Prepare CakePHP for PHP 5.4 and PHPUnit on OSX

sudo port selfupdate           # Update Portstree
sudo port install php54
sudo port install php54-xdebug # XDebug for debugging PHP Applications
sudo port select php php54     # Activate PHP 5.4
sudo cp /opt/local/etc/php54/php.ini-development /opt/local/etc/php54/php.ini
 
pear upgrade PEAR
pear config-set auto_discover 1
sudo pear install pear.phpunit.de/PHPUnit     # Install PHPUnit PEAR Package

add to /private/etc/php.ini and /opt/local/etc/php54/php.ini (The first file is de default OSX location and the second for the ports PHP Version):

include_path = ".:/usr/lib/php/"

starting the development server:

lib/Cake/Console/cake server -p 8080          # Run on Port 8080

run

lib/Cake/Console/cake test                    # Run Tests

or going to http://localhost:8080/test.php to run the tests onnline

Tagged: , , , , ,

iOS 6 VIP Feature: donations are open now!

Apple has showed a preview of iOS 6 to us this monday. They presented a nice little feature called VIP. You can declare people in your address book as VIP. All messages from VIP’s are displayed in a special, highlighted way. Even when you put your phone into a “Do not disturb” mode (also a new Feature of iOS 6) VIP’s can still get you up at 2:00am…

So i think its time to open donations for putting people on my VIP list. I will put the 5 highest donators on my list :)

Tagged: , , , ,

Oneliner: find not committed changes in working copy

It could be sometimes quite useful to know which changes you’ve not committed. The following oneliner does exactly this:

$ find . -type d -name \.svn | sed "s/\.svn//" | xargs -L 1 svn status | sort | uniq
Tagged: , , , , , , ,

Configure an central CakePHP Installation on own or Uberspace Server

If you like to run several CakePHP Applications on one server and keep them up to date all the time, it makes sense to install CakePHP centralized. I’ve done this on my Ubuntu based Servers:

apt-get upgrade
apt-get install php5 php5-mysql
a2enmod php5 rewrite
service apache2 restart
cd /usr/share/
wget https://github.com/cakephp/cakephp/zipball/2.1.0
unzip 2.1.0
mv cakephp-cakephp-b522a85/ cakephp-2.1.0
ln -s /usr/share/cakephp-2.1.0 /usr/share/cakephp
rm -r cakephp/app cakephp/.htaccess
ln -s /usr/share/cakephp/lib/Cake/Console/cake /usr/local/bin/cake
vi /etc/php5/apache2/php.ini
     include_path = ".:/usr/share/php:/usr/share/cakephp/lib"
vi /etc/php5/cli/php.ini
     include_path = ".:/usr/share/php:/usr/share/cakephp/lib"
service apache2 restart
And finally configure your virtualHost configuration and let the documentRoot point to the app folder of your application.
If you are a proud Ueberspace customer you can configure a Central CakePHP Environment in a similar way:
mkdir ~/lib
cd ~/lib/
wget https://github.com/cakephp/cakephp/zipball/2.1.0
unzip 2.1.0
mv cakephp-cakephp-b522a85/ cakephp-2.1.0
ln -s `dirname ~/.`/lib/cakephp-2.1.0/ `dirname ~/.`/lib/cakephp
rm -rf cakephp/.gitignore cakephp/.htaccess cakephp/app cakephp/build.* cakephp/index.php
echo 'PATH=$PATH:~/bin' >> ~/.bashrc
mkdir ~/bin
ln -s `dirname ~/.`/lib/cakephp/lib/Cake/Console/cake `dirname ~/.`/bin/cake
php --ini # To check which php version you'r using
cp /package/host/localhost/php-5.3.5-2/lib/php.ini ~/etc/
vi ~/etc/php.ini
     # include_path = ".:/package/host/localhost/php-5.3.5-2/lib/php:~/lib/cakephp/lib"
Tagged: , , , ,

