gergely/gergelypolonkai-web-jekyll
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Redesign for Github Pages

Browse Source
This commit is contained in:
Gergely Polonkai
2014-06-26 18:48:13 +02:00
parent c76175799b
commit 1501da4d18
128 changed files with 4245 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
_posts/2011-05-12-ethical-hacking-2011.markdown Normal file
View File

@@ -0,0 +1,29 @@
---
layout: post
title: "Ethical Hacking 2012"
date: 2011-05-12 20:54:42+00:00
tags: [conference]
permalink: /blog/2011/5/12/ethical-hacking-2011
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Today I went to the Ethical Hacking conference with my boss. It was my first
appearance at such conferences, but I hope there will be more. Although we
just started to redesign our IT security infrastructure with a 90% clear goal,
it was nice to hear that everything is vulnerable. I was thinking if we should
sell all our IT equipments, fire all our colleagues (you know, to prevent
social engineering), and move to the South Americas to herd llamas or sheep,
so the only danger would be some lurking pumas or jaguars. Or I simply leave
my old background image on my desktop, from the well-known game, which says:
Trust is a weakness.
Anyways, the conference was really nice. We heard about the weaknesses of
Android, Oracle, and even FireWire. They showed some demos about everything,
exploited some free and commercial software with no problem at all. We have
seen how much power the virtualisation admin has (although I think it can be
prevented, but Im not sure yet). However, in the end, we could see that the
Cloud is secure (or at least it can be, in a few months or so), so Im not
totally pessimistic. See you next time at Hacktivity!

88
_posts/2011-05-12-gentoo-hardened-desktop-with-gnome-3-round-one.markdown Normal file
View File

@@ -0,0 +1,88 @@
---
layout: post
title: "Gentoo hardened desktop with GNOME 3 Round one"
date: 2011-05-12 20:32:41+00:00
tags: [gentoo, gnome3, selinux]
permalink: /blog/2011/5/12/gentoo-hardened-desktop-with-gnome-3-round-one
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
After having some hard times with Ubuntu (upgrading from 10.10 to 11.04), I
decided to switch back to my old friend, Gentoo. As Im currently learning
about Linux hardening, I decided to use the new SELinux profile, which
supports the v2 reference policy.
Installation was pretty easy, using the [Gentoo x86
Handbook](http://www.gentoo.org/doc/hu/handbook/handbook-x86.xml). This profile
automatically turns on the `USE=selinux` flag (so does the old SELinux
profile), but deprecated `FEATURE=loadpolicy` (which is turned on by the
profile, so portage will complain about it until you disable it in
`/etc/make.conf`).
For the kernel, I chose `hardened-sources-2.6.37-r7`. This seems to be recent
enough for my security testing needs. I turned on both SELinux, PaX and
grsecurity. So far, I have no problem with it, but I dont have X installed
yet, which will screw up things for sure.
After having those hard times with Ubuntu mentioned before, I decided not to
install Grub2 yet, as it renders things unusable (eg. my Windows 7
installation, which I sometimes need at the office). So I installed Grub 0.97
(this is the only version marked as stable, as I remember), touched
`/.autorelabel`, and reboot.
My first mistake was using an UUID as the root device on the kernel parameter
list (I dont want to list all the small mistakes like forgetting to include to
correct SATA driver from my kernel and such). Maybe I was lame, but after
including `/dev/sda5` instead of the UUID thing, it worked like…
Well, charm would not be the good word. For example, I forgot to install the
lvm2 package, so nothing was mounted except my root partition. After I
installed it with the install CD, I assumed everything will be all right, but
I was wrong.
udev and LVM is a critical point in a hardened environment. udev itself
doesnt want to work without the `CONFIG_DEVFS_TEMPFS=y` kernel option, so I
also had to change that. It seemed that it can be done without the install CD,
as it compiled the kernel with no problems. However, when it reached the point
when it compresses the kernel with gzip, it stopped with a `Permission denied`
message (although it was running with root privileges).
The most beautiful thing in the hardened environment with Mandatory Access
Control enabled) is that root is not a real power user any more by default.
You can get this kind of messages many times. There are many tools to debug
these, I will talk about these later.
So, my gzip needed a fix. After digging a bit on the Internet, I found that
the guilty thing is text relocation, which can be corrected if gzip is
compiled with PIC enabled. Thus, I turned on `USE=pic` flag globally, and
tried to remerge gzip. Of course it failed, as it had to use gzip to unpack
the gzip sources. So it did when I tried to install the PaX tools and gradm to
turn these checks off. The install CD came to the rescue again, with which I
successfully recompiled gzip, and with this new gzip, I compressed my new
kernel, with which udev started successfully. So far, so good, lets try to
reboot!
Damn, LVM is still not working. So I decided to finally consult the Gentoo
hardened guide. It says that the LVM startup scripts under `/lib/rcscripts/…`
must be modified, so LVM will put its lock files under `/etc/lvm/lock` instead
of `/dev/.lvm`. After this step and a reboot, LVM worked fine (finally).
The next thing was the file system labelling. SELinux should automatically
relabel the entire file system at boot time whenever it finds the
`/.autorelabel` file. Well, in my case it didnt happen. After checking the
[Gentoo Hardening](http://wiki.gentoo.org/wiki/Hardened_Gentoo) docs, I realised that the `rlpkg` program does exactly the same
(as far as I know, it is designed specifically for Gentoo). So I ran `rlpkg`,
and was kind of shocked. It says it will relabel ext2, ext3, xfs and JFS
partitions. Oh great, no ext4 support? Well, consulting the forums and adding
some extra lines to `/etc/portage/package.keywords` solved the problem (`rlpkg`
and some dependencies had to have the `~x86` keyword set). Thus, `rlpkg`
relabelled my file systems (I checked some directories with `ls -lZ`, it seemed
good for me).
Now it seems that everything is working fine, except the tons of audit
messages. Tomorrow I will check them with `audit2why` or `audit2allow` to see if
it is related with my SELinux lameness, or with a bug in the policy included
with Gentoo.

35
_posts/2011-05-13-zabbix-performance-tip.markdown Normal file
View File

@@ -0,0 +1,35 @@
---
layout: post
title: "Zabbix performance tip"
date: 2011-05-13 19:03:31+00:00
tags: [zabbix, monitoring]
permalink: /blog/2011/5/13/zabbix-performance-tip
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Recently I have switched from [MRTG](http://oss.oetiker.ch/mrtg/) + [Cacti](http://www.cacti.net/) + [Nagios](http://www.nagios.org/) + [Gnokii](http://www.gnokii.org/) to [Zabbix](http://www.zabbix.com/), and I
must say Im more than satisfied with it. It can do anything the former tools
did, and much more. First of all, it can do the same monitoring as Nagios did,
but it does much more fine. It can check several parameters within one
request, so network traffic is kept down. Also, its web front-end can generate
any kinds of graphs from the collected data, which took Cacti away. Also, it
can do SNMP queries (v1-v3), so querying my switches port states and traffic
made easy, taking MRTG out of the picture (I know Cacti can do it either, it
had historical reasons we had both tools installed). And the best part: it can
send SMS messages via a GSM modem natively, while Nagios had to use Gnokii.
The trade-off is, I had to install Zabbix agent on all my monitored machines,
but I think it worths the price. I even have had to install NRPE to monitor
some parameters, which can be a pain on Windows hosts, while Zabbix natively
supports Windows, Linux and Mac OS/X.
So I only had to create a MySQL database (which I already had for NOD32
central management), and install Zabbix server. Everything went fine, until I
reached about 1300 monitored parameters. MySQL seemed to be a bit slow on disk
writes, so my Zabbix “queue” filled up in no time. After reading some forums,
I decided to switch to PostgreSQL instead. Now it works like charm, even with
the default Debian settings. However, I will have to add several more
parameters, and my boss wants as many graphs as you can imagine, so Im more
than sure that I will have to fine tune my database later.

29
_posts/2011-05-18-gentoo-hardened-desktop-with-gnome-3-round-two.markdown Normal file
View File

@@ -0,0 +1,29 @@
---
layout: post
title: "Gentoo hardened desktop with GNOME 3 Round two"
date: 2011-05-18 10:28:14+00:00
tags: [gentoo, gnome3, selinux]
permalink: /blog/2011/5/18/gentoo-hardened-desktop-with-gnome-3-round-two
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
After several hours of `package.keywords`/`package.use` editing and package
compiling, I managed to install GNOME 3 on my notebook. Well, I mean, the
GNOME 3 packages. Unfortunately the fglrx driver didnt seem to recognise my
ATI Mobility M56P card, and the open source driver didnt want to give me GLX
support. When I finally found some clues on what should I do, I had to use my
notebook for work, so I installed Fedora 14 on it. Then I realised that GNOME
3 is already included in Rawhide (Fedora 15), so I quickly downloaded and
installed that instead. Now I have to keep this machine in a working state for
a few days, so I will learn SELinux stuff in its native environment.
When I installed Fedora 14, the first AVC message popped up after about ten
minutes. That was a good thing, as I wanted to see `setroubleshoot` in action.
However, in Fedora 15, the AVC bubbles didnt show up even after a day. I
raised my left eyebrow and said thats impossible, SELinux must be disabled.
And its not! Its even in enforcing mode! And it works just fine. I like it,
and I hope I will be able to get the same results with Gentoo if I can get
back to testing…

41
_posts/2011-05-27-citrix-xenserver-vs-debian-5-0-upgrade-to-6-0.markdown Normal file
View File

