Compare commits

...

57 Commits

Author SHA1 Message Date
Gergely Polonkai 9c43546e15
Add an Apple touch icon
4 weeks ago
Gergely Polonkai f1d70d270d
Un-XHTMLify some link tags
4 weeks ago
Gergely Polonkai ce86a83848
Add the rel=me attribute to social links
4 weeks ago
Gergely Polonkai 523b5e614d
Upgrade to Pelican 4.8.0
7 months ago
Gergely Polonkai fc3df48a74
Update the about page
8 months ago
Gergely Polonkai 300fdb1e6d
Update the contacts section
8 months ago
Gergely Polonkai 18cb0e31c1
Add a work preferences page
8 months ago
Gergely Polonkai b10a42866f
Write a review about the Keyboardio Model 100
8 months ago
Gergely Polonkai 051fd87fb5
Add a README file with publishing instructions
8 months ago
Gergely Polonkai 4da1081c40
[Bugfix] Fix the resume keyword list
8 months ago
Gergely Polonkai 760a46ed5b
Make list items a bit more dense
8 months ago
Gergely Polonkai 9becf4c654
Update my GPG key to the latest iteration
8 months ago
Gergely Polonkai 334fa8422d
Change the background color of code-formatted words’ to grey
8 months ago
Gergely Polonkai d3ec86fce5
Update my tagline
2 years ago
Gergely Polonkai d55a9fc11a Update gitignore so it contains the __pycache__ folder
2 years ago
Gergely Polonkai 8a76794caf
Create a what-is/privacy policy page for my appointment booking page
2 years ago
Gergely Polonkai 6b39cecf7a
Add the :exp_years: text role
2 years ago
Gergely Polonkai 434a0062f3
Add the :del: text role
2 years ago
Gergely Polonkai c53ba939c6
Make it possible to hide pages from the top navigation
2 years ago
Gergely Polonkai 0fc738b033
Update the site design
2 years ago
Gergely Polonkai e66c31c646
Make my social box more privacy friendly
2 years ago
Gergely Polonkai 67eeac2d0a
Fix typos/missing info in the latest article
2 years ago
Gergely Polonkai 959c614a1d
Add post about using NodeMCU MAC address as the MQTT unique ID
2 years ago
Gergely Polonkai b1366ba1f3
Update the style of `.. note` elements
2 years ago
Gergely Polonkai a4e732c40d
Update the disclaimer page
2 years ago
Gergely Polonkai db8c8824bf
Move to Poetry
2 years ago
Gergely Polonkai 8b7dd42b27
Add post abourt converting Werkzeug hashes to Passlib format
3 years ago
Gergely Polonkai d3b11a083a
Upgrade to Python 3.8
3 years ago
Gergely Polonkai 2e179936e5
Fix the path of my last post
3 years ago
Gergely Polonkai 4429b381d0
Add post about my Mastodon DB hickup
3 years ago
Gergely Polonkai 7d13a05f32
Add an article about 5.1 speakers and sitting posture
3 years ago
Gergely Polonkai 27196d3109
Add post about E2EE using Emacs matrix-client.el
3 years ago
Gergely Polonkai 1249112ef2
Make the Minari calendar display well on small devices
3 years ago
Gergely Polonkai 9de9dc9fbe
Fix the static path list in the config
3 years ago
Gergely Polonkai 2ffdd202f4
Fix timestamps in two articles
3 years ago
Gergely Polonkai 21000c1fc5
Fix the static pages
3 years ago
Gergely Polonkai cc72dd525c
Write a post about moving to Pelican
3 years ago
Gergely Polonkai d5c1c942f0
Convert the whole site to use Pelican instead of Jekyll
3 years ago
Gergely Polonkai 49961a3007
Create script to convert markdown posts to Org format
3 years ago
Gergely Polonkai 3d452d5640
Add draft for a post about cutting CSV lines at the 10th column
3 years ago
Gergely Polonkai 2ed1e51e64
Add article about recurring events
3 years ago
Gergely Polonkai 32924598a9
Fix link to the sun twins story
3 years ago
Gergely Polonkai 1bed33d65a
Use SASS instead of CSS
3 years ago
Gergely Polonkai e0640119ba
wip: local updates
3 years ago
Gergely Polonkai f8d33b6c4c
Add instructions for and ignore files related to using bundle
3 years ago
Gergely Polonkai 06969b3afc
wip: Upgrade to jekyll 4
3 years ago
Gergely Polonkai b0c029ef57
wip: use ForkAwesome fonts for the contact list
3 years ago
Gergely Polonkai af4fbf2ce8 Apply mobile style to symbolon controls
4 years ago
Gergely Polonkai beff57738f Fix typo on the symbolon page
4 years ago
Gergely Polonkai a0822eb344 Add read time script
4 years ago
Gergely Polonkai f123b01463 Add my PGP key
4 years ago
Gergely Polonkai 5eaefd30fb Create the Story layout
4 years ago
Gergely Polonkai e9996808be Remove Google stuff
4 years ago
Gergely Polonkai 3a1a8758fb Remove Disqus from the posts
4 years ago
Gergely Polonkai 4344328d4f Fix the Symbolon page
5 years ago
Gergely Polonkai 40c0d9f304 Add PGP proof file
5 years ago
Gergely Polonkai 0979b150db Rewrite the Symbolon page
5 years ago

5
.gitignore vendored

@ -1,2 +1,3 @@
/Gemfile.lock
_site/
__pycache__/
/output/
/gergelypolonkaieu_site.egg-info/

@ -1,2 +0,0 @@
(setq hyde/git/remote "origin"
hyde/git/remote-branch "master")

@ -1,11 +0,0 @@
---
layout: page
title: Not Found
permalink: /404.html
---
The page you are looking for is not here. Maybe it was but I have removed it. Most likely it was intentionally. If you think I made a mistake, please tell me.
{% if page.url contains '/akarmi' %}
If you are looking for the pictures that used to be here, you should definitely contact me. For reasons.
{% endif %}

@ -1 +0,0 @@
gergely.polonkai.eu

@ -1,3 +0,0 @@
source 'https://rubygems.org'
gem 'github-pages'