Posfix and SASL Unix Auth

/etc/postfix/main.cf

Configure the Postfix MTA to support SASL

smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_exceptions_networks =
smtpd_sasl_local_domain =
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_type = cyrus

/etc/postfix/master.cf

Disable the run of the Postfix MTA in a chroot environment

smtp inet n - n - - smtpd

/etc/postfix/sasl/smtpd.conf

Tell Postfix where he finds the saselauthd socket file

pwcheck_method: saslauthd
saslauthd_path: /var/run/saslauthd/mux
mech_list: PLAIN LOGIN

/etc/pam.d/smtp

Configure PAM to support local unix Authentication for the SMTP Deamon

auth required pam_unix.so
account required pam_unix.so
password required pam_unix.so
session required pam_unix.so

Finally be sure saslauthd is running and is pointing to the right directory

/usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5

Here a Python Script to Test the Auth

#!/usr/bin/python
 
import argparse
import smtplib
 
if __name__ == '__main__':
    parser = argparse.ArgumentParser(description='Tests SASL')
    parser.add_argument('--username', '-u', dest='username', action='store', help='Username')
    parser.add_argument('--password', '-p', dest='password', action='store', help='Password')
    parser.add_argument('--host', '-H', dest='host', action='store', help='SMTP Hostname')
    parser.add_argument('--port', '-P', dest='port', action='store', help='SMTP Port', default='25')
 
    args = parser.parse_args()
 
    server = smtplib.SMTP(args.host, int(args.port))
    server.set_debuglevel(1)
    server.ehlo()
    server.starttls()
    server.ehlo()
    server.login(args.username, args.password)
    server.quit()
 
    exit(0)
Tagged: , , , , ,

Icinga: Could not stat() command file

I’ve just installed Icinga 1.6x on a Ubuntu Box and was faced again with this annoying error:

Error: Could not stat() command file ‘/var/lib/icinga/rw/icinga.cmd’!

I’ve played around with chmod, chown, chgrp and with the icinga and apache user. Finally i figured out, that it could be a error in the ubuntu package. This solved the error, even if you restart the service:

 
service icinga stop
 
dpkg-statoverride --update --add nagios www-data 2710 /var/lib/icinga/rw/
 
dpkg-statoverride --update --add nagios nagios 751 /var/lib/icinga/
 
service icinga start
Tagged: , ,

Getting IP from Linux CLI with Bash

I’ve just wrote a bash script for an automation and for this i needed the ip of my system.

I’d like to share this little snipped with you:

 
/bin/ip -f inet -o addr | grep eth0 | grep -oP '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}(?=/)'

Do you know a better way? Feel free to comment.

Tagged: , , ,

JMeter/Java Exceptions with SSL secured websites

Last week i had to setup a JMeter Testsuite for performance measurement of an SSL Secured Website. No big deal I thought, but I was completely wrong! Finally it took about one day to get rid of this annoying error below. At this point i need to mention, the server is running with a selfsigned certificate and Apache 2.x

For each request the client throws either an NullPointerException or SSLPeerUnverifiedException.

Java HTTP Client 4.0

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352)

at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)

at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:397)

at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148)

at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149)

at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121)

at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:573)

at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:425)

at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)

at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)

at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.sample(HTTPHC4Impl.java:277)

at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62)

at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1054)

at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1043)

at org.apache.jmeter.threads.JMeterThread.process_sampler(JMeterThread.java:416)

at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:271)

at java.lang.Thread.run(Thread.java:680)

Java HTTP Client 3.1

javax.net.ssl.SSLException: java.lang.NullPointerException

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1731)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1692)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1675)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1601)

at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:93)

at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)

at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)

at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)

at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)

at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)

at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)

at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)

at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)

at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)

at org.apache.jmeter.protocol.http.sampler.HTTPHC3Impl.sample(HTTPHC3Impl.java:249)

at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62)

at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1054)

at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1043)

at org.apache.jmeter.threads.JMeterThread.process_sampler(JMeterThread.java:416)

at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:271)

at java.lang.Thread.run(Thread.java:680)