@@ -0,0 +1,41 @@
---
layout: post
title: "Citrix XenServer 5.5 vs. Debian 5.0 upgrade to 6.0"
date: 2011-05-27 17:33:41+00:00
tags: [citrix-xenserver, debian]
permalink: /blog/2011/5/27/citrix-xenserver-vs-debian-5-0-upgrade-to-6-0
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Few weeks ago Ive upgraded two of our Debian based application servers from
5.0 to 6.0. Everything went fine, as the upgraded packages worked well with
the 4.2 JBoss instances. For the new kernel we needed a reboot, but as the
network had to be rebuilt, I postponed this reboot until the network changes.
With the network, everything went fine again, we successfully migrated our
mail servers behind a firewall. Also the Xen server (5.5.0, upgrade to 5.6
still has to wait for a week or so) revolted well with some storage disks
added. But the application servers remained silent…
After checking the console, I realised that they dont have an active console.
And when I tried to manually start them, XenServer refused with a message
regarding pygrub.
To understand the problem, I had to understand how XenServer boots Debian. It
reads the grub.conf on the first partitions root or `/boot` directory, and
starts the first option, without asking (correct me, if Im mistaken
somewhere). However, this pygrub thing can not parse the new, grub2 config.
This is kinda frustrating.
For the first step, I quickly installed a new Debian 5.0 system from my
template. Then I attached the disks of the faulty virtual machine, and mounted
all its partitions. This way I could reach my faulty 6.0 system with a chroot
shell, from which I could install the `grub-legacy` package instead of grub,
install the necessary kernel and XenServer tools (which were missing from both
machines somehow), then halt the rescue system, and start up the original
instance.
Next week I will do an upgrade on the XenServer to 5.6.1. I hope no such
problems will occur.

25
_posts/2011-05-27-oracle-database-incompatible-with-oracle-linux.markdown Normal file
View File

@@ -0,0 +1,25 @@
---
layout: post
title: "Oracle Database “incompatible” with Oracle Linux?"
date: 2011-05-27 17:53:31+00:00
tags: [linux, oracle]
permalink: /blog/2011/5/27/oracle-database-incompatible-with-oracle-linux
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Today I gave a shot to install [Oracle
Linux](http://www.oracle.com/us/technologies/linux/overview/index.html). I thought I could easily install
an Oracle DBA on it. Well, I was naive.
As only the 5.2 version is supported by XenServer 5.5, I downloaded that
version of Oracle Linux. Installing it was surprisingly fast and easy, it
asked almost nothing, and booted without any problems.
After this came the DBA, 10.2, which bloated an error message in my face
saying that this is an unsupported version of Linux. Bah.
Is it only me, or is it really strange that Oracle doesnt support their own
distro?

30
_posts/2011-06-10-proxy-only-non-existing-files-with-mod-proxy-and-mod-rewrite.markdown Normal file
View File

@@ -0,0 +1,30 @@
---
layout: post
title: "Proxy only non-existing files with mod_proxy and mod_rewrite"
date: 2011-06-10 14:20:43+00:00
tags: [apache]
permalink: /blog/2011/6/10/proxy-only-non-existing-files-with-mod-proxy-and-mod-rewrite
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Today I got an interesting task. I had to upload some pdf documents to a site.
The domain is ours, but we dont have access to the application server that is
hosting the page yet. Until we get it in our hands, I did a trick.
I enabled `mod_rewrite`, `mod_proxy` and `mod_proxy_http`, then added the following
lines to my apache config:
{% highlight apache %}
RewriteEngine on
RewriteRule ^/$ http://172.16.72.131:8080/ [QSA,L,P]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^/(.*) http://172.16.72.131:8080/$1 [QSA,L,P]
Order allow,deny
Allow from all
{% endhighlight %}
Im not totally sure its actually secure, but it works for now.

30
_posts/2011-09-18-inverse-of-sort.markdown Normal file
View File

@@ -0,0 +1,30 @@
---
layout: post
title: "Inverse of `sort`"
date: 2011-09-18 14:57:31
tags: [linux, command-line]
permalink: /blog/2011/9/18/inverse-of-sort
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Im using \*NIX systems for about 14 years now, but it can still show me new
things. Today I had to generate a bunch of random names. Ive create a small
perl script which generates permutations of some usual Hungarian first and
last names, occasionally prefixing it with a Dr. title or using double first
names. For some reasons I forgot to include uniqueness check in the script.
When I ran it in the command line, I realized the mistake, so I appended
`| sort | uniq` to the command line. So I had around 200 unique names, but in
alphabetical order, which was awful for my final goal. Thus, I tried shell
commands like rand to create a random order, and when many of my tries failed,
the idea popped in my mind (not being a native English speaker): “I dont have
to create «random order», but «shuffle the list». So I started typing `shu`,
pressed Tab in the Bash shell, and voilà! `shuf` is the winner, it does just
exactly what I need:
**NAME**
shuf - generate random permutations
Thank you, Linux Core Utils! :)

16
_posts/2011-12-11-why-you-should-always-test-your-software-with-production-data.markdown Normal file
View File

@@ -0,0 +1,16 @@
---
layout: post
title: "Why you should always test your software with production data"
date: 2011-12-11 12:14:51+00:00
tags: [development, testing, ranting]
permalink: /blog/2011/12/11/why-you-should-always-test-your-software-with-production-data
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Im writing a software for my company in PHP, using the Symfony 2 framework.
Ive finished all the work, created some sample data, it loaded perfectly. Now
I put the whole thing into production and tried to upload the production data
into it. Guess what… it didnt load.

29
_posts/2012-03-20-php-5-4-released.markdown Normal file
View File

@@ -0,0 +1,29 @@
---
layout: post
title: "PHP 5.4 released"
date: 2012-03-20 13:31:12+00:00
tags: [php]
permalink: /blog/2012/3/20/php-5-4-released
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
After a long time of waiting, PHP announced 5.4 release on 1 March (also,
today they announced that they finally migrate to Git, which is sweet from my
point of view, but it doesnt really matter).
About a year ago we became very agressive towards a developer who created our
internal e-learning system. Their database was very insecure, and they didnt
really follow industry standards in many ways. Thus, we forced them to move
from Windows + Apache 2.0 + PHP 5.2 + MySQL 4.0 to Debian Linux 6.0 + Apache
2.2 + PHP 5.3 + MySQL 5.1. It was fun (well, from our point of view), as their
coders… well… they are not so good. The code that ran “smoothly” on the
old system failed at many points on the new one. So they code and code, and
write more code. And they still didnt finish. And now 5.4 is here. Okay, I
know it will take some time to get into the Debian repositories, but its
here. And they removed `register_globals`, which will kill that funny code again
at so many points that they will soon get to rewrite the whole code to make it
work. And I just sit here in my so-much-comfortable chair, and laugh. Am I
evil?

34
_posts/2012-03-27-fast-world-fast-updates.markdown Normal file
View File

@@ -0,0 +1,34 @@
---
layout: post
title: "Fast world, fast updates"
date: 2012-03-27 06:18:43+00:00
tags: [linux]
permalink: /blog/2012/3/27/fast-world-fast-updates
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
We live in a fast world, thats for sure. When I first heard about Ubuntu
Linux and their goals, I was happy: they gave a Debian to everyone, but in
different clothes. It had fresh software in it, and even they gave support of
a kind. It was easy to install and use, even if one had no Linux experience
before. So people liked it. Ive even installed it on some of my servers
because of the new package versions that came more often. Thus I got an up to
date system. However, it had a price. After a while, security updates came
more and more often, and when I had a new critical update every two or three
days, Ive decided to move back to Debian. Fortunately I did this at the time
of a new release, so I didnt really loose any features.
After a few years passed, even Debian is heading this very same way. But as I
see, the cause is not the same. It seems that upstream software is hitting
these bugs, and even the Debian guys dont have the time to check for them. At
the time of a GNOME version bump (yes, GNOME 3 is a really big one for the
UN\*X-like OSes), when hundreds of packages need to be checked, security bugs
show off more often. On the other hand however, Debian is releasing a new
security update every day (I had one on each of the last three days). This, of
course, is good from one point of view as we get a system that is more secure,
but most administrators dont have maintenance windows this often. I can think
of some alternatives like Fedora, but do I really have to change? Dear fellow
developers, please code more carefully instead!

28
_posts/2012-06-14-wordpress-madness.markdown Normal file
View File

@@ -0,0 +1,28 @@
---
layout: post
title: "Wordpress madness"
date: 2012-06-14 06:40:12+00:00
tags: [wordpress, ranting]
permalink: /blog/2012/6/14/wordpress-madness
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Im a bit fed up that I had to install [MySQL](http://www.mysql.com/) on my
server to have [Wordpress](http://wordpress.org/) working, so Ive Googled a
bit to find a solution for my pain. I found this:
[http://codex.wordpress.org/Using_Alternative_Databases]. I dont know when
this post was written, but I think its a bit out of date. I mean come on, PDO
is the part of PHP for ages now, and they say adding a DBAL to the dependencies
would be a project as large as (or larger than) WP itself. Well,
yes, but PHP is already a dependency, isnt it? Remove it guys, its too
large!
Okay, to be serious… Having a heavily MySQL dependent codebase is a bad
thing in my opinion, and changing it is no easy task. But once it is done, it
would be a childs play to keep it up to date, and to port WP to other
database backends. And it would be more than enough to call it 4.0, and
raising version numbers fast is a must nowadays (right, Firefox and Linux
Kernel guys?)