@ -0,0 +1,74 @@
PY?=python3
PELICAN?=pelican
PELICANOPTS=
BASEDIR=$(CURDIR)
INPUTDIR=$(BASEDIR)/content
OUTPUTDIR=$(BASEDIR)/output
CONFFILE=$(BASEDIR)/pelicanconf.py
PUBLISHCONF=$(BASEDIR)/publishconf.py
DEBUG ?= 0
ifeq ($(DEBUG), 1)
PELICANOPTS += -D
endif
RELATIVE ?= 0
ifeq ($(RELATIVE), 1)
PELICANOPTS += --relative-urls
endif
help:
@echo 'Makefile for a pelican Web site '
@echo ' '
@echo 'Usage: '
@echo ' make html (re)generate the web site '
@echo ' make clean remove the generated files '
@echo ' make regenerate regenerate files upon modification '
@echo ' make publish generate using production settings '
@echo ' make serve [PORT=8000] serve site at http://localhost:8000'
@echo ' make serve-global [SERVER=0.0.0.0] serve (as root) to $(SERVER):80 '
@echo ' make devserver [PORT=8000] serve and regenerate together '
@echo ' make ssh_upload upload the web site via SSH '
@echo ' make rsync_upload upload the web site via rsync+ssh '
@echo ' '
@echo 'Set the DEBUG variable to 1 to enable debugging, e.g. make DEBUG=1 html '
@echo 'Set the RELATIVE variable to 1 to enable relative urls '
@echo ' '
html:
$(PELICAN) $(INPUTDIR) -o $(OUTPUTDIR) -s $(CONFFILE) $(PELICANOPTS)
clean:
[ ! -d $(OUTPUTDIR) ] || rm -rf $(OUTPUTDIR)
regenerate:
$(PELICAN) -r $(INPUTDIR) -o $(OUTPUTDIR) -s $(CONFFILE) $(PELICANOPTS)
serve:
ifdef PORT
$(PELICAN) -l $(INPUTDIR) -o $(OUTPUTDIR) -s $(CONFFILE) $(PELICANOPTS) -p $(PORT)
else
$(PELICAN) -l $(INPUTDIR) -o $(OUTPUTDIR) -s $(CONFFILE) $(PELICANOPTS)
endif
serve-global:
ifdef SERVER
$(PELICAN) -l $(INPUTDIR) -o $(OUTPUTDIR) -s $(CONFFILE) $(PELICANOPTS) -p $(PORT) -b $(SERVER)
else
$(PELICAN) -l $(INPUTDIR) -o $(OUTPUTDIR) -s $(CONFFILE) $(PELICANOPTS) -p $(PORT) -b 0.0.0.0
endif
devserver:
ifdef PORT
$(PELICAN) -lr $(INPUTDIR) -o $(OUTPUTDIR) -s $(CONFFILE) $(PELICANOPTS) -p $(PORT)
else
$(PELICAN) -lr $(INPUTDIR) -o $(OUTPUTDIR) -s $(CONFFILE) $(PELICANOPTS)
endif
publish:
$(PELICAN) $(INPUTDIR) -o $(OUTPUTDIR) -s $(PUBLISHCONF) $(PELICANOPTS)
.PHONY: html help clean regenerate serve serve-global devserver publish

@ -1,2 +1,18 @@
gergelypolonkai.github.io
=========================
# Website of Gergely Polonkai
## Publishing to the web
```
poetry run pelican content
rsync --archive --verbose --human-readable --delete output/ /data/gergely.polonkai.eu/html
restorecon -vr /data/gergely.polonkai.eu/html
```
## Publishing to IPFS
```
poetry run pelican -s ipfspublish.py -o ipfs-version content
cd ipfs-version
ipfs add -r .
ipfs name publish --key=gergely.polonkai.eu /ipfs/XXX
```

@ -1,19 +0,0 @@
# Site settings
title: Gergely Polonkai
email: gergely@polonkai.eu
description: "developer, systems engineer and administrator"
baseurl: ""
url: "http://gergely.polonkai.eu"
timezone: Europe/Budapest
name: Gergely Polonkai
paginate: 10
paginate_path: "/blog/page/:num"
exclude: ['README.md', 'Gemfile', 'Gemfile.lock', 'CNAME', ".hyde.el"]
include: ['.well-known']
plugins:
- jekyll-gist
- jekyll-paginate
# Build settings
markdown: kramdown
permalink: pretty

@ -1,42 +0,0 @@
- text: E-mail
link: mailto:gergely@polonkai.eu
image: email.png
- text: Stack Exchange
link: http://stackexchange.com/users/1369500/gergelypolonkai
image: stackexchange.png
- text: LinkedIn
link: http://www.linkedin.com/in/gergelypolonkai
image: linkedin.png
- text: Skype
link: skype:gergely.polonkai
image: skype.png
- text: Facebook
link: http://facebook.com/Polesz
image: facebook.png
- text: Google+
link: https://plus.google.com/+GergelyPolonkai/about
image: google_plus.png
- text: Twitter
link: http://twitter.com/GergelyPolonkai
image: twitter.png
- text: Tumblr
link: http://gergelypolonkai.tumblr.com
image: tumblr.png
- text: deviantArt
link: http://gergelypolonkai.deviantart.com
image: deviantart.png
- text: Hashnode
link: https://hashnode.com/@gergelypolonkai
image: hashnode.png
- text: Keybase
link: https://keybase.io/gergelypolonkai
image: keybase.png
- text: Liberapay
link: https://liberapay.com/gergelypolonkai
image: liberapay.png
- text: Mastodon
link: https://social.polonkai.eu/@gergely
image: mastodon.png
- text: Pay me a coffee
link: https://paypal.me/GergelyPolonkai/250
image: paypal.png

File diff suppressed because it is too large Load Diff

@ -1,15 +0,0 @@
---
layout: post
title: "GtkActionable in action"
author:
name: "Gergely Polonkai"
email: "gergely@polonkai.eu"
---
I have seen several people (including myself) struggling with
disabling/enabling menu items, toolbar buttons and similar UI
interfaces based on different conditions. It gets even worse if there
are multiple representations of the same action in the same
application, e.g. a menu item and a toolbar button exists for the same
action. But with GTK+ 3.4, we have GtkAction, which is exactly for
this kind of situations.