Caused by: java.lang.NullPointerException

at org.apache.jmeter.util.keystore.JmeterKeyStore.getAlias(JmeterKeyStore.java:139)

at org.apache.jmeter.util.JsseSSLManager$WrappedX509KeyManager.chooseClientAlias(JsseSSLManager.java:380)

at com.sun.net.ssl.internal.ssl.AbstractWrapper.chooseClientAlias(SSLContextImpl.java:262)

at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:639)

at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:238)

at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)

at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:925)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1170)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:637)

at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:88)

... 16 more

I spent the main time of investigation on the JMeter/Java side. I’ve played around with the Java Keystore, created new certificates and searched trough internet forums.

From one to the other second i had the solution. The Website is running in a virtualHost container in the apache. The server is configured to serve sites as namebased virtualhosts. The SSL configuration has been done also inside the virtualhost configuration. Browsers do support this configuration without any problems. Its hard to point to any error at this point. I know from my previous employer, we configured a single separate ip for each SSL secured virtualHost in apache.

After configuring the website as a standalone site, outside an virtualhost container, everything worked perfectly.

If anyone has an idea how this problem could be solved from java side or has en explanation why this is as it is, i would be interested!

Update:

There is a technologie called SNI (Server Name Indication) which is responsible to make an handshake between client and server with TLS on a hostname basis possible. I looks like Java7 will support SNI. Is there no way to support SNI with Java versions below 7?

 

Tagged: , ,

Getting in contact with OpenStack

Till now, i was only able to deploy some vm’s on my MacMini Server with VMware Fusion on it. This worked oukay so far… Due to the mac mini is reaching its second birthday, it does not power vm’s very well. Also to keep the vm powered on, i need always stay logged in with the user and of course the management is only possible trough vnc directly on the server.

That was the reason for me to rent some virtual machines by rackspacecloud.com. Seriously, rackspacecloud is impressive! But keeping two or more vm’s up and running for more than a month is a really expensive playground! Moving to Amazon’s EC2 wasn’t an option too. So i decided to buy a extreme low-end cheap virutalisation capable server. After some research (Hardware should be compatible with ESXi in case of whatever) i’ve build the following server for me:

Case: Asus Vintage V8-P8H67E, Intel H67, Socket 1155, USB 3.0 (about 170$)

CPU: Intel Core i5 2500 BOX, 3.3GHz, LGA 1155, 4C/4T (about 200$)

RAM: Kingston ValueRAM, 3×4 GB, DDR3-1333, CL9 (about 60$)

Raid (optional): Adaptec RAID 2405, 4-Channel SAS/SATA, low profile (about 200$)

Additional Network: Intel PWLA8391GTBLK Pro 1000GT Gigabit Adapter PCI, Bulk (about 30$)

VLAN Gigabit Switch: HP ProCurve Switch V1810G-8 8 Port 10/100/1000 Mbps, SFP (about 110$)

Harddisk: got some at home

The Result is a Box with 100% Virtualisation Support (vPro, VT-x, VT-d, 64bit), 12GB RAM and small in form and silent too.

In the past i’ve landed several times on openstack.org during some research in automating virtualisation infrastructures. Openstack is a framework for building private clouds. Openstack promises an virtualisation ecosystem with all needed components to build a perfect world. The project looks very mature and there are a lot of partners supporting them. Openstack supports also a wide range of Hypervisors though they’r strongly recommending to use KVM for virtualistion. I will give the project a try…

 

Tagged: , , , , , ,

Safari 5.1 does not like https sites

After the update to OSX 10.7 Lion which ships Safari 5.1 i could no more open any HTTPS Sites with Safari. After googling around i found the Solution. You have just to delete the following file:

~/Library/Preferences/com.apple.security.revocation.plist

Thats all…

Since i’ve updated to 10.7 i’m faced with several bugs! Huge Bugs, which prevent me from working productive!

Tagged: , , , ,
Page 1 of 612345...Last »