28
_posts/2012-06-18-ssh-login-failed-on-red-hat-enterprise-linux-6-2.markdown Normal file
View File

@@ -0,0 +1,28 @@
---
layout: post
title: "SSH login FAILed on Red Had Enterprise Linux 6.2"
date: 2012-06-18 18:28:45+00:00
tags: [linux, selinux, ssh, red-hat]
permalink: /blog/2012/6/18/ssh-login-failed-on-red-hat-enterprise-linux-6-2
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Now this was a mistake I should not have done…
About a month ago I have moved my AWS EC2 machine from Amazon Linux to RHEL
6.2. This was good. I have moved all my files and stuff, recreated my own
user, everything was just fine. Then I copied my
[gitosis](https://github.com/tv42/gitosis) account (user `git` and its home
directory). Then I tried to log in. It failed. I was blaming OpenSSH for a week
or so, changed the config file in several ways, tried to change the permissions
on `~git/.ssh/*`, but still nothing. Permission were denied, I was unable to
push any of my development changes. Now after a long time of trying, I
coincidently `tail -f`-ed `/var/log/audit/audit.log` (wanted to open `auth.log`
instead) and that was my first good point. It told me that `sshd` was unable to
read `~git/.ssh/authorized_keys`, which gave me the idea to run `restorecon` on
`/home/git`. It solved the problem.
All hail SELinux and RBAC!

35
_posts/2012-06-22-upgrades-requiring-a-reboot-on-linux-at-last.markdown Normal file
View File

@@ -0,0 +1,35 @@
---
layout: post
title: "Upgrades requiring a reboot on Linux? At last!"
date: 2012-06-22 20:04:51+00:00
tags: [linux]
permalink: /blog/2012/6/22/upgrades-requiring-a-reboot-on-linux-at-last
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Ive recently received an article on Google+ about Fedoras new idea: package
upgrades that require a reboot. The article said that Linux guys have lost
their primary adoo: “Haha! I dont have to reboot my system to install system
upgrades!” My answer was always this: “Well, actually you should…”
I think this can be a great idea if distros implement it well. PackageKit was
a good first step on this road. That software could easily solve such an
issue. However, it is sooo easy to do it wrong. The kernel, of course, can not
be upgraded online (or could it be? I have some theories on this subject,
wonder if it can be implemented…), but other packages are much different.
From the users point of view the best would be if the packages would be
upgraded in the background seemlessly. E.g. PackageKit should check if the
given executable is running. If not, it should upgrade it, while notifying the
user like “Hey dude, dont start Anjuta now, Im upgrading it!”, or simply
denying to start it. Libraries are a bit different, as PackageKit should check
if any running executables are using the library. Meanwhile, PK should also
keep a notification somewhere telling the users that some packages could be
upgraded, but without stopping this-and-that, it can not be done.
I know these things are easier said than done. But I think (a) users should
tell such ideas to the developers and (b) developers (mostly large companies,
like Microsoft or Apple) should listen to them, and at least think of these
ideas. Some users are not as stupid as they think…

80
_posts/2012-09-05-some-thoughts-about-that-dead-linux-desktop.markdown Normal file
View File

@@ -0,0 +1,80 @@
---
layout: post
title: "Some thoughts about that dead Linux Desktop"
date: 2012-09-05 09:01:31+00:00
tags: [linux]
permalink: /blog/2012/9/5/some-thoughts-about-that-dead-linux-desktop
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
There were some arguments in the near past on [What Killed the Linux
Desktop](http://tirania.org/blog/archive/2012/Aug-29.html). After reading many
replies, like [Linus
Torvalds](http://www.zdnet.com/linus-torvalds-on-the-linux-desktops-popularity-problems-7000003641/),
I have my own thoughts, too.
I know my place in the world, especially in the online community. Im a Linux
user for about 15 years and a Linux administrator for 10 years now, beginning
with WindowMaker and something that I remember as GNOME without a version
number. I have committed some minor code chunks and translations in some minor
projects, so Im not really into it from the “write” side (well, until now,
since I have began to write this blog, and much more, but dont give a penny
for my words until you see it).
Im using Linux since 2.2 and GNOME since 1.whatever. Its nice that a program
compiled years ago still runs on todays Linux kernel, especially if you see
old DOS/Windows software failing to start on a new Windows 7 machine. I
understand Linus point that breaking external APIs is bad, and I think it can
work well on the kernels level. But the desktop level is much different. As
the Linux Desktop has such competitors (like OS/X and Windows Aero and Metro),
they have to give something new to the users almost every year to keep up with
them. Eye candies are a must (yes, of course my techy fellows, they are
worthless, but users *need* it), and they can not be created without extending
APIs. And the old API… well, it fades away fast. I dont really understand
however, why they have to totally disappear, like
[GTK_DIALOG_NO_SEPARATOR](http://developer.gnome.org/gtk/stable/GtkDialog.html#GtkDialogFlags)
in Gtk3. It could be replaced with a 0 value (e.g: it wont do anything). This
way my old Gtk2 program could compile with Gtk3 nicely. Also, there could be a
small software that goes through your source code and warn you about such
deprecated (and no-doer but still working) things. Porting applications between
Gtk (and thus, GNOME) versions became a real pain, which makes less enthusiast
programmers stop developing for Linux. Since Im a GNOME guy for years, I can
tell nothing about Qt and KDE, but for the GNOME guys, this is a bad thing. As
of alternatives, there is Java. No, wait… it turned out recently that [it has
several security
bugs](http://www.theregister.co.uk/2012/08/31/critical_flaw_found_in_patched_java).
Also its not that multiplatform as they say (I cant find the article on
that at the moment, but I have proof). Also, the JVMs out there eat up so much
resources, which makes it a bit hard and expensive to use.
Also, I see another problem: those blasted package managers. RPM, DPKG,
Portage, whatever. What the hell? Why are there so many? Why do developers
reinvent the wheel? The nave is too small or there are to few spokes? Come on…
we live in an open source world! Contribute to the one and only package manager
(which one is that I dont actually care)! Im sure the two (three, many)
bunches of develoeprs could make a deal. Thus, it could become better and
“outsider” companies would be happier to distribute their software for Linux
platforms.
And now that we get to the big companies. I dont really understand them.
nVidia and ATI made their own closed source drivers for Linux. Some other
hardware vendors also write Linux drivers, and as the kernel API doesnt really
change, they will work for a long time. But what about desktop
application vendors? Well, they try to stick to a desktop environment or two,
and if they change too frequently, they stop developing for Linux, like Skype
did (OK, maybe Skype has other reasons, but you see my point). But why? The
main part for Linux programs is the Linux kernel and the basic userland like
libc/stdlib++. If you write graphical software, it will have to use X-Windows.
Yes, its much different in many ways, mostly because they have a… well… pretty
ugly design by default. But still, its the same on every Linux distributions,
as it became somewhat an industry standard, as it was already on the market
back in the old UN\*X days. The protocol itself changed just like the Linux
kernel: almost no change at all, just some new features.
So what kills the Linux desktop in my opinion is these constant wars inside,
and the lack of support from the outside. Open Source is good, but until these
(mostly the first) problems are not resolved, Linux Desktop can do nothing on
the market. Its a downward spiral hard to escape.

76
_posts/2012-09-07-how-to-start-becoming-a-web-developer.markdown Normal file
View File

@@ -0,0 +1,76 @@
---
layout: post
title: "How to start becoming a web developer"
date: 2012-09-07 18:12:12+00:00
tags: [development, technology]
permalink: /blog/2012/9/7/how-to-start-becoming-a-web-developer
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
A friend of mine asked me today how to become a web developer. It took me a
while, but I made up a checklist. Its short, but its enough for the first
steps.
#### First of all, learn English
Well, if you read this, maybe this was a bad first point…
#### Choose a language and stick to it!
For the UN\*X/Linux line, there is PHP. Its free, easy to learn, and has many
free tools and documentations available. It can be used in a functional or an
object-oriented way.
C# is another good way to start, but for the Windows line. Its fully object-
oriented, and the web is full of tutorials, how-tos and other resources.
#### Learn the basics of the system you are working on
To become a good developer, learn at least the basics of the system you are
working on. Basic commands can always come in handy. Debugging (yes, you will
do tons of bugs for sure) can become much easier if you know the huge set of
tools provided by your OS. You should also try to develop in the chosen
environment. Chose PHP? Get a Linux desktop! ASP.NET? Get a Windows.
Everything will be much easier!
#### Learn the basics of the web server you are using
PHP can run on [Apache](http://httpd.apache.org/) (as a module), or any
CGI-capable webserver, like [lighttpd](http://www.lighttpd.net/) or
[nginx](http://nginx.org/) (well, it can also run on IIS, but trust me: you
dont want that). ASP.NET is designed for IIS, and although some scripts can
be run under a mono-capable server, it should still stay there.
Whichever you choose, learn the basics! How to start and stop the service,
basic configuration methods, modules/extensions, and so on. Its more than sure
that you will face some issues while developing, so it can never hurt.
#### Keep your versions under control
Version control is critical nowadays. It gives you a basic backup solution,
can come in handy with debugging, and if you ever want to work in a team, you
will badly need it.
Subversion is a bit out of date now, and its kind of hard to set up.
Git is no easy. You will have to learn a lot of stuff, but basicly its just
another version control system. Just choose if you want to stick to
merge-then-commit or rebase-then-commit, get a client, and get on the run.
Microsofts Team Foundation is another good way if you are working in a team.
It provides several other features besides version controlling, and is well
integrated into Visual Studio, which is highly recommended for Windows based
development.
#### Choose an environment to work in
There are so many good tools out there. You should choose according to the
language and OS on what you are working on. [Zend
Studio](http://www.zend.com/en/products/studio) or
[Netbeans](https://netbeans.org/) are both good tools for PHP development,
while [Visual Studio](http://www.visualstudio.com/) is a best buy for Windows
development. Both of these have many ups and downs, but once you get in touch
with their deeper parts, you will like them.