@ -1,17 +0,0 @@
---
layout: post
title: "Measuring code coverage with codecov for libtool projects"
author:
name: "Gergely Polonkai"
email: "gergely@polonkai.eu"
---
I have recently found [codecov][https://codecov.io/]; they offer free
services for public GitHub projects. As I have recently started writing
tests for my SWE-GLib project, I decided to give it a go. Things are not
this easy if you use GNU Autotools and libtool, though…
The problem here is that these tools generate output under `src/.libs/`
(given that your sources are under `src/`) and `gcov` has hard times
finding the coverage data files. Well, at least in the codecov
environment, it works fine on my machine.

@ -1,326 +0,0 @@
---
layout: post
title: "Writing a GNOME Shell extension"
---
I could not find a good tutorial on how to write a GNOME Shell
extension. There is a so called step by step
[instruction list](https://wiki.gnome.org/Projects/GnomeShell/Extensions/StepByStepTutorial)
on how to do it, but it has its flaws, including grammar and clearance.
As I wanted to create an extension for my SWE GLib library to display
the current position of some planets, I dug into existing (and working)
extensions source code and made up something. Comments welcome!
---
GNOME Shell extensions are written in JavaScript and are interpreted
by [GJS](https://wiki.gnome.org/action/show/Projects/Gjs). Using
introspected libraries from JavaScript is not a problem for me (see
SWE GLibs
[Javascript example](https://github.com/gergelypolonkai/swe-glib/blob/master/examples/basic.js);
its not beautiful, but its working), but wrapping your head around
the Shells concept can take some time.
The Shell is a Clutter stage, and all the buttons (including the
top-right “Activities” button) are actors on this stage. You can add
practically anything to the Shell panel that you can add to a Clutter
stage.
The other thing to remember is the lifecycle of a Shell
extension. After calling `init()`, there are two ways forward: you
either use a so called extension controller, or plain old JavaScript
functions `enable()` and `disable()`; I will go on with the former
method for reasons discussed later.
If you are fine with the `enable()`/`disable()` function version, you
can ease your job with the following command:
```
gnome-shell-extension-tool --create-extension
```
This will ask you a few parameters and create the necessary files for
you. On what these parameters should look like, please come with me to
the next section.
## Placement and naming
Extensions reside under `$HOME/.local/share/gnome-shell/extensions`,
where each of them have its own directory. The directory name has to be
unique, of course; to achieve this, they are usually the same as the
UUID of the extension.
The UUID is a string of alphanumeric characters, with some extras added.
Generally, it should match this regular expression:
`^[-a-zA-Z0-9@._]+$`. The convention is to use the form
`extension-name@author-id`, e.g. `Planets@gergely.polonkai.eu`. Please
see
[this link](https://wiki.gnome.org/Projects/GnomeShell/Extensions/UUIDGuidelines)
for some more information about this.
## Anatomy of an extension
Extensions consist of two main parts, `metadata.json` and
`extension.js`.
The `metadata.json` file contains compatibility information and, well,
some meta data:
```json
{
"shell-version": ["3.18"],
"uuid": "planets@gergely.polonkai.eu",
"name": "Planets",
"description": "Display current planet positions"
}
```
Here, `shell-version` must contain all versions of GNOME Shell that is
known to load and display your extension correctly. You can insert minor
versions here, like I did, or exact version numbers, like `3.18.1`.
In the `extension.js` file, which contains the actual extension code,
the only thing you actually need is an `init()` function:
```javascript
function init(extensionMeta) {
// Do whatever it takes to initialize your extension, like
// initializing the translations. However, never do any widget
// magic here yet.
// Then return the controller object
return new ExtensionController(extensionMeta);
}
```
## Extension controller
So far so good, but what is this extension controller thing? It is an
object which is capable of managing your GNOME Shell extension. Whenever
the extension is loaded, its `enable()` method is called; when the
extension is unloaded, you guessed it, the `disable()` method gets
called.
```javascript
function ExtensionController(extensionMeta) {
return {
extensionMeta: extensionMeta,
extension: null,
enable: function() {
this.extension = new PlanetsExtension(this.extensionMeta);
Main.panel.addToStatusArea("planets",
this.extension,
0, "right");
},
disable: function() {
this.extension.actor.destroy();
this.extension.destroy();
this.extension = null;
}
}
}
```
This controller will create a new instance of the `PlanetsExtension`
class and add it to the panels right side when loaded. Upon
unloading, the extensions actor gets destroyed (which, as you will
see later, gets created behind the scenes, not directly by us),
together with the extension itself. Also, for safety measures, the
extension is set to `null`.
## The extension
The extension is a bit more tricky, as, for convenience reasons, it
should extend an existing panel widget type.
```javascript
function PlanetsExtension(extensionMeta) {
this._init(extensionMeta);
}
PlanetsExtension.prototype = {
__proto__ = PanelMenu.Button.prototype,
_init: function(extensionMeta) {
PanelMenu.Button.prototype._init.call(this, 0.0);
this.extensionMeta = extensionMeta;
this.panelContainer = new St.BoxLayout({style_class: 'panel-box'});
this.actor.add_actor(this.panelContainer);
this.actor.add_style_class_name('panel-status-button');
this.panelLabel = new St.Label({
text: 'Loading',
y_align: Clutter.ActorAlign.CENTER
});
this.panelContainer.add(this.panelLabel);
}
};
```
Here we extend the Button class of panelMenu, so we will be able to do
some action upon activate.
The only parameter passed to the parents `_init()` function is
`menuAlignment`, with the value `0.0`, which is used to position the
menu arrow. (_Note: I cannot find any documentation on this, but it
seems that with the value `0.0`, a menu arrow is not added._)
The extension class in its current form is capable of creating the
actual panel button displaying the text “Loading” in its center.
## Loading up the extension
Now with all the necessary import lines added:
```javascript
// The PanelMenu module that contains Button
const PanelMenu = imports.ui.panelMenu;
// The St class that contains lots of UI functions
const St = imports.gi.St;
// Clutter, which is used for displaying everything
const Clutter = imports.gi.Clutter;
```
As soon as this file is ready, you can restart your Shell (press
Alt-F2 and enter the command `r`), and load the extension with
e.g. the GNOME Tweak Tool. You will see the Planets button on the
right. This little label showing the static text “Planets”, however,
is pretty boring, so lets add some action.
## Adding some periodical change
Since the planets position continuously change, we should update our
widget every minute or so. Lets patch our `_init()` a bit:
```javascript
this.last_update = 0;
MainLoop.timeout_add(1, Lang.bind(this, function() {
this.last_update++;
this.panelLabel.set_text("Update_count: " + this.last_update);
}))
```
This, of course, needs a new import line for `MainLoop` to become available:
```javascript
const MainLoop = imports.mainloop;
const Lang = imports.lang;
```
Now if you restart your Shell, your brand new extension will increase
its counter every second. This, however, presents some problems.
SWE GLib queries can sometimes be expensive, both in CPU and disk
operations, so updating our widget every second may present problems.
Also, planets dont go **that** fast. We may update our timeout value
from `1` to `60` or something, but why dont just give our user a chance
to set it?
## Introducing settings
Getting settings from `GSettings` is barely straightforward, especially
for software installed in a non-GNOME directory (which includes
extensions). To make our lives easier, I copied over a
[convenience library](https://github.com/projecthamster/shell-extension/blob/master/convenience.js)
from the [Hamster project](https://projecthamster.wordpress.com/)s
extension, originally written by Giovanni Campagna. The relevant
function here is `getSettings()`:
```javascript
/**
* getSettings:
* @schema: (optional): the GSettings schema id
*
* Builds and return a GSettings schema for @schema, using schema files
* in extensionsdir/schemas. If @schema is not provided, it is taken from
* metadata['settings-schema'].
*/
function getSettings(schema) {
let extension = ExtensionUtils.getCurrentExtension();
schema = schema || extension.metadata['settings-schema'];
const GioSSS = Gio.SettingsSchemaSource;
// check if this extension was built with "make zip-file", and thus
// has the schema files in a subfolder
// otherwise assume that extension has been installed in the
// same prefix as gnome-shell (and therefore schemas are available
// in the standard folders)
let schemaDir = extension.dir.get_child('schemas');
let schemaSource;
if (schemaDir.query_exists(null))
schemaSource = GioSSS.new_from_directory(schemaDir.get_path(),
GioSSS.get_default(),
false);
else
schemaSource = GioSSS.get_default();
let schemaObj = schemaSource.lookup(schema, true);
if (!schemaObj)
throw new Error('Schema ' + schema + ' could not be found for extension '
+ extension.metadata.uuid + '. Please check your installation.');
return new Gio.Settings({ settings_schema: schemaObj });
}
```
You can either incorporate this function into your `extension.js` file,
or just use `convenience.js` file like I (and the Hamster applet) did
and import it:
```javascript
const ExtensionUtils = imports.misc.extensionUtils;
const Me = ExtensionUtils.getCurrentExtension;
const Convenience = Me.imports.convenience;
```
Now lets create the settings definition. GSettings schema files are XML
files. We want to add only one settings for now, the refresh interval.
```xml
<?xml version="1.0" encoding="utf-8"?>
<schemalist>
<schema id="org.gnome.shell.extensions.planets" path="/org/gnome/shell/extensions/planets/">
<key name="refresh-interval" type="i">
<default>30</default>
<summary>Refresh interval of planet data</summary>
<description>Interval in seconds. Sets how often the planet positions are recalculated. Setting this too low (e.g. below 30) may raise performance issues.</description>
</key>
</schema>
</schemalist>
```
you need to compile these settings with
glib-compile-schemas --strict schemas/
Now lets utilize this new setting. In the extensions `_init()`
function, add the following line:
```javascript
this._settings = Convenience.getSettings();
```
And, for `getSettings()` to work correctly, we also need to extend our
`metadata.json` file:
```json
"settings-schema": "planets"
```
After another restart (please, GNOME guys, add an option to reload
extensions!), your brand new widget will refresh every 30 seconds.
## Displaying the planet positions
## The settings panel
## Start an application

