Archive for the ‘Technix’ Category

Installing Mailman3 on Ubuntu 18.04 with MariaDB

Freitag, Mai 24th, 2019

Installing Mailman3 on Ubuntu 18.04 was surprisingly difficult, that’s why I want to share my experiences with the world. Here you are:

PHP with webpage user permissions on Ubuntu 18.04 Bionic Beaver (using PHP-CGI and Apache2.4 with mod_fcgid)

Montag, März 4th, 2019

Usually, PHP runs with the permissions of the Webserver Apache2, which has several disadvantages. One, that files created by the webpage will have different user permissions as the user the webpage belongs to. Also there’s a security concern, as webpages of other users on the server could access your data and configuration.

With Ubuntu 16.04 we used the Apache2 FastCGI module, which is no longer available from this how to. This here are the updated instructions for Fcgid.

In our environment we wanted to have a webserver which runs PHP with the permissions of the user the webpage belongs to. This is what we did (starting from a blank Ubuntu 18.04 installation):

apt install libapache2-mod-fcgid apache2 php-cgi apache2-suexec-pristine
a2enmod userdir

Add the following to /etc/apache2/sites-available/default-ssl.conf:

<FilesMatch \.php$>
  AddHandler fcgid-script .php

Allow ExecCGI for userdir in /etc/apache2/mods-enabled/userdir.conf:

Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec ExecCGI

In the user public_html directory create two files:


FcgidWrapper /home/USER/public_html/.php-fastcgi.fcgi .php

~USER/public_html/.php-fastcgi.fcgi (must be executable and belong to the user):

exec php-cgi

Have fun! Please don’t hesitate to leave a comment :-)

Linux: Force permissions for new files/directories

Dienstag, Mai 28th, 2013
mkdir foo
chgrp somegroup foo
chmod g+ws o-rwx foo
setfacl -dm u:www-data:rx,u::rwx,g::rwx,o::- foo

All files in directory foo will be created with 660 (directories with 770) permission in the group somegroup. Also, the user www-data will get read (directories also execute) rights.


Montag, Oktober 22nd, 2012

On Debian/Ubuntu it happens that old kernel packages accumulate with the regular updates. Those use up a lot of space (about 100MB per version). Removing old, unused kernels manually is a boring task, that’s why I wrote a script: kernel-clean. It checks for the currently running and the newest installed kernel and removes all others.

Get the code on Github:

__FILE__ in JavaScript

Montag, Oktober 15th, 2012

Many programming languages provide a magic __FILE__ variable which holds the path to the currently executing file. JavaScript unfortunately don’t. Using several sources, I implemented a __FILE__ variable for JavaScript. Unfortunately it does not work in all browsers, especially not in Internet Explorer and Safari. There seems to be a possibility for IE10, but lacking a Windows 8 machine I can’t test it. If you find a way for these browsers or other improvements please contribute your code.

Here’s the source code:

Sources I used for this GIST:

Apache2 AuthExternal and WebDav

Freitag, März 25th, 2011

Now for something technically more challenging, because it cost me several hours of debugging, but was pretty simple actually. In case somebody else on the world tries to restrict read/write-permissions to a WebDav directory with the AuthExternal module, they can find a solution here :)

For my newest project in work I am setting up a project server offering Git repositories, a web page and maybe more. Something similar to GitHub but we want to maintain the repositories ourselves. I’m using Drupal for the web page and the access control and a selfwritten module (called Git Repository) for the interaction with the Git archives (I didn’t really find a matching module for this job, at least for Drupal 7).

Access to the Git Repositories is limited to http(s) via WebDav currently, using the Apache2 AuthExternal module for authentication. In the „Git Repository“-module there are two scripts which handle interaction – they connect to Drupal asking for read/write-permission to the linked node.

For checking read/write-permission I used this howto, but I had the problem it didn’t work, write access was still possible to the directory, though the script returned the correct exit-codes.

This is the .htaccess-file:
AuthType Basic
AuthName "Repository"
AuthBasicProvider external
AuthExternal git_repo
GroupExternal git_repo
Require group may_write
Require group may_read

According to the howto this should be correct … and it is, I tested it without GroupExternal authentication. After several hours of debugging I came up with a really simple solution:

Apparently GroupExternal does a fall-back to the default „Require group“ statement in case the limited „Require group“ statement fails. So my simple solution was to just use negative logic:
AuthType Basic
AuthName "Repository"
AuthBasicProvider external
AuthExternal git_repo
GroupExternal git_repo
Require group may_read
Require group may_write

Voila, problem solved.


Dienstag, Juli 20th, 2010

A couple of years back I developed a script for the backups at the institute where I’m working, it’s called the CGA-Backup. Unfortunately this script is no longer in use there, as my colleagues preferred to change to a more popular solution (BackupPC). Anyway, there are still people using this script and I’m willing to maintain it, as I still use it for private projects and think it’s a nifty piece of code. As I’m lately opening my projects up at Gitorious, I also plucked it from the closed environment of our SVN-server. Here you are.

The Zeitgeist movement

Dienstag, Januar 19th, 2010

A couple of days ago somebody gave me a DVD with the movie „Zeitgeist„, which is distributed freely over the internet and by DVD (if you like it you can burn a copy, make a special cover out of a A4 sheet of paper, and distribute it). I was quite curious about this movie, as it is about Change in our world.