19
_posts/2012-09-10-do-not-track-in-ie10-vs-apache.markdown Normal file
View File

@@ -0,0 +1,19 @@
---
layout: post
title: "Do-Not-Track in IE10 vs. Apache"
date: 2012-09-10 20:22:32+00:00
tags: [apache, technology]
permalink: /blog/2012/9/10/do-not-track-in-ie10-vs-apache
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
[Apache developer decided not to accept Do-Not-Track headers from IE10
users](http://arstechnica.com/security/2012/09/apache-webserver-updated-to-ignore-do-not-track-settings-in-ie-10/),
because its enabled by default. So… if I install a plugin that hides the
fact from the web server that Im using IE10, I become eligible of using
it. But if I do this, I simply became eligible because I consciously installed
that addon, so I could actually use it without hiding the fact. Sorry if
Im a bit Philosoraptorish…

78
_posts/2012-09-16-symfony-2-create-role-and-class-based-acls-with-your-roles-coming-from-the-orm.markdown Normal file
View File

@@ -0,0 +1,78 @@
---
layout: post
title: "Symfony 2 Create role- and class-based ACLs with your roles coming from the ORM"
date: 2012-09-16 18:39:25+00:00
tags: [php, symfony]
permalink: /blog/2012/9/16/symfony-2-create-role-and-class-based-acls-with-your-roles-coming-from-the-orm
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
During the last weeks I had some serious issues with one of my private Symfony
2 projects. One of my goals was to create a dynamic security system, e.g my
administrators wanted to create roles, and grant these roles access to
different object types (classes) and/or objects.
So I have created a `User` entity, which implements `UserInterface` and
`AdvancedUserInterface`, the latter for the possibility to enable/disable
accounts and such. It had a `$roles` property, which was a `ManyToMany` relation
to the `Role` entity, which implemented `RoleInterface`. Also I have created my
own role hierarchy service that implements `RoleHierarchyInterface`.
So far so good, first tests. It soon turned out that if `User::getRoles()`
returns a `DoctrineCollection` as it does by default, then the standard
{% highlight php %}
$this->get('security.context')->isGranted('ROLE_ADMIN');
{% endhighlight %}
doesnt work. I know, it should not be hard coded, as my roles and permission
tables are dynamic, I have just tested. So I fixed my `User` entity so
`getRoles()` returns an array of `Role` objects instead of the
`DoctrineCollection`. Also I implemented a `getRolesCollection()` method to
return the original collection, but I think it will never be used.
After that, I had to implement some more features so I put this task away.
Then, I tried to create my first ACL.
{% highlight php %}
$securityIdentity = new RoleSecurityIdentity('ROLE_ADMIN');
$objectIdentity = new ObjectIdentity('newsClass', 'Acme\\DemoBundle\\Entity\\News');
$acl = $aclProvider->createAcl($objectIdentity);
$acl->insertClassAce($securityIdentity, MaskBuilder::MASK_OWNER);
$aclProvider->updateAcl($acl);
{% endhighlight %}
I was about to check if the user who is logged in has an `OWNER` permission on
the `User` class.
{% highlight php %}
$this->objectIdentity = new ObjectIdentity(self::OBJECT_ID, self::OBJECT_FQCN);
if ($this->securityContext->isGranted('OWNER', $this->objectIdentity) === false) {
throw new AccessDeniedException('You dont have the required permissions!');
}
{% endhighlight %}
The ACL was defined based on a role, so everyone who had the `ROLE_ADMIN` role
should gain access to the user listing page. But they didnt. It took several
weeks to find the cause, I have put it on
[stackoverflow](http://stackoverflow.com/questions/12057795/symfony-2-1-this-getsecurity-context-isgrantedrole-admin-returns-fa)
and the Symfony Google Group, but no usable answers.
Then I went off for debugging. Setting up NetBeans for xdebug-based PHP
debugging was real fun under Fedora, but thats another story. After a while I
have found that Symfonys basic access decision manager checks for
`$role->getRole()` only if `$role` is an instance of
`Symfony\Component\Security\Core\Role\Role`, instead of checking if the object
implements `Symfony\Component\Security\Core\Role\RoleInterface`. So Ive
checked if the bug is already reported. It turned out that it was, and my
solution was available in a specific commit about a year ago, but as [Johannes
Schmitt commented, it would introduce a security
issue](https://github.com/symfony/symfony/commit/af70ac8d777873c49347ac828a817a400006cbea),
so it was reverted. Unfortunately neither Johannes Schmitt, nor Fabien
Potencier (nor anyone else) could (or wanted) to tell about this issue. So the
final (and somewhat hack-like) solution was to extend
`Symfony\Component\Security\Core\Role\Role`. And boom! It worked.

25
_posts/2012-10-07-smsgateway-and-smssender.markdown Normal file
View File

@@ -0,0 +1,25 @@
---
layout: post
title: "SmsGateway and SmsSender"
date: 2012-10-07 00:10:26+00:00
tags: [development, php, symfony]
permalink: /blog/2012/10/7/smsgateway-and-smssender
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
I have just uploaded my SmsGateway, SmsSender and SmsSenderBundle packages to
[GitHub](http://github.com/gergelypolonkai) and
[Packagist](http://packagist.org). I hope some of you will find it useful.
* SmsGateway
* [GitHub](https://github.com/gergelypolonkai/smsgateway)
* [Packagist](https://packagist.org/packages/gergelypolonkai/smsgateway)
* SmsSender
* [GitHub](https://github.com/gergelypolonkai/smssender)
* [Packagist](https://packagist.org/packages/gergelypolonkai/smssender)
* SmsSenderBundle
* [GitHub](https://github.com/gergelypolonkai/smssender-bundle)
* [Packagist](https://packagist.org/packages/gergelypolonkai/smssender-bundle)

26
_posts/2012-10-13-changing-the-session-cookie-s-name-in-symfony-2.markdown Normal file
View File

@@ -0,0 +1,26 @@
---
layout: post
title: "Changing the session cookies name in Symfony 2"
date: 2012-10-13 12:49:28+00:00
tags: [symfony, development]
permalink: /blog/2012/10/13/changing-the-session-cookie-s-name-in-symfony-2
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
I have a development server, on which I have several Symfony 2.x projects under
the same hostname in different directories. Now Im facing a funny problem
which is caused by that the cookies Symfony places for each of my projects have
the same name.
To change this, you will have to modify the `config.yml` file like this:
{% highlight yaml %}
session:
name: SiteSpecificSessionName
lifetime: 3600
{% endhighlight %}
I hope it helps some of you.

56
_posts/2012-12-20-symfony-2-configuration-array-of-associative-arrays.markdown Normal file
View File

@@ -0,0 +1,56 @@
---
layout: post
title: "Symfony 2 Configuration Array of associative arrays"
date: 2012-12-20 12:03:23+00:00
tags: [php, symfony]
permalink: /blog/2012/12/20/symfony-2-configuration-array-of-associative-arrays
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Few days ago I have struggled with a problem using Symfony2 configuration. I
wanted to add the following kind of configuration to `config.yml`:
{% highlight yaml %}
acme_demo:
transitions:
- { hc_cba: 180 }
- { cba_hc: -1 }
{% endhighlight %}
The problem was that the stuff under `transitions` is dynamic, so those
`hc_cba` and `cba_hc` tags can be pretty much anything. After hitting many
errors, I came to the solution:
{% highlight php %}
<?php
$rootNode
->children()
->arrayNode('state_machine')
->requiresAtLeastOneElement()
->beforeNormalization()
->ifArray()
->then(function($values) {
$ret = array();
foreach ($values as $value) {
foreach ($value as $transition => $time) {
$ret[] = array('transition' => $transition, 'time' => e);
}
}
return $ret;
})
->end()
->prototype('array')
->children()
->scalarNode('transition')->end()
->scalarNode('time')->end()
->end()
->end()
->end()
->end()
;
{% endhighlight %}

14
_posts/2013-01-05-development-man-pages-on-fedora.markdown Normal file
View File

@@ -0,0 +1,14 @@
---
layout: post
title: "Development man pages on Fedora"
date: 2013-01-05 18:20:41+00:00
tags: [development, fedora]
permalink: /blog/2013/1/5/development-man-pages-on-fedora
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
If you use Fedora (like me), and cant find the development manual pages for
e.g. `printf(3)` (like me), just `yum install man-pages` (like me).