@ -1,67 +0,0 @@
---
layout: post
title: "Lessens you learn while writing an SDK"
date: 2016-03-19 12:34:56
tags: [development]
published: false
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
In the last few months Ive been working on a GLib based SDK for
client applications that want to communicate with a Matrix.org
homeserver.
For whoever doesnt know it, Matrix is a decentralized network of
servers (Homeservers). Clients can connect to them via HTTP and send
messages (events, in Matrix terminology) to each other. They are
called events because these messages can be pretty much anything from
instant messages through automated notifications to files or, well,
actual events (such as a vCalendar); anything that you can serialize
to JSON can go through this network.
My original intention was to integrate Matrix based chat into
Telepathy, a DBus based messaging framework used by e.g. the GNOME
desktop (more specifically Empathy, GNOME's chat client.) After
announcing my plans among the Matrix devs, I quickly learned some
things:
1. they are more than open to any development ideas
1. they really wanted to see this working
1. they would have been happy if there were a GLib or Qt based SDK
With my (far from complete) knowledge in GLib I decided to move on
with this last point, hoping that it will help me much when I finally
implement the Telepathy plugin.
## Matrix devs are open minded
What I learned very quickly is that Matrix devs are very open minded
folks from different parts of the world. They are all individuals with
their own ideas, experiences and quirks, yet, when it comes to that,
they steer towards their goals as a community. Thus, getting
additional information from them while reading the spec was super
easy.
## The specification is easy to understand
Except when it is not. For these cases, see the previous point.
Jokes asidu, anyone who worked with communications protocols or JSON
APIs before can get along with it fast. The endpoints are all
documented, and if something is unclear, they are happy to help
(especially if you patch up the spec afterwards.)
## Copying the SDK for a different language is not (always) what you want
I started my SDK in C, trying to mimic the Python SDK. This was a
double fail: the Python SDK was a volatile WiP, and C and Python are
fundamentally different.
During the upcoming weeks this became clear and I switched to the Vala
language. It is much easier to write GObject based stuff in Vala,
although I had to fall back to C to get some features working. I also
planned and implemented a more object oriented API, which is easier to
use in the GObject world.

