Keep [C]*(od|do)ing

June 15 th

Save Subversion Server on BlueHost

Filed under: Tools,software — Tags: bluehost, subversion — Liwen @ 2:30 pm

The first command I typed in Emacs this morning was “svn up“. Two seconds later, the unexpected unwelcome stranger “svnserve: error while loading shared libraries: libpq.so.3: cannot open shared object file: No such file or directory” popped into my screen, I felt my heart jumped up into my throat and my blood pressure went up a bit. This is no good***@#^& :–(

Checked on BlueHost support site and was informed that they have upgraded PostgreSQL and have recompiled Apache. I suppose I couldn’t ask BlueHost tech support regarding the issue since Subversion is not something included in the hosting package.

Found this thread on Google suggesting to ‘rebuild apt-util’ but without giving any solution, so I decided to roll my sleeves and solve the problem on my own.

Here was my installation hosting environment:
1. Bluehost 64bit box
2. subversion 1.5.5

And here is how I installed subversion in the first place, you may want to check this post (referring as post #1 form now on) first as the following steps are partially in the same context with it.

Failed trying to reconfigure

Tried to install all subversion dependencies downloaded in post #1, it ignores the installation and says the libraries have been installed.
Tried to reconfigure and link, got lots of ‘cannot read symbols‘ error. One of the errors seems to be version related problem which I encountered before while doing apache upgrading.

I guess I may need higher version of apr and apr-util and hope they will still work with subversion 1.5.5, otherwise I’ll have to upgrade my svn on the server as well.

Download apr and apr-util

cd src wget http://www.apache.org/dist/apr/apr-1.3.5.tar.gz wget http://www.apache.org/dist/apr/apr-util-1.3.7.tar.gz tar -xzvf apr-1.3.5.tar.gz tar -xzvf apr-util-1.3.7.tar.gz

Install apr

cd apr-1.3.5 ./configure --enable-shared --prefix=$HOME LDFLAGS="-L/lib64" make && make install

Install apr-util

cd ../apr-util-1.3.7 ./configure --enable-shared --prefix=$HOME --with-apr=$HOME --without-berkeley-db LDFLAGS="-L/lib64" make && make install

Install neon

Since neon depends on apr and apr-util, I’d better reinstall it as well, tried to install the neon comes with subversion-dep-1.5.5.tar.gz and this time it succeeded, great!

cd ../subversion-1.5.5/neon EXTRA_CFLAGS="-L/lib64 -fPIC" CFLAGS="-L/lib64 -fPIC" ./configure --prefix=$HOME --enable-shared LDFLAGS="-L/lib64" --with-libs=$HOME make && make install

Reinstall Subversion

cd .. ./configure --prefix=$HOME --without-berkeley-db --with-apr=$HOME --with-apr-util=$HOME --with-neon=$HOME -without-apxs --without-apache make && make install

Something you might want to know if you are going to follow my steps to save your svn server on BlueHost. As the information in this weblog is provided “AS IS” with no warranties : )

1.Check your BlueHost hosting environment (32 bit or 64 bit)
2.Check your subversion version (a new repository schema has been introduced since version 1.4.?, you may want to download all repositories and upgrade them locally)
3.Backup all repositories.
4.If you are not sure about what those steps are all about please do read post #1, don’t replicate them blindly – for your server’s safety, although BlueHost backs up your home directory in daily and weekly intervals.
5.There might be a better solution beyond my knowledge and you can wait for someone to find out – I am just a brave armature :)

May 27 th

Designing for the Social Web (Book Review)

Filed under: book — Tags: book, design, social web — Liwen @ 11:02 am

Designing for the Social Web by Joshua Porter

Web, a public place just like restaurants, libraries and pubs, has rapidly developed into a new phenomenon – I hope not many people have doubts over this statement. Who doesn’t want to build the next Facebook or Twitter? However, considering the complex interactions in social behaviour, designing for social web is definitely no easy task.

The book starts with an introduction of ‘Part Interface Design, Part Psychology’ and the typical rudimentary web ‘Usage Life-cycle’ to raise readers’ awareness of what hurdles social web design may face and the ultimate goal: ‘Better Design’.

