high wisdom


February 2009 Archives


Tue Feb 24 13:39:30 IST 2009

ssh authentication via mysql (pam_mysql)

There's not much info on the interwebs on why ssh authentication via pam_mysql fails, and there are definitely some misleading answers like

when logging in via ssh, the ssh daemon checks some files in ~/,
so it can be done if the user already have a valid home directory.
from this thread.

The real reason why it doesn't successfully authenticate is because ssh does a getpwent() call to check if the user exists on the system. If you're using just a PAM solution (which doesn't provide accounts), that call fails if there isn't any such local user. sshd then sets the password to '^H ^M INCORRECT' before passing it to PAM, which obviously thinks it's the wrong password. The simple (and probably unscalable - but then you should be using something like nss_mysql) solution is to add local accounts to the machines for these users. That will make the getpwent() call succeed, and sshd will authenticate successfully via PAM.

I've mentioned this earlier.


Posted by gera | Permanent link | File under: tricks, technology, hacks | [ 0 ]

Tue Feb 24 12:50:38 IST 2009

Shell-fu

A few shell tricks that I picked up.
Variable manipulation:
gera@gera-laptop:~$ BAR=bar
gera@gera-laptop:~$ echo $FOO

gera@gera-laptop:~$ echo $BAR
bar
gera@gera-laptop:~$ echo ${FOO:-baz}
baz
gera@gera-laptop:~$ echo $FOO

gera@gera-laptop:~$ echo ${FOO:-$BAR}
bar
gera@gera-laptop:~$ echo $FOO

gera@gera-laptop:~$ echo ${FOO:=newvalue}
newvalue
gera@gera-laptop:~$ echo $FOO
newvalue
gera@gera-laptop:~$ echo ${BAR:=newvalue}
bar
gera@gera-laptop:~$ echo $BAR
bar
More here.

Here strings - which are like here docs.
gera@gera-laptop:~$ cat <<END
> foo
> bar
> baz spam eggs
> END
foo
bar
baz spam eggs
gera@gera-laptop:~$ cat <<<"foo bar baz spam eggs"
foo bar baz spam eggs
Although you can do the same with a piped echo, the here string saves you a process (the echo). Still, I'm looking for a more convincing use case.
gera@gera-laptop:~$ echo "foo bar baz spam eggs" | cat
foo bar baz spam eggs

Posted by gera | Permanent link | [ 0 ]

Mon Feb 23 17:53:13 IST 2009

CSS changes

This page (and related ones) should look much better (for varying definitions of that word) due to some style changes. It definitely is more readable on my browser.

If you're running IE, fix your browser.

Posted by gera | Permanent link | File under: uncategorized | [ 0 ]

Mon Feb 23 12:17:12 IST 2009

Graphviz awesomeness

Graphviz is my newest discovery. I used to meddle with Dia and xfig whenever I needed to publish any diagrams (network diagrams for example), but they have their problems - one has to worry about the layout and spacing among other things. The content becomes secondary to the layout. That's exactly the reason why I don't use word processors. Systems like Textile, Markdown, reStructured Text and the king of them all, TeX let you focus on the content and figure out an appropriate layout (some of them with a little help - but the focus still remains on the content).

Graphviz does that for graphs and it's just awesome! Examples speak louder than words, so here they are:

graph g {
        foo -- bar;
        bar -- baz;
        baz -- spam;
        eggs -- spam;
        spam -- bar;
        foo -- spam;

        label="The foo bar graph"
}

graph g {
        foo;
        {rank=same; bar; baz; spam; eggs;}

        foo -- bar;
        bar -- baz;
        baz -- spam;
        eggs -- spam;
        spam -- bar;
        foo -- spam;

        label="The flatter foo bar graph"
}

digraph G {
        foo;
        {rank=same; bar; baz;}
        {rank=same; spam; eggs;}

        foo -> bar;
        bar -> baz [arrowhead=vee];
        baz -> spam [arrowhead=diamond];
        spam -> eggs [label=" an edge " arrowtail=diamond arrowhead=vee color=red];
}

Posted by gera | Permanent link | File under: tricks | [ 0 ]

Mon Feb 16 15:08:16 IST 2009

whatthefuck

I'm back from hibernation! Now that I've quit work and have a little free time, I'm back to making my life easier.

Step one, in that direction is whatthefuck. It's a wrapper around the excellent wtf utility, available via the bsdgames package in Debian (and Ubuntu). wtf is nice, but has some annoyances like :
gera@gera-laptop:~$ wtf is 3whs
Gee...  I don't know what 3whs means...
gera@gera-laptop:~$ wtf -t comp is 3whs
3WHS: three-way handshake
That's because the term exists in the 'comp' list and not the regular one. Well, chances are that if I don't know wtf it means, I wouldn't know that it's a computing term either. And what about terms which aren't in _any_ list?

Enter whatthefuck. It's a wrapper around wtf. It does the following, in order:
  • looks for the term in the default wtf list
  • if that doesn't work, looks for it in the comp list
  • failing that, gets the wikipedia page for that term
  • failing even that, launches a Google search for the term in a browser
It detects screen size and then intelligently pages the output via the default pager. For parsing wikipedia HTML, it needs html2text, and for querying the wtf lists, it needs wtf. If it doesn't find wtf, it'll just act as a lookup tool for wikipedia. It launches 'gnome-www-browser' by default, but will use the BROWSER environment variable if that's set. It also ignores the optional 'is', just like wtf:
gera@gera-laptop:~$ whatthefuck perl
perl: perl (1) - Practical Extraction and Report Language
gera@gera-laptop:~$ whatthefuck is perl
perl: perl (1) - Practical Extraction and Report Language
I alias it to 'wtf' so that I can make this completely transparent.
gera@gera-laptop:~$ alias wtf=`which whatthefuck`
gera@gera-laptop:~$ wtf is perl
perl: perl (1) - Practical Extraction and Report Language
It's a trivial script and not rocket science. But it's tremendously useful.

update (21 Feb 2009): The newer version (available at the same link) checks the uppercased term on wikipedia as well.

Posted by gera | Permanent link | File under: code, hacks | [ 0 ]