@ -1,27 +0,0 @@
<p>
Gergely Polonkai is a systems engineer of a telco company, and
also a freelancer self- and software developer.
</p>
<p>
He is learning about different IT subjects since the late
1990s. These include web development, application building,
systems engineering, IT security and many others. He also dug his
nose deeply into free software, dealing with different types of
Linux and its applications,
while also writing and contributing to some open source projects.
</p>
<p>
On this site he is writing posts about different stuff he faces
during work (oh my, yet another IT solutions blog), hoping they
can help others with their job, or just to get along with their
brand new netbook that shipped with Linux.
</p>
<p>
“I believe one can only achieve success if they follow their own
instincts and listen to, but not bend under others opinions. If
you change your course just because someone says so, you are
following their instincts, not yours.”
</p>

@ -1,49 +0,0 @@
<article class="{% if page.post_listing %}col-sm-5 col-md-6 {% endif%}post">
{% if page.post_listing %}
<ul class="list-inline">
<li class="col-md-8">
{% endif %}
<header class="post-header">
{% if page.tag %}
<h5>
{% else %}
<h3>
{% endif %}
{% if page.post_listing %}
<a href="{{post.url | prepend: site.baseurl}}">
{% endif %}
{{post.title}}
{% if page.post_listing %}
</a>
{% endif %}
{% if layout.render_post %}
<div class="plusone-container"><div class="g-plusone" data-annotation="inline" data-size="small" data-width="300"></div></div>
{% endif %}
{% if page.tag %}
</h5>
{% else %}
</h3>
{% endif %}
<div class="meta pull-left">
{{post.author.name}}
</div>
<div class="meta pull-right">
{{post.date | date: "%b %-d, %Y :: %H:%M"}}
</div>
<div class="clearfix"></div>
</header>
<main>
{% if layout.render_post %}
{{content}}
{% else %}
{{post.excerpt}}
{% endif %}
</main>
{% include tag-link.html %}
{% if layout.post_listing %}
</li>
</ul>
{% endif %}
</article>

@ -1,14 +0,0 @@
<div id="disqus_thread"></div>
<script type="text/javascript">
var disqus_shortname = 'gergelypolonkai';
(function() {
var dsq = document.createElement('script');
dsq.type = 'text/javascript';
dsq.async = true;
dsq.src = '//' + disqus_shortname + '.disqus.com/embed.js';
(document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);
})();
</script>
<noscript>Please enable JavaScript to view the <a href="http://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript>
<a href="http://disqus.com" class="dsq-brlink">comments powered by <span class="logo-disqus">Disqus</span></a>

@ -1,16 +0,0 @@
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="keywords" content="{{page.keywords}}">
<meta name="description" content="Personal page of Gergely Polonkai">
<title>Gergely Polonkai{% if page.title %}: {{page.title}}{% endif %}</title>
<link rel="icon" type="image/x-icon" href="{{'/favicon.ico' | prepend: site.baseurl}}">
<link href="https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic" rel="stylesheet" type="text/css">
<link rel="alternate" type="application/rss+xml" title="Gergely Polonkai's Blog - RSS Feed" href="{{site.url}}/blog/atom.xml">
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">
<link rel="stylesheet" href="{{'/css/style.css' | prepend: site.baseurl}}">
<link href="https://cdnjs.cloudflare.com/ajax/libs/jquery.terminal/1.6.3/css/jquery.terminal.min.css" rel="stylesheet"/>
<script type="text/javascript" src="//code.jquery.com/jquery-2.1.3.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery.terminal/1.6.3/js/jquery.terminal.min.js"></script>

@ -1,35 +0,0 @@
<div class="navbar navbar-inverse navbar-fixed-top">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#gp-navbar">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="{{'/' | prepend: site.baseurl}}"><img src="{{'/images/profile.svg' | prepend: site.baseurl}}" alt="Gergely Polonkai" style="background-color: white; height: 45px; margin-top: -13px;"></a>
{% if page.url != '/' %}
<a class="navbar-brand" href="{{'/' | prepend: site.baseurl}}">Gergely Polonkai</a>
{% endif %}
</div>
<div class="collapse navbar-collapse" id="gp-navbar">
<ul class="nav navbar-nav">
<li><a href="{{'/blog' | prepend: site.baseurl}}">Blog</a></li>
<li><a href="{{'/resume' | prepend: site.baseurl}}">Resume</a></li>
<li><a href="{{'/stories' | prepend: site.baseurl}}">Stories</a></li>
</ul>
<ul class="nav navbar-nav navbar-right">
<li><a href="https://about.me/gergely.polonkai">about.me</a></li>
<li><a href="{{'/disclaimer' | prepend: site.baseurl}}">Disclaimer</a></li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false"><span class="glyphicon glyphicon-pencil"></span> Contact me <span class="caret"></span></a>
<ul class="dropdown-menu" role="menu">
{% for contact in site.data.contacts %}
<li><a href="{{contact.link}}" target="_blank"><img src="{{'/images/contact/' | prepend: site.baseurl | append: contact.image}}" alt="" /> {{contact.text}}</a></li>
{% endfor %}
<li><a href="{{'/blog/atom.xml' | prepend: site.baseurl}}"><img src="{{'/images/contact/feed.png' | prepend: site.baseurl}}" alt="" /> RSS Feed</a></li>
</ul>
</li>
</ul>
</div>
</div>
</div>