99
_posts/2013-01-06-registering-an-enum-type-in-glib-s-type-system.markdown Normal file
View File

@@ -0,0 +1,99 @@
---
layout: post
title: "Registering an enum type in GLibs type system"
date: 2013-01-06 02:34:03+00:00
tags: [c, development, glib]
permalink: /blog/2013/1/6/registering-an-enum-type-in-glib-s-type-system
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
I faced a problem in my [GLib](https://developer.gnome.org/glib/) self-teaching
project, [wMUD](https://github.com/gergelypolonkai/wmud) today. I wanted to
register a signal for a `GObject`, whose handler should accept two `enum`
parameters for which I had to register a new `GEnum` type in the `GObject` type
system. However, the [documentation on this
feature](https://developer.gnome.org/gobject/unstable/gtype-non-instantiable.html)
(thanks for pointing out goes to hashem on `#gnome-hackers`) is not… uhm…
obvious. Making the long story short, I have checked with the `GIO` sources for
an example, and using that, I have created this small, working chunk:
{% highlight c %}
#ifndef __WMUD_CLIENT_STATE_H__
#define __WMUD_CLIENT_STATE_H__
#include <glib-object.h>
/**
* WmudClientState:
* @WMUD_CLIENT_STATE_FRESH: Client is newly connected. Waiting for a login
* player name
* @WMUD_CLIENT_STATE_PASSWAIT: Login player name is entered, waiting for a
* login password
* @WMUD_CLIENT_STATE_MENU: Authentication was successful, player is now in the
* main game menu
* @WMUD_CLIENT_STATE_INGAME: Character login was successful, player is now
* in-game
* @WMUD_CLIENT_STATE_YESNO: Player was asked a yes/no question, and we are
* waiting for the answer. client.yesNoCallback MUST be set at this point!
* TODO: if wmudClient had a prevState field, and there would be some hooks
* that are called before and after the client enters a new state, this
* could be a three-state stuff, in which the player can enter e.g ? as
* the answer, so they would be presented with the question again.
* @WMUD_CLIENT_STATE_REGISTERING: Registering a new player. Waiting for the
* e-mail address to be given
* @WMUD_CLIENT_STATE_REGEMAIL_CONFIRM: E-mail address entered séms valid,
* waiting for confirmation
*
* Game client states.
*/
typedef enum {
WMUD_CLIENT_STATE_FRESH,
WMUD_CLIENT_STATE_PASSWAIT,
WMUD_CLIENT_STATE_MENU,
WMUD_CLIENT_STATE_INGAME,
WMUD_CLIENT_STATE_YESNO,
WMUD_CLIENT_STATE_REGISTERING,
WMUD_CLIENT_STATE_REGEMAIL_CONFIRM
} WmudClientState;
GType wmud_client_state_get_type (void) G_GNUC_CONST;
#define WMUD_TYPE_CLIENT_STATE (wmud_client_state_get_type())
#endif /* __WMUD_CLIENT_STATE_H__ */
{% endhighlight %}
{% highlight c %}
#include "wmudclientstate.h"
GType
wmud_client_state_get_type (void)
{
static volatile gsize g_define_type_id__volatile = 0;
if (g_once_init_enter(&g_define_type_id__volatile)) {
static const GEnumValue values[] = {
{ WMUD_CLIENT_STATE_FRESH, "WMUD_CLIENT_STATE_FRESH", "fresh" },
{ WMUD_CLIENT_STATE_PASSWAIT, "WMUD_CLIENT_STATE_PASSWAIT", "passwait" },
{ WMUD_CLIENT_STATE_MENU, "WMUD_CLIENT_STATE_MENU", "menu" },
{ WMUD_CLIENT_STATE_INGAME, "WMUD_CLIENT_STATE_INGAME", "ingame" },
{ WMUD_CLIENT_STATE_YESNO, "WMUD_CLIENT_STATE_YESNO", "yesno" },
{ WMUD_CLIENT_STATE_REGISTERING, "WMUD_CLIENT_STATE_REGISTERING", "registering" },
{ WMUD_CLIENT_STATE_REGEMAIL_CONFIRM, "WMUD_CLIENT_STATE_REGEMAIL_CONFIRM", "regemail-confirm" },
{ 0, NULL, NULL }
};
GType g_define_type_id = g_enum_register_static(g_intern_static_string("WmudClientState"), values);
g_once_init_leave(&g_define_type_id__volatile, g_define_type_id);
}
return g_define_type_id__volatile;
}
{% endhighlight %}
Still, it can be made more perfect by using the
[glib-mkenums](http://developer.gnome.org/gobject/stable/glib-mkenums.html)
tool. I will read through the GLib Makefiles tomorrow for some hints on
this.

17
_posts/2013-01-14-git-rm-cached-madness.markdown Normal file
View File

@@ -0,0 +1,17 @@
---
layout: post
title: "git rm --cached madness"
date: 2013-01-14 21:38:00+00:00
tags: [development, git]
permalink: /blog/2013/1/14/git-rm-cached-madness
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
I have recently learned about `git rm --cached`. Its a very good tool, as it
removes a file from tracking, without removing your local copy of it. However,
be warned that if you use `git pull` in another working copy, the file will be
removed from there! If you accidentally put the configuration of a production
project, and remove it on your dev machine, it can cause a lot of trouble ;)

52
_posts/2013-01-17-jms-diextrabundle-s-greppatternfinder-grep-exits-with-status-code-2-on-fedora-18.markdown Normal file
View File

@@ -0,0 +1,52 @@
---
layout: post
title: "JMS\\DiExtraBundles GrepPatternFinder grep exits with status code 2 on Fedora 18"
date: 2013-01-17 00:32:12+00:00
tags: [fedora, selinux, symfony]
permalink: /blog/2013/1/17/jms-diextrabundle-s-greppatternfinder-grep-exits-with-status-code-2-on-fedora-18
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Yesterday Ive upgraded my development machines from Fedora 17 to Fedora
18. Although it went well, my [Symfony](http://symfony.com/) projects stopped
working with a message like this:
RuntimeException: Command "/usr/bin/grep --fixed-strings --directories=recurse --devices=skip --files-with-matches --with-filename --color=never --include=*.php 'JMS\DiExtraBundle\Annotation'
'/var/www/html/gergelypolonkaiweb/app/../src'
'/var/www/html/gergelypolonkaiweb/vendor/symfony/symfony/src/Symfony/Bundle/FrameworkBundle'
'/var/www/html/gergelypolonkaiweb/vendor/symfony/symfony/src/Symfony/Bundle/SecurityBundle'
'/var/www/html/gergelypolonkaiweb/vendor/symfony/symfony/src/Symfony/Bundle/TwigBundle'
'/var/www/html/gergelypolonkaiweb/vendor/symfony/monolog-bundle/Symfony/Bundle/MonologBundle'
'/var/www/html/gergelypolonkaiweb/vendor/symfony/swiftmailer-bundle/Symfony/Bundle/SwiftmailerBundle'
'/var/www/html/gergelypolonkaiweb/vendor/symfony/assetic-bundle/Symfony/Bundle/AsseticBundle'
'/var/www/html/gergelypolonkaiweb/vendor/doctrine/doctrine-bundle/Doctrine/Bundle/DoctrineBundle'
'/var/www/html/gergelypolonkaiweb/vendor/sensio/framework-extra-bundle/Sensio/Bundle/FrameworkExtraBundle'
'/var/www/html/gergelypolonkaiweb/vendor/jms/aop-bundle/JMS/AopBundle'
'/var/www/html/gergelypolonkaiweb/vendor/jms/security-extra-bundle/JMS/SecurityExtraBundle'
'/var/www/html/gergelypolonkaiweb/vendor/doctrine/doctrine-migrations-bundle/Doctrine/Bundle/MigrationsBundle'
'/var/www/html/gergelypolonkaiweb/vendor/friendsofsymfony/jsrouting-bundle/FOS/JsRoutingBundle'
'/var/www/html/gergelypolonkaiweb/vendor/avalanche123/imagine-bundle/Avalanche/Bundle/ImagineBundle'
'/var/www/html/gergelypolonkaiweb/vendor/genemu/form-bundle/Genemu/Bundle/FormBundle'
'/var/www/html/gergelypolonkaiweb/src/GergelyPolonkai/FrontBundle'
'/var/www/html/gergelypolonkaiweb/src/GergelyPolonkai/GeshiBundle'
'/var/www/html/gergelypolonkaiweb/vendor/symfony/symfony/src/Symfony/Bundle/WebProfilerBundle'
'/var/www/html/gergelypolonkaiweb/vendor/sensio/distribution-bundle/Sensio/Bundle/DistributionBundle'
'/var/www/html/gergelypolonkaiweb/vendor/sensio/generator-bundle/Sensio/Bundle/GeneratorBundle'" exited with non-successful status code "2".
After getting through my logs and such, Ive finally found out that the new
SELinux policy is causing the trouble together with git. Eventually, my
`.git/logs` directory is tagged as `unconfined_u:object_r:httpd_log_t:s0`.
`httpd_log_t` type is not readable by the `system_u:system_r:httpd_t:s0` user,
which makes `/usr/bin/grep` throw an access denied error. To fix this, I needed
to do
semanage fcontext -a -t httpd_sys_content_t '/var/www(/.*)?/\.git/logs(/.*)?'
as root. This makes `.git` directories readable for the httpd process, thus,
for `grep`. The optimal solution would be to tell `GrepPatternFinder` to ignore
version control stuff, so the `httpd` process would have no access to them at
all. Also, in production, removing the `.git` or `.svn` directories could be a
good idea.

