weblog d’un abbe

20070531

Fedora 7 “MoonShine” released.

Filed under: Yippee!! — abbe @ 2045

Fedora 7 “Moonshine” released. :)

Advertisements

20070528

KAddressBook in Mutt

Filed under: Hacking — abbe @ 2355

Mutt+KAddressBook
Want to use KAddressBook in Mutt, try following script as $query_command in your .muttrc :

#!/usr/bin/env python
# Original version at: http://shove-it.de/open/jcm/muttquery.py

###############################################
# answer queries for mutt from kabc file
###############################################
import sys
import os
import re

KDE_ADDRESSBOOK=os.environ['HOME'] + '/.kde/share/apps/kabc/std.vcf'

# String to identify Mail address entrys in vcards
MAIL_INIT_STRING = r'EMAIL(?:;TYPE=PREF)?:'
# String to identify Name entrys in vcards
NAME_INIT_STRING = r'(?:F)?N:'

class vcard:
    def __init__(self, email, name):
        self.email = str(email)
        self.name = str(name)

def parseFile(file_name):
    if not os.access(file_name, os.F_OK|os.R_OK):
        print 'Cannot open file ' , file_name
        sys.exit(1)
    try:
        cf = open(file_name)
        cards = cf.read()
    finally:
        cf.close()
    re_vcard = re.compile(r'BEGIN:VCARD.*?END:VCARD', re.DOTALL)
    vcards = re_vcard.findall(cards)
    return vcards

def getMatches(vcards, search_string):
    lines = []
    search_re = re.compile(search_string, re.I)
    mail_re = re.compile(r'^' + MAIL_INIT_STRING + r'(.*)$', re.MULTILINE)
    name_re = re.compile(r'^' + NAME_INIT_STRING + r'(.*)$', re.MULTILINE)
    
    for loop_vcard in vcards:
        if search_re.search(loop_vcard):
            if mail_re.search(loop_vcard) != None:
                tmp_mail = mail_re.findall(loop_vcard)
                if name_re.search(loop_vcard) != None:
                    tmp_name = name_re.search(
                        loop_vcard).group(1).replace(';', ' ').strip()
                else:
                    tmp_name = ''
                for mail in tmp_mail:
                    my_vcard = vcard(mail.strip(), tmp_name)
                    lines.append(my_vcard)
    return lines



# main program starts here
vcards = parseFile(KDE_ADDRESSBOOK)
try:
    search_string = sys.argv[1]
except IndexError:
    print 'Use only with an argument'
    sys.exit(1)

lines = getMatches(vcards, search_string)
print 'Searched ' + str(vcards.__len__()) + ' vcards, found ' + str(
    lines.__len__())+ ' matches.'
for line in lines:
    #tmp_fill = (40 - line.email.__len__() ) * ' '
    print '%s\t%s' % (line.email, line.name)
    #print '%s' % line.email,

if lines.__len__() > 0:
    sys.exit(0)
else:
    sys.exit(1)

Generifying JavaCUP – II

Filed under: Hacking — abbe @ 0221

While going through one of my old blog posting Generifying JavaCUP (original), I found that I’ve forgot to post source code of JavaCUP (generified by me). Anyways, I’ve uploaded the code (available under same license as JavaCUP ), and it is available from following link:

http://wahjava.googlepages.com/javacup-gj.beta.tbz2

Happy JavaCUPing :-)

20070527

DNS-SD

Filed under: Research — abbe @ 0116

DNS-SD
DNS-SD

20070521

ACLs supported by ext3 filesystem.

Filed under: Research — abbe @ 2215

Just found out that ext3 filesystem supports ACLs. In order to enable just add acl mount option while mounting. e.g. Following is my ACLed /etc/fstab:

LABEL=/                 /                   ext3    defaults,acl    1 1 
LABEL=/boot             /boot               ext3    defaults,acl    1 2
devpts                  /dev/pts            devpts  gid=5,mode=620  0 0
tmpfs                   /dev/shm            tmpfs   defaults        0 0
LABEL=/home             /home               ext3    defaults,acl    1 2
proc                    /proc               proc    defaults        0 0
sysfs                   /sys                sysfs   defaults        0 0
/dev/sda7               swap                swap    defaults        0 0
/dev/sda2               /mnt/0              vfat    noauto,user,rw  0 0 

Not only there are CLI tools for managing ACLs but also GUI. Following is the KDE File Properties dialog box when ACLs are enabled

POSIX Filesystem ACLs in KDE
Click on Advanced Permissions button.
POSIX Filesystem ACLs in KDE
Here you can set ACL for a file. The CLI commands are getfacl and setfacl.