@ -1,17 +0,0 @@
<nav>
<ul class="pagination">
<li{% if paginator.previous_page == null %} class="disabled"{% endif %}>
<a href="{{paginator.previous_page_path | prepend: site.baseurl | replace: '//', '/'}}" aria-label="Previous page">
<span aria-hidden="true">&laquo;</span>
</a>
</li>
{% for page in (1..paginator.total_pages) %}
<li{% if paginator.page == page %} class="active"{% endif %}><a href="{% if page == 1 %}{{'/blog' | prepend: site.baseurl}}{% else %}{{site.paginate_path | prepend: site.baseurl | replace: '//', '/' | replace: ':num', page}}{% endif %}">{{page}}</a></li>
{% endfor %}
<li{% if paginator.next_page == null %} class="disabled"{% endif %}>
<a href="{{paginator.next_page_path | prepend: site.baseurl | replace: '//', '/'}}" aria-label="Next page">
<span aria-hidden="true">&raquo;</span>
</a>
</li>
</ul>
</nav>

@ -1,9 +0,0 @@
<div class="container-fluid">
{% for post in posts limit: post_limit %}
{% capture counter %}{% cycle 'odd', 'even' %}{% endcapture %}
{% include blog-post.html %}
{% if counter == 'even' %}
<div class="clearfix"></div>
{% endif %}
{% endfor %}
</div>

@ -1,11 +0,0 @@
{% capture tagsize %}{{post.tags | size}}{% endcapture %}
{% if tagsize != '0' %}
<footer>
<p class="article-tags">
{% for tag in post.tags %}
<a href="{{tag | prepend: '/blog/tag/' | prepend: site.baseurl}}" class="tag-label">{{tag}}</a>
{% endfor %}
</p>
<br class="clearfix">
</footer>
{% endif %}

@ -1,130 +0,0 @@
<!DOCTYPE html>
<html>
<head>
{% include head.html %}
</head>
<body>
{% include header.html %}
<div class="container" id="main-container">
{{content}}
{% if page.name != 'about.html' %}
<div class="well well-sm small">
<div class="pull-left" id="about-well-image">
<a href="{{ site_url }}/about/">
<img src="{{'/images/profile.svg' | prepend: site.baseurl}}" alt="">
</a>
</div>
{% include about.html %}
<div class="clearfix"></div>
</div>
{% endif %}
</div>
<script type="text/javascript">
$(document).ready(function() {
$('#tagcloud-button').click(function() {
$('#tag-cloud').toggle('slow');
});
});
(function() {
var po = document.createElement('script');
po.type = 'text/javascript';
po.async = true;
po.src = 'https://apis.google.com/js/client:plusone.js?onload=start';
var s = document.getElementsByTagName('script')[0];
s.parentNode.insertBefore(po, s);
})();
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-43569023-1', 'polonkai.eu');
ga('send', 'pageview');
jQuery.extend_if_has = function(desc, source, array) {
for (var i=array.length;i--;) {
if (typeof source[array[i]] != 'undefined') {
desc[array[i]] = source[array[i]];
}
}
return desc;
};
(function($) {
$.fn.tilda = function(eval, options) {
if ($('body').data('tilda')) {
return $('body').data('tilda').terminal;
}
this.addClass('tilda');
options = options || {};
eval = eval || function(command, term) {
term.echo("you don't set eval for tilda");
};
var settings = {
prompt: 'guest@gergely.polonkai.eu> ',
name: 'tilda',
height: 400,
enabled: false,
greetings: 'Welcome to my Terminal. Type `help\' to list the available commands.\n\nPowered by http://terminal.jcubic.pl',
keypress: function(e) {
if (e.which == 96) {
return false;
}
}
};
if (options) {
$.extend(settings, options);
}
this.append('<div class="td"></div>');
var self = this;
self.terminal = this.find('.td').terminal(eval, settings);
var focus = false;
$(document.documentElement).keypress(function(e) {
console.log(e);
if (e.which == 96) {
self.slideToggle('fast');
self.terminal.focus(focus = !focus);
self.terminal.attr({
scrollTop: self.terminal.attr("scrollHeight")
});
}
});
$('body').data('tilda', this);
this.hide();
return self;
};
})(jQuery);
String.prototype.strip = function(char) {
return this.replace(new RegExp("^\\s*"), '')
.replace(new RegExp("\\s*$"), '');
}
jQuery(document).ready(function($) {
$('#tilda').tilda(function(command, terminal) {
command = command.strip();
switch (command) {
case 'help':
terminal.echo('about - Go to the about page');
terminal.echo(' ');
terminal.echo('More commands will follow soon!');
break;
case 'about':
location = '{{ site_url }}/about/';
break;
default:
terminal.echo(command + ': command not found');
break;
}
});
});
</script>
<div id="tilda"></div>
</body>
</html>

@ -1,15 +0,0 @@
---
layout: default
---
<div class="post">
<header class="post-header">
<h2>{{page.title}}</h2>
<div class="clearfix"></div>
</header>
<article class="post-content">
{{content}}
</article>
</div>

@ -1,20 +0,0 @@
---
layout: default
render_post: true
---
{% assign post = page %}
{% include blog-post.html %}
<div class="g-plus" data-action="share" data-height="15"></div>
<nav>
<ul class="pager">
{% if page.previous %}
<li class="previous"><a href="{{page.previous.url | prepend: site.baseurl}}">&larr; {{page.previous.title}}</a></li>
{% endif %}
{% if page.next %}
<li class="next"><a href="{{page.next.url | prepend: site.baseurl}}">{{page.next.title}} &rarr;</a></li>
{% endif %}
</ul>
</nav>
{% include disqus.html %}

@ -1,15 +0,0 @@
---
layout: default
post_listing: true
---
<h3 class="tag">{{ page.tag }}</h3>
{{content}}
<h4>Articles under this tag</h4>
{% if site.tags[page.tag] %}
{% assign posts = site.tags[page.tag] %}
{% include post-list.html %}
{% else %}
No posts with this tag.
{% endif %}