32
_posts/2013-02-19-mount-device-or-resource-busy-after-enabling-multipath.markdown Normal file
View File

@@ -0,0 +1,32 @@
---
layout: post
title: "mount: device or resource busy after enabling multipath"
date: 2013-02-19 23:09:05+00:00
tags: [linux, heartbeat-cluster]
permalink: /blog/2013/2/19/mount-device-or-resource-busy-after-enabling-multipath
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
We have a heartbeat cluster with two nodes. It has been running for several
months without problems. The shared storage is on an IBM DS3400, on which we
have a large volume formatted with ext4.
Today I decided to reboot the active node for security reasons. So Ive
switched to the passive node, which failed at the first step: it was unable to
mount the storage (`/dev/sda1`). After whining for a few moments, I tried to
mount it by hand, which told me
/dev/sda1 already mounted or /data is busy
Ive quickly made sure that none of that was true. After checking
this-and-that, it turned out that the passive node had `multipathd` running, so
I looked under `/dev/mapper`, and found two symlinks there, `<long-long WWN>`
and `<long-long WWN>-part1`. As the partition table and the disk size was the
same as on `/dev/sda`, I tried to
mount /dev/<long-long WWN>-part1 /data
and voilà! It worked like charm!

27
_posts/2013-02-27-why-i-stopped-using-annotation-based-routing-in-symfony-today.markdown Normal file
View File

@@ -0,0 +1,27 @@
---
layout: post
title: "Why I stopped using annotation based routing in Symfony today"
date: 2013-02-27 23:10:24+00:00
tags: [development, symfony]
permalink: /blog/2013/2/27/why-i-stopped-using-annotation-based-routing-in-symfony-today
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
I have read several opinions about routing configuration in Symfony. I stayed
with annotation based routing as it was convinient for me to see the URL right
above the controller action. This was because by just checking the URL, I
remembered the controlling code, as they always were fresh ones. Well, until
today.
I had to take a look into an old (Sf 2.0, last commit was about 3 months ago)
project of mine. In the same run Ive upgraded the whole project to 2.2 (it was
a fast one, thanks for [JMikola@GitHub](https://github.com/jmikola) for the
quick reply on my issue with
[JmikolaJsAssetsHelperBundle](https://github.com/jmikola/JmikolaJsAssetsHelperBundle)
again!). After that I went on to the requested change. Now, finding a route in
about 40 controller files spread between 3 bundles can really be a pain! So
Ive finished with annotation based routing. Its still a nice feature, its
simply not for me.

67
_posts/2013-03-01-programming-as-i-see-it.markdown Normal file
View File

@@ -0,0 +1,67 @@
---
layout: post
title: "Programming, as I see it"
date: 2013-03-01 23:32:35+00:00
permalink: /blog/2013/3/1/programming-as-i-see-it
published: false
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Since my age of around 11, I write code. I began with BASIC, which is, well,
the most basic language I have ever seen. Simply writing
{% highlight basic %}
10 PRINT "Hello World!"
{% endhighlight %}
does the job (with Assembly it would be tens of lines as I recall). Then I
moved to Pascal, then Delphi (which is basically the same thing). The next step
was a bit longer, as I started learning more languages after this, like Perl
(for dynamic web pages), C (for desktop applications), TCL (for eggdrop
programming. Yes, I might have been a weird kid), PHP (again, for dynamic web
pages. It was becoming mainstream back then).
Many of my classmates looked down on me, as they thought I was a geek (hell I
was, but I wouldnt have confessed it then), and called me a nerd. For a few
months maybe I was depressed, but after that I realised that this is the thing
I want to do in my life, this is the thing Im good at.
Most people I ask why dont they code say “its too hard”. Ive attended some
courses (both online and offline, and I was like “Whoa! Coding is extremely
hard! What the hell! I will never learn it!”, but right after the course I
realised that everything is just fine, I can still write programs, and its
eeeeasy. So then, whats the problem?
After looking through many course papers, I found that most teachers do it
totally wrong. A programming language is just that: a language. You dont start
learning Spanish by going into a classic literature conference in Madrid and
doing a speech, but learn the basic vocabulary and grammar. The same goes for
coding. You learn the vocabulary (the basic commands or keywords) and grammar
(syntax). I had several ideas how this could be taught, just didnt have the
background to do it.
The idea of teaching programming lingers in my head for years now, and a few
days ago, Ive bumped into [this
video](https://www.youtube.com/watch?v=dU1xS07N-FA). So it seems that
technology superstars like Bill Gates and Mark Zuckerberg wants to do the same.
Maybe they dont have enough high quality coders at hand. Well of course,
if teachers make it awfully hard to learn it! So a bunch of guys sat together
and created [code.org](http://www.code.org/) to achieve my old dream. I like
the idea. And although I have almost no visitor on this blog of mine, allow me
to give you a few points on how I see programming.
#### Great learning process
When you write programs, especially during the first years, you adapt a new way
of thinking and learning. If you learn it as an adult, it can be a bit of a
pain, but as a child, its easy as learning how the wheels of those little cars
spin).
#### A job
#### Art
#### Magic

38
_posts/2013-03-05-fedora-can-t-change-active-directory-password-via-kpasswd.markdown Normal file
View File

@@ -0,0 +1,38 @@
---
layout: post
title: "Fedora cant change Active Directory password via kpasswd"
date: 2013-03-05 08:55:04+00:00
tags: [fedora, kerberos, active-directory]
permalink: /blog/2013/3/5/fedora-can-t-change-active-directory-password-via-kpasswd
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
I wanted to change my AD password today. As the AD is actually a Kerberos
server, I was pretty sure that `kpasswd` will do the trick. However, `kpasswd`
output looked like this:
$ kpasswd
Password for polonkai.gergely@EXAMPLE.LOCAL:
Enter new password:
Enter it again:
kpasswd: Cannot find KDC for requested realm changing password
Ive checked `kinit` and `klist`, everything looked fine. After a while it came
to my mind that password changing is done through the kadmin server, not
through the KDC. It seems that when I set up the Active Directory membership,
the `admin_server` directive is not get written to `krb5.conf`. So all I had to
do was to put
admin_server = ad.example.local
in that file, and voilà!
$ kpasswd
Password for polonkai.gergely@EXAMPLE.LOCAL:
Enter new password:
Enter it again:
Password changed.

26
_posts/2013-03-05-haversine-in-mysql.markdown Normal file
View File

@@ -0,0 +1,26 @@
---
layout: post
title: "Haversine in MySQL"
date: 2013-03-05 12:49:28+00:00
permalink: /blog/2013/3/5/haversine-in-mysql
tags: [mysql, development]
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Just insert it in your database, feed them two Google coordinates, and you get
the distance in kilometres. If you happen to need it in miles, change the
constant `12756.200` in the `RETURN` row to `7922.6` instead.
{% highlight sql %}
DELIMITER $$
CREATE FUNCTION `haversine` (lng1 FLOAT, lat1 FLOAT, lng2 FLOAT, lat2 FLOAT)
RETURNS float NO SQL DETERMINISTIC
BEGIN
SET @a = ABS(POWER(SIN(RADIANS(lat1 - lat2)) / 2, 2) + COS(RADIANS(lat1)) * COS(RADIANS(lat2)) * POWER(SIN(RADIANS(lng1 - lng2)) / 2, 2));
RETURN 12756.200 * ATAN2(SQRT(@a), SQRT(1 - @a));
END$$
{% endhighlight %}

28
_posts/2013-03-13-dvorak-and-me.markdown Normal file
View File

@@ -0,0 +1,28 @@
---
layout: post
title: "Dvorak and me"
date: 2013-03-13 21:20:13+00:00
tags: [linux]
permalink: /blog/2013/3/13/dvorak-and-me
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
A few months ago I have decided to switch to the Dvorak layout. After using
QWERTY (well, QWERTZ, to be precise) for almost 17 years, it was a hard
decision, but now I think it worthed the try. I started with the UK (Dvorak
with UK punctuation) layout, and in about four weeks, Ive almost reached my
original typing speed. Today I have modified the Hungarian xkb definitions file
to add the Hungarian accended letters like ű to the layout, so I dont have to
use dead keys anymore (which apparently turned out to be a problem, as the
Linux version of Java doesnt support dead keys at all).
Best thing is, as I never learned proper 10-finger typing, but learned Dvorak
that way, I can switch between QWERTY and Dvorak more or less painlessly (about
10 minutes of confusion, so to say).
Conclusion: I dont know yet if this was actually a good decision, but it
wasnt bad, after all. But seeing peoples faces when they try to type on my
machine totally worths it.

