from several seconds ago. Occasionally we get similar 404 requests,
pointing to /lide/undefined, or /vyhledavani/undefined,
with referrer being /lide, or /vyhledavani.
We are not able to reproduce the problem. It is not User-Agent-specific
(altough most of the User-Agents with this problem are Chrome), and it
is not deterministic: we got tens of these 404 requests daily out of
milions total requests (and out of tens of thousands of requests to the
title page). These requests are always for a non-authenticated page, and
always for a page which is a directory (i.e. which is represented by the
index.html or index.pl document in that directory).
I think it is related to some Javascript we include to the title page - maybe JQuery, maybe Google Analytics. I have tried to remove the Google Analytics Javascript from our title page for a day, but it did not make the problem disappear. Also, our git log from the time these requests started to appear does not show anything related. We have found the following possibly related discussions:
- http://productforums.google.com/forum/#!category-topic/analytics/discuss-tracking-and-implementation-issues/oqEgEM3rc8M
- http://stackoverflow.com/questions/11017609/undefined-randomly-appended-in-1-of-requested-urls-on-my-website-since-12-jun
So, my dear lazyweb - any ideas what can be the cause of this behaviour?
UPDATE 2012/07/03: It is probably AJAX
Yesterday have added a new image to the 404 page which meets the above
conditions (location ending with "/undefined",
referrer being the location minus "/undefined"), and
so far after > 12 hours I see exactly zero accesses to that image
in my Apache logs. So this error is most probably caused by something
that users can't see, i.e. AJAX requests. Not the window.location
modification that himdel suggests in the coments.
2 replies for this story:
himdel wrote:
I think it's the autocompletion .. or, more specifically, ancient jQuery:
- go to /lide/
- there's this result handler: var span = document.createElement('span'); span.innerHTML = item[0]; window.location = $(span).find("a").attr("href") + url_params;
- span gets set to <span></span>
- but $(span) yields null
- null has no find method, so the while $(span).find... expression yields undefined
- window.location = 'undefined' goes to /lide/undefined
Yenya wrote: Re: himdel
Thanks, I will look at the autocompletion. But this would mean item[0] was set to an empty string. Moreover, I don't see any request to autocompletion (/naseptavac_data.pl) in my access logs before the request to /undefined is made.
Reply to this story:
Fri, 18 Nov 2011
Google Authenticator
For some time, I have been considering adding two-factor authentication to my systems in order to prevent break-ins in case somebody's workstation is compromised (which is a common attack vector these days). One of the systems for one-time passwords is Google Authenticator.
G-A has an application for many smart-phone platforms (Android, iOS, Blackberry), and has a PAM module, which is even packaged in Fedora. It stores users' secrets in a file in the home directory, and uses 6-digit time-based passwords and 8-digit emergency scratch passwords. The configuration in Fedora is pretty straightforward:
yum -y install google-authenticator- In
/etc/pam.d/system-authandpassword-auth, changepam_unix.sofromsufficienttorequired, and after that line, add the line which reads "auth sufficient pam_google_authenticator.so". - Install the G-A application to your smartphone.
- Generate a new key using the
google-authenticatorcommand. - Add the key to your smartphone, either directly or using a QR code.
- Profit!
There are several problems with SSH-daemon, though:
- With SElinux enabled, it does not work.
- When public key authentication is allowed in
sshd_config, it also does not work (use "PubkeyAuthentication no" in/etc/ssh/sshd_configand restartsshdif you want to test it).
Especially the second problem is pretty serious, as I wanted to allow also public key + one-time password authentication there.
So, my dear lazyweb, what kind of two-factor authentication do you use?
2 replies for this story:
Adelton wrote:
Dan has just released post to his blog at http://danwalsh.livejournal.com/48161.html -- I did not dig deep whether it solves or just reiterates the SELinux problem thou.
Yenya wrote: Re: Adelton
Yep. The SELinux team has definitely the best response time (and attitude!) in Fedora bugzilla. There is further discussion ongoing in this BZ entry. For all interested parties, I suggest to continue discussion in that BZ.
Reply to this story:
Mon, 03 Oct 2011
Dear Customer,
[...] we would also like to inform you about the following change
in your network: a new address has been assigned to you:
2001:4cc8:...::/64.
Netbox apparently supports IPv6 now. Yay!
2 replies for this story:
dan wrote:
I got that e-mail as well! I've got to try it, hopefully it's not an error in the matrix :-).
Cohen wrote:
https://konto.netbox.cz/sco/network/ipv6
Reply to this story:
Wed, 15 Jun 2011
High-Performance HTTP Servers
Yesterday I have read about Apache Traffic Server. My dear lazyweb, do you use something like that (or Nginx)? What is your main reason for using it? I wonder why use user-space solution, when IPVS works pretty well for load balancing.
1 replies for this story:
Miroslav Suchy wrote: Perlbal
I used to use Perlbal as reverse proxy server. Why I did not used some kernel module? User space is much better for maintenance. At least for me. I can create new instance of Perlbal in 5 minutes and it will not require maintenance ever. I could not say that for kernel modules as I'm upgrading kernel whenever update from distro come.