@ -1,43 +0,0 @@
#! /bin/sh
#
# Find all tags in all posts under _posts, and generate a file for
# each under blog/tag. Also, if a tag page does not contain the tag:
# or layout: keywords, the script will include them in the front
# matter.
layout="posts-by-tag"
for tag in `grep -h ^tags: _posts/* | sed -re 's/^tags: +\[//' -e 's/\]$//' -e 's/, /\n/g' | sort | uniq`
do
tag_file="blog/tag/${tag}.md"
echo -n "[$tag] "
if [ ! -f $tag_file ]
then
echo "creating ($tag_file)"
cat <<EOF > $tag_file
---
layout: $layout
tag: $tag
---
EOF
else
updated=0
if ! egrep "^tag: +${tag}$" $tag_file 2>&1 > /dev/null; then
echo "adding tag"
sed -i "0,/---/! s/---/tag: $tag\\n---/" $tag_file
updated=1
fi
if ! egrep "^layout: +" $tag_file 2>&1 > /dev/null; then
echo "adding layout"
sed -i "0,/---/! s/---/layout: $layout\\n---/" $tag_file
updated=1
fi
if [ $updated = 0 ]; then
echo ""
fi
fi
done

@ -1,29 +0,0 @@
---
layout: post
title: "Ethical Hacking 2012"
date: 2011-05-12 20:54:42
tags: [conference]
permalink: /blog/2011/5/12/ethical-hacking-2011
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Today I went to the Ethical Hacking conference with my boss. It was my first
appearance at such conferences, but I hope there will be more. Although we
just started to redesign our IT security infrastructure with a 90% clear goal,
it was nice to hear that everything is vulnerable. I was thinking if we should
sell all our IT equipments, fire all our colleagues (you know, to prevent
social engineering), and move to the South Americas to herd llamas or sheep,
so the only danger would be some lurking pumas or jaguars. Or I simply leave
my old background image on my desktop, from the well-known game, which says:
Trust is a weakness.
Anyways, the conference was really nice. We heard about the weaknesses of
Android, Oracle, and even FireWire. They showed some demos about everything,
exploited some free and commercial software with no problem at all. We have
seen how much power the virtualisation admin has (although I think it can be
prevented, but Im not sure yet). However, in the end, we could see that the
Cloud is secure (or at least it can be, in a few months or so), so Im not
totally pessimistic. See you next time at Hacktivity!

@ -1,88 +0,0 @@
---
layout: post
title: "Gentoo hardened desktop with GNOME 3 Round one"
date: 2011-05-12 20:32:41
tags: [gentoo, gnome3, selinux]
permalink: /blog/2011/5/12/gentoo-hardened-desktop-with-gnome-3-round-one
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
After having some hard times with Ubuntu (upgrading from 10.10 to 11.04), I
decided to switch back to my old friend, Gentoo. As Im currently learning
about Linux hardening, I decided to use the new SELinux profile, which
supports the v2 reference policy.
Installation was pretty easy, using the [Gentoo x86
Handbook](http://www.gentoo.org/doc/hu/handbook/handbook-x86.xml). This profile
automatically turns on the `USE=selinux` flag (so does the old SELinux
profile), but deprecated `FEATURE=loadpolicy` (which is turned on by the
profile, so portage will complain about it until you disable it in
`/etc/make.conf`).
For the kernel, I chose `hardened-sources-2.6.37-r7`. This seems to be recent
enough for my security testing needs. I turned on both SELinux, PaX and
grsecurity. So far, I have no problem with it, but I dont have X installed
yet, which will screw up things for sure.
After having those hard times with Ubuntu mentioned before, I decided not to
install Grub2 yet, as it renders things unusable (eg. my Windows 7
installation, which I sometimes need at the office). So I installed Grub 0.97
(this is the only version marked as stable, as I remember), touched
`/.autorelabel`, and reboot.
My first mistake was using an UUID as the root device on the kernel parameter
list (I dont want to list all the small mistakes like forgetting to include to
correct SATA driver from my kernel and such). Maybe I was lame, but after
including `/dev/sda5` instead of the UUID thing, it worked like…
Well, charm would not be the good word. For example, I forgot to install the
lvm2 package, so nothing was mounted except my root partition. After I
installed it with the install CD, I assumed everything will be all right, but
I was wrong.
udev and LVM is a critical point in a hardened environment. udev itself
doesnt want to work without the `CONFIG_DEVFS_TEMPFS=y` kernel option, so I
also had to change that. It seemed that it can be done without the install CD,
as it compiled the kernel with no problems. However, when it reached the point
when it compresses the kernel with gzip, it stopped with a `Permission denied`
message (although it was running with root privileges).
The most beautiful thing in the hardened environment with Mandatory Access
Control enabled) is that root is not a real power user any more by default.
You can get this kind of messages many times. There are many tools to debug
these, I will talk about these later.
So, my gzip needed a fix. After digging a bit on the Internet, I found that
the guilty thing is text relocation, which can be corrected if gzip is
compiled with PIC enabled. Thus, I turned on `USE=pic` flag globally, and
tried to remerge gzip. Of course it failed, as it had to use gzip to unpack
the gzip sources. So it did when I tried to install the PaX tools and gradm to
turn these checks off. The install CD came to the rescue again, with which I
successfully recompiled gzip, and with this new gzip, I compressed my new
kernel, with which udev started successfully. So far, so good, lets try to
reboot!
Damn, LVM is still not working. So I decided to finally consult the Gentoo
hardened guide. It says that the LVM startup scripts under `/lib/rcscripts/…`
must be modified, so LVM will put its lock files under `/etc/lvm/lock` instead
of `/dev/.lvm`. After this step and a reboot, LVM worked fine (finally).
The next thing was the file system labelling. SELinux should automatically
relabel the entire file system at boot time whenever it finds the
`/.autorelabel` file. Well, in my case it didnt happen. After checking the
[Gentoo Hardening](http://wiki.gentoo.org/wiki/Hardened_Gentoo) docs, I realised that the `rlpkg` program does exactly the same
(as far as I know, it is designed specifically for Gentoo). So I ran `rlpkg`,
and was kind of shocked. It says it will relabel ext2, ext3, xfs and JFS
partitions. Oh great, no ext4 support? Well, consulting the forums and adding
some extra lines to `/etc/portage/package.keywords` solved the problem (`rlpkg`
and some dependencies had to have the `~x86` keyword set). Thus, `rlpkg`
relabelled my file systems (I checked some directories with `ls -lZ`, it seemed
good for me).
Now it seems that everything is working fine, except the tons of audit
messages. Tomorrow I will check them with `audit2why` or `audit2allow` to see if
it is related with my SELinux lameness, or with a bug in the policy included
with Gentoo.