Besides clearing all the hurdles in the following chapters, there are lots of insights and clichés scattered across its 187 pages, some you may completely agree with and some would make you think. Overall, it was an intriguing read for me. Just like the famous Don’t Make Me Think from Steve Krug, this book is more about common sense. It’s not rocket science, but you just don’t happen to have collected and have systematised all the simple bits and put them in good use. Comparing the style of drawing conclusions from author’s own experience in Don’t Make Me Think to providing more results from research in Designing for the Social Web, this book suggests less detailed description of how to apply the insights into practice, which means you may have to combine your own experience with what the book says to find the best solutions on your own. I felt the author carried out very good research into the subject and represented it compactly yet coherently in a conversional style.

In the London Web Standards meet-up, we discussed this book and someone found that the chapter “Authentic Conversations” is a bit out of topic. Interestingly enough, I found this chapter is particularly useful and I would like to research it more. After been working for a media company, which runs several high profile social web sites for a while and based on the observation on how the publishing team runs the sites, I can see how we can improve and hopefully to put the knowledge learnt from the book in use in the future. It has been said, if you combine your own experience with what the author presented in the book, most likely you will find something interesting and useful.

If you grab this book before going on a trip or jumping on a commuter train, it could make you journey.

Author: Joshua Porter
ISBN-10: 0321534921
Thanks to London Web Standard and Jeff Van Campen for the book.

May 16 th

Save Emacs Pinky

Filed under: hardware,obsession — Tags: emacs, hardware, keyboard — Liwen @ 10:55 am

After suffered index finger pain from using mouse for a long time, In spite of the risk of getting emacs hands, I equipped all my systems with Emacs and decided to use GUI as sparingly as possible.

Emacs Fingers
(Source ❐)

I have the habit of using both Ctrl keys in standard IBM keyboard layout so I was not lurked to Remap Caps Lock Key, which is a half-standard popular approach of giving left pinky double work based on the fact that traditional UNIX keyboards typically had the control key where the caps lock key is now. This knowledge is true, but it is not the correct answer to Emacs.

Emacs shortcuts were designed specifically for the space-cadet keyboard which is commonly used for List machines in the 80s. In those keyboards, Ctrl key is the main modifier key and Meta is right after it as the secondary modifier. In today’s IBM PC keyboard, the Meta key has been replace by Alt and the Ctrl key is placed in the corner far away out of thumb’s reach. Strangely enough, despite the fact that IBM has made the Ctrl key one of the most costly keys to press, almost all software designs have followed the convention of using Ctrl key as the main modifier key along with the HCI guidance published by IBM itself and Apple.

Symbolics Keyboard
(Large Image ❐) (Source ❐)

Although the keyboard layout change was a tragedy for Emacs users, it didn’t affect new generations of programers such as myself, as I only had Commandore 64 as my first Computer/Game console when I was 5. After that, IBM keyboard dominated the PC market.

Nowadays, I use Emacs friendly Microsoft Natural Ergonomic 4000 keyboard at home.
Microsoft Natrual Ergonomic 4000

This is definitely one of the best keyboards you can get as a programmer, it has split keys oriented for each hands, very large modifier keys. Most importantly, they are symmetrically positioned on each side, which is the perfect design for people use modifier keys a lot. If that doesn’t satisfy you, you can even re-map the modifier keys with the IntelliType software comes with the keyboard. For example, you can swap Ctrl and Alt keys to make the keyboard function exactly same as original Symbolics Keyboards.

I was quite happy with it.

Things started to go wrong when I switched to a MacBook Pro, which only has one bad positioned small Ctrl key positioned in the middle nowhere.

Apple Macbook Pro Keyboard Layout

To cope with the pool design of precious Ctrl in Emacs, I re-mapped Caps Lock key for the first time . Who needs Caps Lock key anyway, especially when you are using Emacs :p. Also I re-mapped Caps Lock key for my work PC in Windows XP, hoping to form the new finger habits quicker.

I can live with the feeling that my right pinky has been cut off and hope I can get used to it in a few weeks. But after a while, my left pinky hurts and It hurts a lot. I have been searching for the solutions and tried to work out the best one for my case. But after reading How To Avoid The Emacs Pinky Problem, I give up the thought of getting a Apple Keyboard just for the right Ctrl key. Apple keyboard sucks!

To ease my pinky pain, I am bring the Microsoft Natural Ergonomic 4000 keyboard to work and upgrade to Microsoft Natural Ergonomic 7000 for my home PC, then move back to Linux again. As for the Macbook Pro, I’ll just use it mainly for design and coding objective-c.

