It can mean only one of two things when fighter jets are buzzing the sears tower.
Yes, folks, that’s right. I had almost forgotten, but this weekend is Chicago’s annual Air and Water Show featuring the U.S. Air Force Thunderbirds.
Go out, get some sun, and enjoy the jets!
After reading around a little bit, it seems the best approaching to subverting your homedir is to use multiple repositories for the different portions of your homedir and then tying all those together using svn:externals. This post will be a lesson in doing so.
First, let’s determine the projected layout. I have several items I want to keep in subversion:
<li>homedir - my nix home directory, generally config files</li>
<li>code - various projects I may or may not be working on, may consist of various other repositories</li>
<li>docs - stuff I need to keep around for my personal life. This won't be checked out to many machines, but will be nice to keep in svn</li>
<li>work - any stuff related to work...resume's, temporary files, etc.</li>
<li>downloads - all the junk I download...how nice would it be to have previous versions in svn instead of x_v3.2.3.8.exe?!</li>
<li>bin - various finished shell scripts and utilities for personal use...I may have to seperate this out to win32 and nix</li>
OK, so that’s good for now. But Joey’s use of home-base and home-full is starting to confuse me. More on this tomorrow, hopefully, but my apartment needs a serious cleaning!
Unfortunately, I had to forego DefCon 13 this year for various reasons, but I still kept up a little bit on the chatter that was going on. My favorite presentation…SensePost on BiDiBLAH. BiDiBLAH is a tool that automates 80% (SensePost claim) of the vulnerability/penetration assessment process. That, my dear readers, is sweet and desperately needed in today’s information security assessment environment.
Penetration assessments are performed by a unique breed. There’s a certain knowledge required to identify a host and realize the potential exploitability of said host. BiDiBLAH assists in this process. This is something I’ve been wanting to do for a while, but have just never got around to. BiDiBLAH looks like it does a pretty decent job and while there are some things I would improve/change…it’s still pretty zexxy.
<foam party>I missed you DefCon…’till next year!</foam party>
I had seen a couple articles about keeping your $HOME in subversion, but none of them really walked me through it. They all assumed a pretty good knowledge of subversion. As a former cvs user with no subversion experience whatsoever, I was pretty lost.
# svnadmin create –fs-type fsfs /var/svn/users/userX # chown -R userX /var/svn/users/userX
Ok, now what? I’ve got the repository created… This is where I started to get confused. Joey Hess’ home directory looked normal, but ToyKeeper’s site was talking about trunks and branches. I didn’t know whether those went into the home directory or the repository. I assumed the latter, but I needed an answer. Another ONLamp article indicated that it’s on the repository side. I should probably make the decision of how I want to do that now, but I’m going to hold off until I’m more familiar with subversion.
Upon finding this post about inverting(?) the process of creating a subversion repository, I was able to figure out what to do next.
userX@host ~ $ svn co files:///var/svn/users/userX/ . userX@host ~ $ svn add .zshrc userX@host ~ $ svn ci -m ‘svn test checkin of zsh config file’
…That seemed to work. I’m realizing that the branches usage referred to by ToyKeeper might be very useful. But let’s keep going for now. After updating my .zshrc (it’s a few years old…I’m lazy, what can I say), another checkin and this is easier than I thought.
userX@dipshell ~ $ svn ci -m ‘Removed old items from .zshrc’ Sending .zshrc Transmitting file data . Committed revision 2.
Now, If I want to make this useful I need to enable network access. This has also been a slight point of contention as I must not be reading close enough but svn doesn’t seem too easy to setup over ssh. And I just realized I have another problem - if I check out this base directory on another machine, it will be cluttered with dot files. I’ll have to look into that later.
Well it seems I’m just an idiot - svn over ssh is as simple as just running the command. userX@host2 ~ $ svn list svn+ssh://host/var/svn/users/userX sigh The postinst message from emerge confused me…I thought there were additional steps. Well that makes me happy!
userX@host2 ~ $ svn co svn+ssh://192.168.153.8/var/svn/users/userX/ A userX/.zshrc Checked out revision 2.
Oh no…it checked it out to the userX directory. Adding the location to checkout to solved that, but I need to remove the old file first or I get the following error: userX@host2 ~ $ svn co svn+ssh://192.168.153.8/var/svn/users/userX/ . svn: Failed to add file ‘.zshrc’: object of the same name already exists
Cool, this is no problem. Now I need to figure out how best to organize it so I can pull stuff down from linux, windows, and even osx if the need arises.
Well that wasn’t so bad.
emerge wordpress >>> emerge (1 of 1) www-apps/wordpress-1.5.2 to / >>> www-apps/wordpress-1.5.2 merged.