@ -1,35 +0,0 @@
---
layout: post
title: "Zabbix performance tip"
date: 2011-05-13 19:03:31
tags: [zabbix, monitoring]
permalink: /blog/2011/5/13/zabbix-performance-tip
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Recently I have switched from [MRTG](http://oss.oetiker.ch/mrtg/) + [Cacti](http://www.cacti.net/) + [Nagios](http://www.nagios.org/) + [Gnokii](http://www.gnokii.org/) to [Zabbix](http://www.zabbix.com/), and I
must say Im more than satisfied with it. It can do anything the former tools
did, and much more. First of all, it can do the same monitoring as Nagios did,
but it does much more fine. It can check several parameters within one
request, so network traffic is kept down. Also, its web front-end can generate
any kinds of graphs from the collected data, which took Cacti away. Also, it
can do SNMP queries (v1-v3), so querying my switches port states and traffic
made easy, taking MRTG out of the picture (I know Cacti can do it either, it
had historical reasons we had both tools installed). And the best part: it can
send SMS messages via a GSM modem natively, while Nagios had to use Gnokii.
The trade-off is, I had to install Zabbix agent on all my monitored machines,
but I think it worths the price. I even have had to install NRPE to monitor
some parameters, which can be a pain on Windows hosts, while Zabbix natively
supports Windows, Linux and Mac OS/X.
So I only had to create a MySQL database (which I already had for NOD32
central management), and install Zabbix server. Everything went fine, until I
reached about 1300 monitored parameters. MySQL seemed to be a bit slow on disk
writes, so my Zabbix “queue” filled up in no time. After reading some forums,
I decided to switch to PostgreSQL instead. Now it works like charm, even with
the default Debian settings. However, I will have to add several more
parameters, and my boss wants as many graphs as you can imagine, so Im more
than sure that I will have to fine tune my database later.

@ -1,29 +0,0 @@
---
layout: post
title: "Gentoo hardened desktop with GNOME 3 Round two"
date: 2011-05-18 10:28:14
tags: [gentoo, gnome3, selinux]
permalink: /blog/2011/5/18/gentoo-hardened-desktop-with-gnome-3-round-two
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
After several hours of `package.keywords`/`package.use` editing and package
compiling, I managed to install GNOME 3 on my notebook. Well, I mean, the
GNOME 3 packages. Unfortunately the fglrx driver didnt seem to recognise my
ATI Mobility M56P card, and the open source driver didnt want to give me GLX
support. When I finally found some clues on what should I do, I had to use my
notebook for work, so I installed Fedora 14 on it. Then I realised that GNOME
3 is already included in Rawhide (Fedora 15), so I quickly downloaded and
installed that instead. Now I have to keep this machine in a working state for
a few days, so I will learn SELinux stuff in its native environment.
When I installed Fedora 14, the first AVC message popped up after about ten
minutes. That was a good thing, as I wanted to see `setroubleshoot` in action.
However, in Fedora 15, the AVC bubbles didnt show up even after a day. I
raised my left eyebrow and said thats impossible, SELinux must be disabled.
And its not! Its even in enforcing mode! And it works just fine. I like it,
and I hope I will be able to get the same results with Gentoo if I can get
back to testing…

@ -1,41 +0,0 @@
---
layout: post
title: "Citrix XenServer 5.5 vs. Debian 5.0 upgrade to 6.0"
date: 2011-05-27 17:33:41
tags: [citrix-xenserver, debian]
permalink: /blog/2011/5/27/citrix-xenserver-vs-debian-5-0-upgrade-to-6-0
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Few weeks ago Ive upgraded two of our Debian based application servers from
5.0 to 6.0. Everything went fine, as the upgraded packages worked well with
the 4.2 JBoss instances. For the new kernel we needed a reboot, but as the
network had to be rebuilt, I postponed this reboot until the network changes.
With the network, everything went fine again, we successfully migrated our
mail servers behind a firewall. Also the Xen server (5.5.0, upgrade to 5.6
still has to wait for a week or so) revolted well with some storage disks
added. But the application servers remained silent…
After checking the console, I realised that they dont have an active console.
And when I tried to manually start them, XenServer refused with a message
regarding pygrub.
To understand the problem, I had to understand how XenServer boots Debian. It
reads the grub.conf on the first partitions root or `/boot` directory, and
starts the first option, without asking (correct me, if Im mistaken
somewhere). However, this pygrub thing can not parse the new, grub2 config.
This is kinda frustrating.
For the first step, I quickly installed a new Debian 5.0 system from my
template. Then I attached the disks of the faulty virtual machine, and mounted
all its partitions. This way I could reach my faulty 6.0 system with a chroot
shell, from which I could install the `grub-legacy` package instead of grub,
install the necessary kernel and XenServer tools (which were missing from both
machines somehow), then halt the rescue system, and start up the original
instance.
Next week I will do an upgrade on the XenServer to 5.6.1. I hope no such
problems will occur.

@ -1,25 +0,0 @@
---
layout: post
title: "Oracle Database “incompatible” with Oracle Linux?"
date: 2011-05-27 17:53:31
tags: [linux, oracle]
permalink: /blog/2011/5/27/oracle-database-incompatible-with-oracle-linux
published: true
author:
name: Gergely Polonkai
email: gergely@polonkai.eu
---
Today I gave a shot to install [Oracle
Linux](http://www.oracle.com/us/technologies/linux/overview/index.html). I thought I could easily install
an Oracle DBA on it. Well, I was naive.
As only the 5.2 version is supported by XenServer 5.5, I downloaded that
version of Oracle Linux. Installing it was surprisingly fast and easy, it
asked almost nothing, and booted without any problems.
After this came the DBA, 10.2, which bloated an error message in my face
saying that this is an unsupported version of Linux. Bah.
Is it only me, or is it really strange that Oracle doesnt support their own
distro?