[wahjava@chatteau Desktop]$ getfacl Photos/
# file: Photos
# owner: wahjava
# group: wahjava
user::rwx
group::r-x
mask::r-x
other::---
[wahjava@chatteau Desktop]$ setfacl -nm g:toranon:rwx Photos/
[wahjava@chatteau Desktop]$ getfacl Photos/
# file: Photos
# owner: wahjava
# group: wahjava
user::rwx
group::r-x
group:toranon:rwx               #effective:r-x
mask::r-x
other::---

For usage of these commands, RTFM. Anyways happy ACLing :)

20070516

KavitaKosh.org

Filed under: Personal — abbe @ 0043

Just found http://www.kavitakosh.org – हिन्दी काव्य का एक विशाल संकलन

20070509

My experiment with inotify and Qt4

Filed under: Experiences, Fun, Hacking, Research — abbe @ 0144

Hello, inotified Qt4 world

My first Qt4 application demonstrating inotify feature of Linux kernel available under GNU GPL from http://wahjava.googlepages.com/ as inotify.tgz. :)

20070506

Windows Live Spaces fscked by standards

Filed under: Fun — abbe @ 0138

LoL on MS
LoL, I just found this, that Windows Live Spaces site sends out application/xhtml+xml; charset=utf-8 as Content-Type in HTTP Headers, but their site is full of XML errors :-D .

[wahjava@chatteau ~]$ telnet wahjava.spaces.live.com 80
Trying 65.55.199.153...
Connected to wahjava.spaces.live.com (65.55.199.153).
Escape character is '^]'.
GET / HTTP/1.1
Host: wahjava.spaces.live.com
Connection: Close

HTTP/1.1 200 OK
Connection: close
Date: Sat, 05 May 2007 19:38:03 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
MSNSERVER: H: BLUSPCWEBA012 V: 1 D: 1/1/2000
MSNSERVER: H: BLUSPCWEBA012 V: 1 D: 1/1/2000
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: wlru=http%3a%2f%2fwahjava.spaces.live.com%2fdefault.aspx; domain=spaces.live.com; path=/
Set-Cookie: S_VDT=Fri, 13 Apr 2007 21:28:00 GMT; expires=Tue, 08-May-2007 19:38:03 GMT; path=/
Set-Cookie: sc_straffcache_107=1p88VwmXkaj8gRH1PUyzSEctL9bLSb59AsPiQeHhyS79wwmxt9MJNsCHledyXWFEUc; domain=wahjava.spaces.live.com; path=/
Set-Cookie: sc_stgcls_107=MzQ5MGM5MjM0ZTRiMjUwZDE6K05XZVdJcGp5SUE9; domain=wahjava.spaces.live.com; expires=Mon, 04-Jun-2007 19:38:03 GMT; path=/
Set-Cookie: S_USI=0; expires=Tue, 08-May-2007 19:38:03 GMT; path=/
Last-Modified: Sat, 15 Jul 2006 18:30:31 GMT
Expires: Sat, 05 May 2007 19:38:03 GMT
Cache-Control: private
Content-Type: application/xhtml+xml; charset=utf-8
Content-Length: 26530



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN">
<html xmlns:spaces>
..... skipped

So, sorry for those who blog on Windows Live Spaces (no I don’t blog on Windows Live Spaces), but :-D .

20070505

Hacking first SELinux policy module

Filed under: Fun, Hacking — abbe @ 2146

Yesterday night, I found (using sudo tail /var/log/audit/audit.log) that there are some SELinux AVC denials due to eGroupware‘s phpsysinfo module. So this means I need to revise my previously created SELinux policy for httpd for eGroupware. So I jdownloaded current selinux-policy SRPM using yumdownloader (yumdownloader -e updates-source -e core-source --source selinux-policy). And then I installed it in my local rpmbuild tree. So, after installing it I produced following patch for changes I did to ~/rpmbuild/BUILD/serefpolicy-*/policy/modules/services/apache.te:

diff -urN serefpolicy-2.4.6/policy/global_tunables serefpolicy-2.4.6.new/policy/global_tunables
--- serefpolicy-2.4.6/policy/global_tunables	2007-05-05 15:06:48.000000000 +0530
+++ serefpolicy-2.4.6.new/policy/global_tunables	2007-05-04 21:00:49.000000000 +0530
@@ -104,6 +104,13 @@
 gen_tunable(allow_httpd_anon_write,false)
 