Actually it was quite interesting, most of it questions our economic system based on monetary values, which – according to the movie – is one of the main reasons for inequalities on Earth, as one of its basics is debt and scarcity. Which is true in many ways, in the last century poverty and hunger massively increased and state debts multiplied, although progress developed many new inventions which might obsolete poverty, famines and diseases. It’s true, the „western world“ exploits their inhabitants and the poorer regions of Earth.

A big part of the movie are world conspiracies, performed by the U.S.A., who are accused of assaulting leaders of developing countries to keep up their influence and fight against democratization of their countries. This is something where I don’t know what to think, I can’t believe that a nation can do this without noticing and being held responsible for this. On the other hand it sounds pretty reasonable, e.g. it’s a matter of fact, that (at least some) of the last wars (e.g. Iraque) have been fought due to economic reasons. Without 9/11 this war might not have been possible. 9/11 also helped to implement surveillance laws (to oppress its inhabitants, living in permanent fear). Another example is the U.S. ignorance of global climate change.

The last part of the movie was rather disappointing to me, it’s about the Venus Project (the makers of the movie as it turns out). I’ve read about this project before and I regard it as immature (not to say bullshit). The Venus Project develops ideas for a society based on a „resource based economy“. Technical progress should enable us to live without any inequalities, totally based on renewable energies and so on (that’s the good part). But it sounds like an Utopia from the 1950s-1970s, with all those huge buildings and transportation systems in tubes and everybody has their own car (which runs on renewables, with a lot of security measures, and so on). Sorry. But that’s too late, those Utopias are stories from the past.

My biggest concern: Who manages the resources?  There’s a long page about their mighty resource based economy, but no explanation about its function. Even if an economy is not based on monetary values, somebody has to distribute those resources. How do I get food, a new computer or a car? They will never „fall from the sky“. Somebody has to produce it. Even if it is produced by machines, somebody has to build those machines. Will somebody (a person, company, organization or entity) will create it, „just because it feels right“? Somebody has to decide what should be build. Somebody has to decide where to build something.

This „who“ doesn’t have to be a single person. It can be a community. It could be an elite, but who decides who is that elite? It could be a democracy, but there are many kinds of democracies and most of them don’t produce equalities. I’m sure, we do need a new social system. Fast. Urgent. But the movie „Zeitgeist“ and the Venus Project don’t answer this question.

Have you seen this movie? What do you think about it? Ideas for a new social system?

State of the Map 2009

Freitag, Juli 17th, 2009

As announced on my blog before, last weekend I went to the OpenStreetMap (OSM)-conference in Amsterdam, called the ‚State of the Map‚. The schedule featured a dense program of interesting talks, and several coffee breaks for networking. This year the Friday was the business-day, filled with talks about data quality and using OSM data in applications. Saturday and Sunday were dedicated to the community, with talks about the state of the OSM in different countries, new challenges for the project as it gets bigger and bigger and applications, applications, applications.

Some of the things which were interesting to me on the conference:

Data quality is a big issue for most of the people I talk with, people just can’t imagine, that data collected by a community can compete with commercial data. It is true, that the OpenStreetMap still has big white holes, especially on the country side. On the other hand completeness in the densely built-up areas (especially Europe) is much higher than in commercial map data (points of interests, foot- and cycleways, …), although assessment of this data shows, that most of the data has been created by a couple of people. Still, comparison of the street data with commercial data (done in the UK with Ordnance Survey data) show a very high correlation. A big advantage of the OpenStreetMap is the high actuality of the data, data often gets uploaded as soon as changes in the real world happen.

One big advantage of the OpenStreetMap is the big community. In March of this year the 100.000th user registered, last week there were already 135.000 users. For sure not all users are really active in the project, but at least about 10.000 users were active during the last two months. The big players in mapping business (Navteq, Teleatlas) have around 800 employees. The next goal for the OpenStreetMap are 1.000.000 registered users, for this, the project has to become more user friendly and faster.

Talking about user friendliness, one very interesting project are the ‚Walking Papers‚, designed by Michael Migurski (who I unfortunately failed to have a chat with. I wanted to talk about another of his projects, Cascadenik, which is used by my project OpenStreetBrowser). The idea is as brilliant as it is simple – you print a map of the region you are interested in, as you walk around you mark missing details (points of interests, roads, road names), scan the papers back in and upload them to the server, where they became available as background in your (and everybody elses) editor, to be drawn after. You don’t even need a GPS for this, because you can guess the position on the map. If you don’t have a scanner, you can send your papers per mail to some address, and they get scanned in for you.

It’s not possible to fit all interesting things I learned on the conference into this blog post, therefore I recommend you the video site of the conference, where eventually all talks will appear (hopefully; from last year still some talks are missing). All pictures uploaded to Flickr got the tag sotm09, all twitter messages got the tag #sotm09. On more link: a new webpage showing some great examples of mapping efforts:

In total about 250 people (mostly male geeks) attended the conference. I had the opportunity to talk to some of them and present my project the OpenStreetBrowser. Most were pretty impressed – I still hope it gets famous ;)

E-Book Reader

Freitag, September 19th, 2008

I’d like one of those! Somebody wants to buy me one, when it’s available? And I want Linux on it or at least a possibility to write own applications for it.