28
_posts/2013-04-09-renaming-a-symfony-2-bundle.markdown Normal file
View File

@@ -0,0 +1,28 @@
---
layout: post
title: "Renaming a Symfony 2 bundle"
date: 2013-04-09 22:29:48+00:00
tags: [development, symfony]
permalink: /blog/2013/4/9/renaming-a-symfony-2-bundle
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Today Ive realised that the name I gave to one of my Symfony 2 bundles should
be something else. To rename a bundle, one must do four things (at least).
1. Change the namespace from `Vendor\OldBundle` to `Vendor\NewBundle` in every
PHP class (sounds like pain? It is…)
1. Change the name of files and classes. Some files under
`src/Vendor/OldBundle` (and the classes in them) contain the name of the
bundle, like `OldBundle/DependencyInjection/VendorOldBundleExtension.php`
and `OldBundle/VendorOldBundle.php`. You should rename them, or Symfony
wont find the classes defined in them! When done, rename the whole bundle
directory either.
1. Change the configuration files accordingly, including `AppKernel.php`. These
config files are usually `routing.yml`, `services.yml`, and in some cases,
`config.yml`
1. Change the references in other parts of your code. A `grep OldBundle .` will
usually help…

111
_posts/2013-05-06-installing-otrs-in-fedora-18-with-selinux-enabled.markdown Normal file
View File

@@ -0,0 +1,111 @@
---
layout: post
title: "Installing OTRS in Fedora 18 with SELinux enabled"
date: 2013-05-06 06:01:52+00:00
tags: [fedora, selinux, otrs]
permalink: /blog/2013/5/6/installing-otrs-in-fedora-18-with-selinux-enabled
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Ive read somewhere in an OTRS installation howto that if you want to install
OTRS, you will have to disable SELinux. Well, I wont.
During the last few months, I have been using Fedora 18 with SELinux on all of
my desktop machines and on my notebook, and I had no problems at all.
Meanwhile I got familiar with SELinux itself, and got used to solving problems
caused by it. So I started `tail -f /var/log/httpd/error_log` in one terminal
(to see if something Apache related thing appears),
`tail -f /var/log/audit/audit.log` in another (to see errors caused by
SELinux), opened the admin manual at the installation chapter, took a deep
breath, and went on.
Throughout this article, I will refer to OTRS 3.2.6 as OTRS and Fedora 18
(with only “stock” repositories) as Fedora. I assume that you have already
installed OTRS in a non-SELinux environment before, and that you have at least
some basic knowledge about SELinux, MAC, RBAC, and all the like. Im
installing OTRS in `/opt/otrs`, so if you install it somewhere else, you will
have to modify the paths below. Also, if you happen to install under
`/var/www` (I wouldnt recommend it), that directory already has the
`httpd_sys_content_t` type, so you wont have to set it explicitly.
As the first step I have unpacked the archive to `/opt/otrs`. This directory
is the OTRS default, many config files have it hardcoded, and changing it is
no easy task.
Running `otrs.CheckModules.pl` gave me a list of missing perl modules. Red Hat
and Fedora makes it easy to install these, as you dont have to know the RPM
package name, just the perl module name:
yum install 'perl(Crypt::SSLeay)' \
'perl(DBD::Pg)' \
'perl(GD)' \
'perl(JSON::XS)' \
'perl(GD::Text)' \
'perl(GD::Graph)' \
'perl(Mail::IMAPClient)' \
'perl(Net::DNS)' \
'perl(PDF::API2)' \
'perl(Text::CSV_XS)' \
'perl(YAML::XS)'
I also needed to install `mod_perl`. Although `otrs.CheckModules.pl` didnt
mention it, the default settings use syslog as the logging module, so unless
you change it in `Config.pm`, you will also need to install
`'perl(Unix::Syslog)'`, either.
The default SELinux policy doesnt permit any network connection to be
initiated by Apache httpd. As OTRS needs to connect to its database, you
need to enable it explicitly. In older distributions, the
`httpd_can_network_connect` was the SELinux boolean for this, but recent
installations also have a `httpd_can_network_connect_db` flag. As far as I
know, this enables all network connections to the well-known database
servers default port, but I will have to check for it. For me, with a
MySQL listening on its standard port, the
`setsebool httpd_can_network_connect_db=1` command just did it.
With SELinux enabled, Apache wont be able to read anything thats not
marked with the `httpd_sys_content_t` type, nor write anywhere without the
`httpd_sys_rw_content_t` type. The trivial, quick and dirty solution is to
label all the files as `httpd_sys_rw_content_t`, and let everything go.
However, the goal of SELinux is just the opposite of this: grant access
only to what is really needed. After many trial-and-error steps, it finally
turned out that for OTRS to work correctly, you must set
* `httpd_sys_content_t`
* on `/opt/otrs/var/httpd/htdocs`
* `httpd_script_exec_t`
* on `/opt/otrs/bin/cgi-bin`
* `httpd_sys_rw_content_t`
* on `/opt/otrs/Kernel`
* on `/opt/otrs/var/sessions`
* on `/opt/otrs/var/log` (unless you use syslog for logging)
* on `/opt/otrs/var/packages` (this is used only when you download an .opm
package)
* on `/opt/otrs/var/stats`
* on `/opt/otrs/var/tmp`
* on `/opt/otrs/bin` (I wonder why this is required, though)
To do this, use the following command:
# semanage fcontext -a -t <context> <directory regex>
Where `<directory regex>` is something like `/opt/otrs/Kernel(/.*)?`. When
this is done, all you have to do is running `restorecon -vR /opt/otrs` so
it will relabel everything with the correct types (you can omit -v, I just
like to see what my software does).
The last thing I faced is that Fedora is more restrictive on reading
directories other than `/var/www`. It has a `Require all denied` on
`<Directory />`, and a `Require all granted` on `<Directory /var/www>`, so
`/opt/otrs/var/httpd/htdocs` will throw a
`403 Forbidden (client denied by server configuration)` error. To get rid
of this, I had to modify `scripts/apache2-httpd.include.conf` and add
`Require all granted` to both the `cgi-bin` and `htdocs` directories.
As I will have to use OTRS in a production environment soon with SELinux
enabled, it is more than sure that this list will change in the near future.
As there are no official documentation on this (I havent find one yet), I
have to do it with the trial-and-error way, so be patient!

30
_posts/2013-09-16-swe-glib-final-release.markdown Normal file
View File

@@ -0,0 +1,30 @@
---
layout: post
title: "SWE-GLib final release"
date: 2013-09-16 21:37:17+00:00
tags: [development, astrology]
permalink: /blog/2013/9/16/swe-glib-final-release
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Few of you may know that Im interested in astrology. About two months ago
I have decided to create an astrologers software for the GNOME desktop.
Since then, I have contacted Jean-André Santoni, who created a software
called [Astrognome](https://code.google.com/p/astrognome/) some years ago.
We exchanged some e-mails, and after several weeks of coding, Im proud to
present [SWE-GLib](https://github.com/gergelypolonkai/swe-glib) 1.0.1. This
is “just” a library which wraps around [Swiss
Ephemeris](http://www.astro.com/swisseph/), creating a nice GLib-ish
interface around it. See the project page and the built-in GTK-Doc document
for more information.
The astrologers software Im writing will be
[Astrognome](https://github.com/gergelypolonkai/astrognome) (thanks for
Jean-André for letting me use the name). It is currently in pre-alpha
status, but already utilizes SWE-GLib (it just cant display the results
yet). If you happen to be interested in astrology and/or Astrognome, fork
the repository and contribute! You can also contact me (or open an
enhancement issue on GitHub) if you have any ideas.

25
_posts/2013-09-24-from-symfony-to-django-in-two-days.markdown Normal file
View File

@@ -0,0 +1,25 @@
---
layout: post
title: "From Symfony to Django in two days"
date: 2013-09-24 14:05:22+00:00
tags: [development, symfony, django]
permalink: /blog/2013/9/24/from-symfony-to-django-in-two-days
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
I was a Python hater for a long time, although I cant really tell why. It
didnt fit in my mind, maybe. I was programming in BASIC, Pascal (none of
these would come to my mind, though), C, PHP, Perl, JavaScript, and
different shell “languages” like awk, sed or bash.
After I could not fit my next Symfony app on my cloud server (it is pretty
low on storage), I have decided to move slowly to Django. My first task was
simple: transition my web page (this one) from PHP + Symfony 2 to Python +
Django. The results: the “static” pages are already working, the blog
listing is almost ready (some styling issues are still around), only
tagging remains. And this is after about 6 hours of work. Oh, and the admin
site is included with Django, so I dont have to port that. I have also
decided to finally integrate a comment feature in the Django version.

29
_posts/2013-11-05-first-impressions-of-windows-8.markdown Normal file
View File

@@ -0,0 +1,29 @@
---
layout: post
title: "First impressions of Windows 8"
date: 2013-11-05 08:14:50+00:00
tags: [windows]
permalink: /blog/2013/11/5/first-impressions-of-windows-8
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Many of you may know my commitment to Linux and Open Source Software. But this
doesnt mean I hate proprietary software like many others do. I think
everything has its own place in the world, and this goes for software as well.
A few days ago I got my hands on a new notebook, thanks to my company. It was
shipped with Windows 8 by default, and although I installed Fedora 19 in an
instant (which went smoothlessly, even with Secure Boot enabled), Ive decided
to give a try to this new Windows Version.
Being a heavy Windows 7 user, my first thought was “What the hell is this?”
But in a day, I got totally used to it. I dont miss the Start button at all.
The applications already installed were almost enough for me (I still need
Office. Maybe Ill also enroll for Office 365 later…), and the games are great
and beautiful too. So overall, this new version may be totally different (by
the looks), but it seems almost the same Windows as we know it. So if you
dont freak out by touching something new, go give it a try: dont
instant-remove 8 in favour of 7!