 ## <desc>
+## <p>Allow apache to retrieve/send mails
+## using external mail servers, by connecting
+## to 'smtp' and 'pop3'/'imap' ports.</p>
+## </desc>
+gen_tunable(allow_httpd_egroupware,false)
+
+## <desc>
 ## <p>
 ## Allow Apache to use mod_auth_pam
 ## </p>
diff -urN serefpolicy-2.4.6/policy/modules/services/apache.te serefpolicy-2.4.6.new/policy/modules/services/apache.te
--- serefpolicy-2.4.6/policy/modules/services/apache.te	2007-05-05 15:06:48.000000000 +0530
+++ serefpolicy-2.4.6.new/policy/modules/services/apache.te	2007-05-05 15:05:34.000000000 +0530
@@ -337,6 +337,29 @@
 	allow httpd_t httpd_unconfined_script_exec_t:dir r_dir_perms;
 ')
 
+# hack for egroupware application
+tunable_policy(`allow_httpd_egroupware', `
+	corenet_tcp_connect_pop_port(httpd_t)
+	corenet_tcp_sendrecv_pop_port(httpd_t)
+	corenet_tcp_connect_smtp_port(httpd_t)
+	corenet_tcp_sendrecv_smtp_port(httpd_t)
+	miscfiles_read_hwdata(httpd_t)
+	mount_exec(httpd_t)
+	kernel_read_fs_sysctls(httpd_t)
+	dev_read_usbfs(httpd_t)
+	rpc_read_nfs_state_data(httpd_t)
+	files_read_etc_runtime_files(httpd_t)
+	init_read_utmp(httpd_t)
+	kernel_read_network_state(httpd_t)
+#allow httpd_t etc_runtime_t:dir search;
+#allow httpd_t initrc_var_run_t:file read;
+#allow httpd_t proc_net_t:dir search;
+#allow httpd_t mount_exec_t:file execute;
+#allow httpd_t sysctl_fs_t:dir search;
+#allow httpd_t usbfs_t:dir search;
+#allow httpd_t var_lib_nfs_t:dir search;
+	')
+
 tunable_policy(`httpd_enable_cgi && httpd_unified && httpd_builtin_scripting',`
 	domain_auto_trans(httpd_t, httpdcontent, httpd_sys_script_t)
 	allow httpd_t httpd_sys_script_t:fd use;
@@ -716,6 +739,7 @@
 	snmp_dontaudit_write_snmp_var_lib_files(httpd_t)
 ')
 
+
 ########################################
 #
 # httpd_rotatelogs local policy

After this I modified, selinux-policy.spec to include my patch during package building. Now, after this I’ve built and installed the new SELinux policy RPM and now no more AVC denials due to eGroupware :)

But, what will happen, when selinux-policy* package(s) will get updated. It seems I need to repatch the new selinux-policy. Oops, this means for any new SELinuxed application, policy changes need to be done in selinux-policy package. :-( . So, then I realized I’m just making a workaround (or a hotfix or a जुगाड़) which is better than disabling SELinux but not a good solution, so I need something like SELinux policy module. So, I looked on FedoraProject.org, and I’ve found Packaging SELinux modules. So with the help of the article I hacked a SELinux policy module for eGroupware. The result of this hacking, selinux-policy-egroupware.src.rpm (md5sum: bb6f8456e84c929b6ae63b67dd194399) and selinux-policy-egroupware.noarch.rpm (md5sum: 90e1bf62212741b6d7892f195afcf4c1) are available for download. Anyways, happy SELinuxing… ;-)

20070501

WhatIsMyIP – a perl hack

Filed under: Hacking — abbe @ 2020

The script below will print the real IP address of the internet connection used:

#!/usr/bin/perl -w
#whatismyip.pl - This script uses http://www.whatismyip.com/ service.

use LWP::Simple;
use strict;

my $url = "http://www.whatismyip.com/";

my $content = get($url);
$content =~ s/.*<TITLE>WhatIsMyIP.com - (\d{1,3}?.\d{1,3}?.\d{1,3}?.\d{1,3}?)<\/TITLE>.*/$1/sig ;
print $content;

So, now I can DynDNS from my box instead of my ADSL modem :)

Create a free website or blog at WordPress.com.