Apache with Security Enhanced Linux

This blog moved to a new location, please visit us at http://ramble.m2m.at.

From Quick HOWTO : Ch20 : The Apache Web Server:

Fedora Core 3 introduced the concept of security contexts as part of the Security Enhanced Linux (SELinux) definition. A Web page may have the right permissions, but the Apache httpd daemon won't be able to read it unless you assign it the correct security context or daemon access permissions. Context-related configuration errors will give "403 Forbidden" browser messages, and in some cases, you will get the default Fedora Apache page where your expected Web page should be.

... to view the security context:

ls -Z

... to set web context for the current folder and it's sub folders:

chcon -R -h -t httpd_sys_content_t .

Controlling Access to Services

This blog moved to a new location, please visit us at http://ramble.m2m.at.

ntsysv

This is a text-based application that allows you to configure which services are started at boot time for each runlevel. Non-xinetd services can not be started, stopped, or restarted using this program.

chkconfig

This is a command line utility that allows you to turn services on and off for the different runlevels. Non-xinetd services can not be started, stopped, or restarted using this utility.

[excerpt from Red Hat Enterprise Linux Deployment Guide]

Vacation message using procmail

This blog moved to a new location, please visit us at http://ramble.m2m.at.

If you use procmail to filter messages, you can use it also to setup a vacation email response:

1. Create a file called vacation.txt and fill it with your "vacation message".
2. Create a file called vacation.rc fill it with the following commands (and don't forget to adjust the values for USER, DOMAIN, and PATHxxx to your needs):

:0 Whc: vacation.lock
* .*for <USER@DOMAIN>
* !^FROM_DAEMON
* !^X-Loop: USER@DOMAIN
| formail -rD 8192 vacation.cache
:0 ehc
| (formail -rA"Precedence: junk (autoreply)" \
-A"X-Loop: USER@DOMAIN" ; \
cat PATHTOVACATIONMESSAGE/vacation.txt \
) | PATHTOSENDMAIL/sendmail -oi -t

3. Find your .procmailrc file and add the following line after your filter commands (again adjust the PATH):

#INCLUDERC=PATHTORCFILE/vacation.rc

If you receive now an email at USER@DOMAIN and it is not filtered out by your spam filter, the vacation commands are activated. It checks if the email is for you, does not originate from a mailing list, and is not been processed before. It also creates a file called vacation.cache, where it stores the email addresses to which a vacation message has already been sent, in order to do not send such a message again (don't forget to delete it when you deactivate the vacation filter). At last it replies with the message stored in vacation.txt.
The "Precedence: junk (autoreply)" helps to avoid bouncing messages from other MTAs.

Wonders of Typo3

This blog moved to a new location, please visit us at http://ramble.m2m.at. 

A lot of people complain about Typo3. They say it is too heavy for a CMS. Perhaps they are right - it is not for script kiddies. It takes some time to get used to it. But it pays!

Today a customer complained, that one of his pages in Typo3 was missing completely. He was right, it was not there any more. What happened, was that one of his employees accidentally deleted the wrong page. No problem for Typo3.

Unfortunately there was no content versioning enabled, which made it a little bit more work:

- open the database
- find the page (write down the pid)
- change deleted from 1 to 0
- do the same for all content entries for that pid
- open the administrator of Typo3
- move the page to its correct location
- reposition the content inside the page

... done in 5 minutes

Howto shutdown Linux box automatically?

This blog moved to a new location, please visit us at http://ramble.m2m.at.

Do it once:
e.g. shutdown your linux box at 7:30 January 10th:

at 7:30 jan 10
> shutdown -h now
> CTRL-D

... make sure the at daemon is running:

/etc/init.d/atd start or rcatd start for SuSE

... and check your at queue:

atq

Do it regularly:
e.g. kill your computer every day at midnight (to make sure you get enough sleep):

crontab -e -u root
> 0 0 * * * /sbin/shutdown -h now
... save and exit ...

Typo3 Sitemap Hacks

This blog moved to a new location, please visit us at http://ramble.m2m.at.

The creation of site maps in typo3 is pretty straight forward. You can either use the built-in site-map function or the extension fl_seo_sitemap. The later has the advantage to be adjustable using CSS.

Have a look at en example for a human readable site map.

For the automatic creation of a site map for google in XML format, there exists another nice extension mc_googlesitemap. It provides functions not only to create site maps for the pages inside the typo3 CMS but also for database content such as news items. At our system, the site maps for content items did not work at first. A look at the source code showed the problem. We did not have the news items assigned to a news category. After doing so the site map worked.

Here are examples for a google site map for pages, a google site map for content items, and finally a google site map which links the other two together.

MediaWiki Hacks III

This blog moved to a new location, please visit us at http://ramble.m2m.at.

To integrate RSS feeds there are a couple extensions for MediaWiki. The most up to date extension seems to be GISWiki/RSS which uses Magpie RSS as back end to fetch the RSS feeds.

To enable blogger atom feeds some tweaks are necessary to match the different formats:

Find the comment "# Bild items" and enter the following lines into the following foreach loop:

if (isset($item['atom_content'])) {
 $item['description'] =& $item['atom_content'];
 $item['date_timestamp'] = parse_w3cdtf($item['published']);
}

Above the "# Bild items" comment there is another foreach loop. Place the following lines inside that loop right after the if statement.

if (isset($item['atom_content']) && $item['atom_content']) {
 $description = true; break;
}

Because we did not want to show the complete description we added the following function to truncate the text:

function mTruncate($string, $length = 200, $etc = ' ...') {
 if ($length == 0) return '';
 $string = strip_tags($string);
 if (strlen($string) <= $length) return $string;       
 $length -= strlen($etc);       
 return substr(preg_replace('/\s+?(\S+)?$/', '',     
   substr($string, 0, $length+1)), 0, $length).$etc; 
}

To activate the truncate function we changed the following line

if ($text) $output.="\n$text";

to

if ($text) $output .= "\n" . mTruncate($text);

multilang breaks NOSECTIONEDIT magic word
To fix this we had to add the following line:

  $parser->mOptions->mEditSection = false; 

MediaWiki Hacks II

This blog moved to a new location, please visit us at http://ramble.m2m.at.

An extension to create google sitemaps:
http://www.mediawiki.org/wiki/Extension:Google_Sitemap

vi - goto line n

This blog moved to a new location, please visit us at http://ramble.m2m.at.

To go to a certain line in vi enter the line number and then G ...

MediaWiki Hacks

This blog moved to a new location, please visit us at http://ramble.m2m.at.

New Start Page with $wgUseDatabaseMessages = true
Go to MediaWiki:Mainpage and enter your new star page.

New Start Page with $wgUseDatabaseMessages = false
Add the follwing code to your LocalSettings.php file:

if (empty($_GET['title'])) $_REQUEST['title'] = 'NewStartPage';

Multi-Language Extension for MediaWiki
http://www.mediawiki.org/wiki/Extension:Multilang

Change Sidebar with $wgUseDatabaseMessages = true
Go to MediaWiki:Sidebar and enter your changes.

Change Sidebar with $wgUseDatabaseMessages = false
Add your changes in Messages.php and all MessagesXX.php you use.