64
_posts/2014-07-18-list-git-branches-and-their-remote-tracking-branches-side-by-side.markdown Normal file
View File

@@ -0,0 +1,64 @@
---
layout: post
title: "List Git branches and their remote tracking branches side by side"
date: 2014-07-18 21:46:45+00:00
tags: [git]
permalink: /blog/2014/7/18/list-git-branches-and-their-remote-tracking-branches-side-by-side
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
I had a hard time following my own branches in a project. They got pretty
numerous, and I wasnt sure if I pushed them to origin at all.
`git branch -a` can list all the branches, including remote ones, but, as
my list grew too big, it was impossible to follow it any more.
Thus, I have created a small script called git-branches-with-remotes, which
does the work for me. Its only requirements are git (of course), and the
`column` command, which is pretty obviously present on every POSIX
compliant systems (even OSX).
{% highlight sh %}
#! /bin/sh
COLUMN=`which column 2> /dev/null`
if test -z $COLUMN
then
echo "`column' is not found in PATH. Cannot continue."
exit 1
fi
current_branch=`git rev-parse --abbrev-ref HEAD`
for branch in $(git for-each-ref --shell --format='%(refname)' refs/heads | sed -e s/^\'refs\\/heads\\///-e s/\'$//)
do
remote=`git config branch.$branch.remote`
merge=`git config branch.$branch.merge | sed -e 's/^refs\/heads\///'`
[ x"$current_branch" == x"$branch" ] && echo -n '*'
echo -n "$branch"
if ! test -z $merge
then
echo -en "\t"
echo -n $remote
echo -n /
echo -n $merge
fi
echo
done | $COLUMN -t
{% endhighlight %}
I just put it in my path, and `git branches-with-remotes` does the work!
Edit (16 August): I have added some code to mark the current branch (if any)
with an asterisk. Also, I have put this script [in a
gist](https://gist.github.com/gergelypolonkai/8af6a3e86b57dd4c250e).
Edit (26 February, 2015): It turns out that `git branch -vv` shows the same
information and some more: it also shows if the branches are diverged, and the
first line of the last commits message.

148
_posts/2014-08-16-registering-an-enum-type-in-glib-glib-mkenums-magic.markdown Normal file
View File

@@ -0,0 +1,148 @@
---
layout: post
title: "Registering an enum type in GLib, glib-mkenums magic"
date: 2014-08-16 15:10:54+00:00
tags: [development, c, glib]
permalink: /blog/2014/8/16/registering-an-enum-type-in-glib-glib-mkenums-magic
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
In [this
post](/blog/2013/1/6/registering-an-enum-type-in-glib-s-type-system) I said
I will get through the GLib Makefiles to add an enum type to GLib in a more
sophisticated way.
In my other project,
[SWE-GLib](https://github.com/gergelypolonkai/swe-glib) I already used this
method. The following two rules in `Makefile.am` create `gswe-enumtypes.h`
and `gswe-enumtypes.c`.
{% highlight make %}
gswe-enumtypes.h: $(gswe_enum_headers) gswe-enumtypes.h.template
$(GLIB_MKENUMS) --template $(filter %.template,$^) $(filter-out %.template,$^) > \
gswe-enumtypes.h.tmp && mv gswe-enumtypes.h.tmp gswe-enumtypes.h
gswe-enumtypes.c: $(gswe_enum_headers) gswe-enumtypes.h gswe-enumtypes.c.template
$(GLIB_MKENUMS) --template $(filter %.template,$^) $(filter-out %.template,$^) > \
gswe-enumtypes.c.tmp && mv gswe-enumtypes.c.tmp gswe-enumtypes.c
{% endhighlight %}
`$(GLIB_MKENUMS)` is set in `configure` with
`AC_PATH_PROG([GLIB_MKENUMS], [glib-mkenums])`.
This approach requires the GNU Autotools (you can get rid of it by changing
`$(GLIB_MKENUMS)` to the path to `glib-mkenums` binary), and two template
files, one for the header and one for the code. `$(gswe_enum_headers)`
contains a list of all the header files that have enum types defined
throughout the project.
{% highlight c %}
/*** BEGIN file-header ***/
/* gswe-enumtypes.h - Enumeration types for SWE-GLib
*
* Copyright © 2013 Gergely Polonkai
*
* SWE-GLib is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* SWE-GLib is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this library; if not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __GSWE_ENUM_TYPES_H__
#define __GSWE_ENUM_TYPES_H__
#include <glib-object.h>
/*** END file-header ***/
/*** BEGIN file-production ***/
/* enumerations from "@filename@" */
#include "@filename@"
/*** END file-production ***/
/*** BEGIN value-header ***/
GType @enum_name@_get_type(void);
#define @ENUMPREFIX@_TYPE_@ENUMSHORT@ (@enum_name@_get_type())
/*** END value-header ***/
/*** BEGIN file-tail ***/
#endif /* __GSWE_ENUM_TYPES_H__ */
/*** END file-tail ***/
{% endhighlight %}
{% highlight c %}
/*** BEGIN file-header ***/
/* gswe-enumtypes.c - Enumeration types for SWE-GLib
*
* Copyright © 2013 Gergely Polonkai
*
* SWE-GLib is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* SWE-GLib is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this library; if not, see <http://www.gnu.org/licenses/>.
*/
#include "swe-glib.h"
#include "gswe-enumtypes.h"
#include "@filename@"
/*** END file-header ***/
/*** BEGIN file-production ***/
/* enumerations from "@filename@" */
/*** END file-production ***/
/*** BEGIN value-header ***/
GType
@enum_name@_get_type(void)
{
static volatile gsize g_define_type_id__volatile = 0;
gswe_init();
if (g_once_init_enter(&g;_define_type_id__volatile)) {
static const G@Type@Value values[] = {
/*** END value-header ***/
/*** BEGIN value-production ***/
{
@VALUENAME@,
"@VALUENAME@",
"@valuenick@"
},
/*** END value-production ***/
/*** BEGIN value-tail ***/
{ 0, NULL, NULL }
};
GType g_define_type_id = g_@type@_register_static(
g_intern_static_string("@EnumName@"),
values
);
g_once_init_leave(&g;_define_type_id__volatile, g_define_type_id);
}
return g_define_type_id__volatile;
}
/*** END value-tail ***/
{% endhighlight %}

16
_posts/2014-09-17-nyanmacs.markdown Normal file
View File

@@ -0,0 +1,16 @@
---
layout: post
title: "NyanMacs"
date: 2014-09-17 12:45:42+00:00
tags: [emacs]
permalink: /blog/2014/9/17/nyanmacs
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
I was a Vi/ViM user for years. For several reasons I had to change to Emacs
now and then. And then, I found
[this](http://nyan-mode.buildsomethingamazing.com). I surrender. Emacs is
just better. (And its working even in plain text mode without graphics)

43
_posts/2014-10-07-rounding-numbers-to-n-decimals-in-emacs.markdown Normal file
View File

@@ -0,0 +1,43 @@
---
layout: post
title: "Rounding numbers to N decimals in Emacs"
date: 2014-10-07 10:28:50+00:00
tags: [emacs, development]
permalink: /blog/2014/10/7/rounding-numbers-to-n-decimals-in-emacs
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
I have recently faced a problem, where I had a bunch of SVG files with a
large amount of fraction numbers in the path definitions. These images were
displayed in small size, so this amount of precision was irrelevant, and
these numbers took almost half of my SVG images size. So I created an
Elisp defun to round these numbers to 2 decimals:
{% highlight common-lisp %}
(defun get-number-at-point ()
(interactive)
(skip-chars-backward "0123456789.-")
(or (looking-at "[0123456789.-]+")
(error "No number at point"))
(string-to-number (match-string 0)))
(defun round-number-at-point-to-decimals (decimal-count)
(interactive "NDecimal count: ")
(let ((mult (expt 10 decimal-count)))
(replace-match (number-to-string
(/
(fround
(*
mult
(get-number-at-point)))
mult)))))
{% endhighlight %}
This finds the first digit of the number under point (the cursor), and
reduces its digits to the given amount (or the number given with `C-u`). It
has some drawbacks, though, as it cannot handle exponential forms (e.g.
`1e-1234`), but these were rare in my case, and its hard to iterate through
all numbers. I will come over this latter problem soon(ish).

51
_posts/2015-02-26-using-git-bisect-to-find-the-first-good-commit.markdown Normal file
View File

@@ -0,0 +1,51 @@
---
layout: post
title: "Using Git bisect to find the first good commit"
date: 2015-02-26 10:42:56+00:00
tags: [git]
permalink: /blog/2015/2/26/using-git-bisect-to-find-the-first-good-commit
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Few months ago we “implemented” a bug in our software, which was released
to the customers. We continued development for two weeks when the first
customer ticket arrived about the bug. We successfully reproduced it with
the customers version, but not with the development sources; it turned out
that one of the developers unconsciously fixed the bug. The devs spent some
hours finding where the fix lied before coming to me like “There is
`git-bisect` which we can use to find the commit where we messed up things.
Is there a way to find where we fixed it?”
For those who dont know this feature, you have to mark a known “good” and
“bad” commit, then git-bisect will go through the commits between this two,
present you the corresponding snapshots, and you have to mark each of them
as “good” or “bad”. At the end, you will get a commit hash where the bug
first occured.
As it turned out, our developers problem rooted in the naming convention
of git-bisect: they assumed that the “good” commit must be a working one,
while a “bad” one must be the buggy. In this case, we did the following:
The commit with the customers release tag was marked as good (even though
this had the bug), and the latest commit on our development branch was
marked as “bad” (even though the bug was fixed by then). Now with every
snapshot presented by git-bisect we had to do the opposite what you usually
do: mark commits still having the bug as “good”, and commits that dont as
“bad”. At the end, we had the hash of the commit that fixed the bug (among
some other things; luckily, the developer who pushed that commit had a
workflow that introduced a lot of cherry-picking and squashing before the
push, so he could easily find the bit that actually fixed the problem in
his local repository with the same technique).
[This StackOverflow answer](http://stackoverflow.com/a/17153598/1305139)
suggests the very same, but with some aliases:
{% highlight ini %}
[alias]
bisect-fixed = bisect bad
bisect-unfixed = bisect good
{% endhighlight %}