That’s right, I am giving up the slick Macbook Pro because of Emacs Pinky.

May 3 rd

Password-less svn+ssh Access on Mac OS X – Updated

Filed under: Tools — Tags: macos, ssh, subversion — Liwen @ 8:57 pm

1. Install Subversion 1.5.5 on Bluehost Linux 64bit Box
2. Configure svn+ssh on Windows OS

After relentless pounding of my fingers on the keyboard just to feed the same password again and again and again to subversion repository in Mac terminal, I realised that typing password is not as fun as developing finger habits in my beloved Emacs, although they are both repetitive.

I was reluctant to set up password-less svn+ssh access on my new Mac machine. The reason is that the key pair I am using were both generated by Putty, one deployed on Linux server and one for Windows clients. I would rather play Street Fight 4 online for half hour other than reconfigure SSH access across three different operating systems – if it is not absolutely necessary. They both involve the phrase “pain in the ass”, if you know what I mean :)

Good news is that Mac OS comes with a SSH agent:

ssh-agent is a program to hold private keys used for public key authentication (RSA, DSA). The idea is that ssh-agent is started in the beginning of an X-session or a login session, and all other windows or programs are started as clients to the ssh-agent program.

With the ssh agent, we can add the identity once per login. It means ‘add once, use everywhere’! It will be really helpful if you use more than one clients to connect to the same repository server.

Step1:
Use mac os build in ssh-keygen to generate a pair of openssh format keys. Deploy the public key on your server (assume your server uses openssh) and set up the appropriate permissions (see the related post1 to lean more). If you already have a .ppk key, then a conversion from Putty format to openssh would probably be the easiest way to go. It can be done either using PuttyGen in Windows OS or using a Putty Mac port (MacPorts or DawinPorts).

Step2:
Grant the key file minimum permissions. It needs to be:
chmod u=r,ga-rwx

If you are curious about ssh agent, read step3 and step4, otherwise, just skip to step 5.

Step3:
Find out the ssh-agent environment variable values: SSH_AUTH_SOCK and SSH_AGENT_PID. For more info about ssh agent in Mac OS, please read here.

Mac OS SSH agent

Step4:
~~Set SSH_AUTH_SOCK and SSH_AGENT_PID environment variables in your subversion client of choice. If you only use command line clients, this step can be skipped.~~
Update: It turned out the SSH_AGENT_PID value changes form login to login.

/tmp/ssh-XXXXXXXXXX/agent.<ppid>
Unix-domain sockets used to contain the connection to the authentication agent. These sockets should only be readable by the owner. The sockets should get automatically removed when the agent exits.

In this case, the clients need to talk to the OS to find out the value. Since ssh-agent servers as a lower level service in the OS, it seems to be impossible to set up those values for clients manually and I assume it is not necessary.

Setp5:
Use ssh-add command to add the key to ssh authentication agent.
ssh-add yourkey

Find the following three files in the ~/.ssh/ directory (create if not exist).

 ~/.ssh/identity
    Contains the protocol version 1 RSA authentication identity of the user.
 ~/.ssh/id_dsa
    Contains the protocol version 2 DSA authentication identity of the user.
 ~/.ssh/id_rsa
    Contains the protocol version 2 RSA authentication identity of the user.

Append your private key in the right file (depends on the key type) and change the permission to owner read only, the ssh-agent will automatically read those files and add identities to the agent every time a ssh request occurs.

Now it’s really password-less!

Mac ssh-add command

March 11 th

You exposed too much

Filed under: coding — Liwen @ 11:22 pm

Sometimes, actually most times, people love exposing, either to attract attention or express affection.

Topless

Look how happy they are! This must be enjoyable!

However, one probably should get himself fully covered when it comes to serious business – even it means sacrifice of agility and strength.

Japanese Warrior

This also applies to coding. When one’s code needs to interact with other people’s code or intends to serve as a service, the less exposure, the better. As one of the three pillars of OOP, encapsulation is defined as below:

In computer science, Encapsulation is the hiding of the internal mechanisms and data structures of a software component behind a defined interface, in such a way that users of the component (other pieces of software) only need to know what the component does, and cannot make themselves dependent on the details of how it does it. The purpose is to achieve potential for change: the internal mechanisms of the component can be improved without impact on other components, or the component can be replaced with a different one that supports the same public interface.