OK, getting wordpress installed was easy. Now let’s try to upgrade the old installation. Note the postinst has this:
* To install wordpress-1.5.2 into a virtual host, run the following command: * * webapp-config -I -h-d wordpress wordpress 1.5.2
but since I’m doing an upgrade, I’ll be using -U.
webapp-config -U -h domain.com -d /wordpress wordpress 1.5.2
* Upgrading wordpress-1.5.1.3 to wordpress-1.5.2 * Installed by root on 2005-07-04 21:40:54 * Config files owned by root:root * Creating required directories * Linking in required files * This can take several minutes for larger apps * Files and directories installed * Install completed - success * Removing old version wordpress-1.5.1.3 — !empty dir wp-includes — !empty dir wp-images/smilies — !empty dir wp-images — !empty dir wp-content/themes/default/images — !empty dir wp-content/themes/default — !empty dir wp-content/themes/classic — !empty dir wp-content/themes — !empty dir wp-content/plugins — !empty dir wp-content — !empty dir wp-admin — !morecontents /var/www/domain.com/htdocs/wordpress — !empty dir /var/www/domain.com/htdocs/wordpress * Remove whatever is listed above by hand
Ok, no problems there and after visiting /wp-admin/upgrade.php I was done!
scp debian:/blogs/* gentoo:/blogs
:)
Let’s not forget to clean up: emerge -C wordpress-1.5.1.3
Looking at the forums, I know one thing that got people upset was that upgrading would cause the new webapp to be placed in the wrong directory. This may be due to an error in the webapp-config manpage.
Note that under -d it says “directory is a directory under your htdocs dir.”, but in the examples it provides this:
for x in webapp-config --list-installs phpmyadmin 2.5.6 ; do webapp-config -U -d $x phpmyadmin 2.5.7 ; done
But the output of webapp-config –list-installs is the full path to the install path, not relative to htdocs.
The example is really quite horrible. To do a proper upgrade, one needs both the destination directory relative to htdocs as well as the target domain name. This requires a little bit more than a bash one-liner.
One of the reasons that I am considering moving my webserver to Gentoo is due to it’s ability to manage web applications using webapp-config. I’m somewhat cautious as just as many people hate it as love it, but I think it might be useful for me. I manage several websites, some of which are using gallery, some of which are using wordpress, and it’s become a hassle anytime I have to upgrade something.
Recently, there was a security issue with wordpress and once again, I had to manually update a couple of my installations (you’d think I, of all people, would have it scripted by now don’t you!). Well I’ve got another wordpress blog running on a Gentoo server and this will be my first test of seeing how easy webapp-config is to use. If it goes well, I may just move my sites over there.
Stay tuned…
I just found this blog entry about backing up your del.icio.us links. Good to know.
I’d like to expand it to provide Yahoo “My Web”-like capability of saving web pages. :)
I came across a good tip a while back about making meeting requests smartphone friendly.
Use the “tel:” prefix and embed the participant passcode (pp) so that can be dialed by one click from a Smartphone. Tel:425-707-2000pp123456 By the way, p is an acceptable substitute for a pause comma. Add more for longer waits.
Awesome - as somebody that loves my new smartphone and the ability to have my calendar everywhere, this is very useful.
Couple interesting things I found while trolling around tonight.
Microsoft has a project called the Strider Honeymonkey Exploit Detection System that attempts to automatically detect malicious websites that are attempting to distribute malware. According to this SecurityFocus article…
Microsoft ‘s experimental Honeymonkey project has found almost 750 Web pages that attempt to load malicious code onto visitors’ computers and detected an attack using a vulnerability that had not been publicly disclosed, the software giant said in a paper released this month.
Way to go, Microsoft!
In tools news, aircrack 2.2 (one of my favorite Windows wireless tools) was recently released.
That’s it for now, time to go back to researching repositories.
Many of you have heard about the Cisco cover-up at Black Hat this year. You know, your normal gestapo presentation suddenly cancelled, pages literally ripped from the conference book, etc. The link to Lynn’s presentation on the Black Hat Multimedia page had also been removed. Now…you think they would have removed the actual pdf as well, don’t you? I mean…this is the hottest news in the past few days and everybody that wasn’t at Black Hat wants to get their hands on this information. And most of these “hacker-types” are fairly resourceful. So you would think that Black Hat would be smart enough to remove the actual pdf…
Well they weren’t. Up until sometime this morning, the contents of that pdf that people had been hired to rip out of the conference book still remained at a predictable URL on the Black Hat site. Intentional? Maybe…but it’s gone now.