Encapsulation also protects the integrity of the component, by preventing users from setting the internal data of the component into an invalid or inconsistent state.

Another benefit of encapsulation is that it reduces system complexity and thus increases robustness, by limiting the interdependencies between software components.

Two weeks ago, I was asked to integrate a third-party online game into our system at work, here is the API I received.

For registration:

http://domain/service/commandHandler.php?Command=doCommand& RequestID=b5e555ec-7788-486e-8426-37d82a97a287&Code=234ab13&Name=XXXXXXXXX& Username= XXXXXXXXX&FirstName=NTVA&LastName=NTVA&Password=XXXXXXXX& Email=XXXXXXXXX&CountryID=2&State=NTVA&PostCode=NTVA&City=NTVA&Address=NTVA& PhoneNumber=NTVA&GenderID=1&DateOfBirth=20081111&IsAffiliate=FalseDiscountCode=& BannerID=XXXXXXXXX&IBAN=&BankAccountOwnerName=&SwiftCode=&BankName=

In the manual, it says only parameters marked as XXXXXXX are mandatory, others are all optional. sounds simple!

So here is what I did:

1. Send request like this: http://domain/service/commandHandler.php?Command=doCommand&RequestID=[Guid]& RequestCode=RandamCode&Name=XXXXXXXXX&Username=XXXXXXXXX& Password=XXXXXXXX&Email=XXXXXXXXX& BannerID=XXXXXXXXX.

Response: Error in FirstName, LastName.... blar blar blar.

2. OK I guess it expects every parameter to be passed in even they are optional. So sent request like the below – I would not say it’s dumb:

http://domain/service/commandHandler.php?Command=doCommand& RequestID=[GUID]&Code=RandomCode&Name=XXXXXXXXX& Username= XXXXXXXXX&FirstName= &LastName=&Password=XXXXXXXX&Email=XXXXXXXXX& CountryID=&State=&PostCode=&City=&Address=&PhoneNumber=&GenderID=1& DateOfBirth=20081111&IsAffiliate=False&DiscountCode=&BannerID=XXXXXXXXX&IBAN=& BankAccountOwnerName=&SwiftCode=&BankName=

Response: Error in FirstName, LastName... blar blar blar. This time all ‘parameter=’ didn’t complain, but all ‘parameter=NTVA’ failed.

3. After 10 more times try, I finally figured out:

The RequestCode need to be exact the same value as printed in the API example although there isn’t a single word of explanation about the mythical code.
All Parameters which have value NTVA in the printed API need to be set to something, if the values are available, you still need to set them to NTVA, NTVA means NULL or empty string.
The countryCode and GenderID must be numbers and again there is not a single sentence about those being mentioned in the manual. Who cares, let’s pass in the countryCode as 1 (I assure there will be at least one country) and GenderID=1
The DateOfBirth, you need to pass in a string in ‘yyyymmdd’ format, let’s pass 19800101 to make sure every user I registered can access whatever porn you are going to show…
Hooray, registration succeeded! But I got no userID?
Let me give those guys a call to check if I did it right. Then I was astounded by what I heard: the RequestID is not suppose to be unique, just as the magical RequestCode, you need to send the same value (exact as printed in the API) every tim. UserID is not returned with registration command because they can’t see why we need it, but all other commands would return userID so you can get it later if you want – So my assumption is that they don’t know how to return an ID for newly inserted row.

After all these steps, my first thought was to send the API to The Daily WTF.

How hard it could be to check whether a parameter is present in a HTTP request? Is it really impossible to determine if the value of the parameter is empty so I need to pass some stupid string like NTVA?

If things have been done down to such a level, I would not expect them to know encapsulation. (Notice all bold emphasised parts have been violated). But then how could you expect me to send user details into your database? Who knows what the data would end up to? Did you notice there are bank details to be expected?

The contact from the API provider is very enthusiastic about the project. Out of courtesy, I didn’t tell him that the API sucks.

From a tech perspective, I wouldn’t had gave it a go anyway, although the integration was cancelled due to other reasons.

Sometimes, actually most times, you need to get yourself well equipped before going out hunting for business. No one would choose vulnerable partner or hire naked soldiers. In a similar vain, skilled coders would not use overly exposed APIs, which will set everyone in trouble.

Show your robustness, not vulnerabilities.

HappyBirthdayChippendales

read older entities »