Apache 2 and HTTP Authentication with PAM

There are 2 ways(at least that I know of) to get Apache 2 to use PAM for http auth:

  • Old mod_auth_pam, which I believe is not developed anymore and also posses some security risks
  • Newer mod_authnz_external and pwauth

This little write up shows how to get Apache and PAM going on Ubuntu using the mod_authnz_external.
To get started, let’s install some packages:

sudo apt-get install libapache2-mod-authnz-external pwauth
sudo apt-get install libapache2-mod-authz-unixgroup
sudo a2enmod authnz_external authz_unixgroup

Edit config file for the Virtual Host you’d like to get them PAM-based HTTP Authentication going, such that it contains the following clause:


<IfModule mod_authnz_external.c>
AddExternalAuth pwauth /usr/sbin/pwauth
SetExternalAuthMethod pwauth pipe
</IfModule>

And the final bit of configuration goes to your Directory definition inside of vhost block:

<Directory /var/www/yourlocation>
AuthType Basic
AuthName "Restricted Area"
AuthBasicProvider external
AuthExternal pwauth
Require user john

# some other configuration statements
</Directory>

This will allow user john to access the resource.

Now if you also want to have PAM authentication by users group you’ll need to make few extra steps. Missing bit of puzzle here is called ‘unixgroup’ script and for some reason it is not in Ubuntu’s pwauth package where it ought to be. You will need to grab it from here and copy it over to /usr/sbin/unixgroup and make it executable. Here is a quick snippet to do that:


wget "http://pwauth.googlecode.com/files/pwauth-2.3.9.tar.gz"
tar xzvf ./pwauth-2.3.9.tar.gz
sudo cp pwauth-2.3.9/unixgroup /usr/sbin/
sudo chmod a+x /usr/sbin/unixgroup

Once that’s done, you’ll need to few more lines to you Virtual Host config, so it will look something like this:

<IfModule mod_authnz_external.c>
AddExternalAuth pwauth /usr/sbin/pwauth
SetExternalAuthMethod pwauth pipe
AddExternalGroup unixgroup /usr/sbin/unixgroup
SetExternalGroupMethod unixgroup environment

</IfModule>

<Directory /var/www/yourlocation>
AuthType Basic
AuthName "Restricted Area"
AuthBasicProvider external
AuthExternal pwauth
GroupExternal unixgroup
Require user john# some other configuration statements
</Directory>

Hopefully this is helpful to someone besides myself :) Let me know if you got stock somewhere along the way.

Installing Mercurial 1.5, 1.6 or 1.7 on Ubuntu Lucid Lynx 10.04

Lycid Lynx’ repository by default set to install Mercurial 1.4.x, which is great, but as of today that’s already 3 major releases behind :( To get yourself on the latest and greatest version of Mercurial there are 2 options: build from the source or just add mercurial-releases repository like this:

sudo add-apt-repository ppa:mercurial-ppa/releases
sudo apt-get update
sudo apt-get install mercurial

Make sure it did the right thing:

$ hg --version
Mercurial Distributed SCM (version 1.6)

Copyright (C) 2005-2010 Matt Mackall and others
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Another thing that will go nicely with Mercurial 1.6.x or 1.7.x is up-to-date TortoiseHg. To install TortoiseHg on Ubuntu 10.04 you’ll need to run the following:

sudo add-apt-repository ppa:tortoisehg-ppa/releases
sudo apt-get update
sudo apt-get install tortoisehg-nautilus

XDebug doesn’t show local variables in Komodo, NetBeans or Eclipse PDT

Lovely surprise that came sometime after upgrading Lucid Lynx(and thus to PHP 5.3.2) – Xdebug doesn’t show local variables. Fortunately that’s a known issue that is fixed in Xdebug 2.1.0RC, but since it’s not released, it is not yet in Ubuntu’s repository. This should be pretty easy to fix though :) let’s try this:

sudo apt-get install php5-dev php-pear

That’ll get us ready for manual xdebug building. Then we need to get the sources. Gotta tell you, Xdebug guys are pretty awesome – they put together this nice little tool that helps you find and build the right version: http://xdebug.org/find-binary.php

It requires output of phpinfo() or in ‘php -i’ command and based on that gives you set by step instructions.

For standard Lucid Lynx install it boils down to the following commands:

wget http://xdebug.org/files/xdebug-2.1.0RC1.tgz
tar -xvzf xdebug-2.1.0RC1.tgz
cd xdebug-2.1.0RC1
phpize
./configure
make
sudo cp modules/xdebug.so /usr/lib/php5/20090626
sudo /etc/init.d/apache2 restart

Before restarting the server though(last command) you may want to double check the the following line exists in either /etc/php5/apache2/php.ini or in /etc/php5/apache2/conf.d/xdebug.ini

zend_extension = /usr/lib/php5/20090626/xdebug.so

Advanced Web Ranking on Ubuntu: Fixing “SQLite Could Not Be Found” Issue

“SQLite Could Not Be Found Issue” that you see when running AWR on 64bit Linux(in my case Ubuntu 10.04 ) is caused by the fact that AWR relies on 32bit JRE(you can read about this on AWR’s forum). Problem could be fixed by installing 32bit JRE on the system.This short step by step guide cheat sheet will help:

If you’re on earlier version of Ubuntu this will generally do the trick:

sudo apt-get install ia32-sun-java6-bin

However if you’re on 10.04, then it’s a bit longer process, since you need to add partner repository first:

sudo add-apt-repository "deb http://archive.canonical.com/ lucid partner"
sudo apt-get install ia32-sun-java6-bin

That’s not all though. Now you need to edit launch script(AdvancedWebRanking.sh). Line #4 needs to be updated to contain path to proper JRE. Your final file should look something like:
#!/bin/sh
cd "Advanced Web Ranking"
export LD_LIBRARY_PATH=.:$LD_LIBRARY_PATH
/usr/lib/jvm/ia32-java-6-sun/bin/java -Xmx512M -classpath awr.jar com.caphyon.awebrank.Splash

TypePad to WordPress MU: Moving content with Technorati links, images, video and all that good stuff.

Getting content out of TypePad ain’t fun at fall. Getting content with images, technorati tags, videos is even more painful.

With default TypePad ‘export’ feature you’ll just get partial content(some limited number of posts AFAIR), no technorati tags, no images. Youtube videos are going to be there since that stuff is just an html that embed remote flash video player. So to make my life a bit easier I came up with few simple tricks/scripts of how to get everything out of TypePad and process it to import into WordPress with no pain.

Here is how it goes:

Continue reading

Moving TypePad blogs to WordPress MU: TypeLists

TypePad suck, no two ways about it. Why, in your right mind, would you want to use something so limited in functionality on the platform that you have no control over, when there are tons of open source solutions that are way better…

Strangely enough, TypePad being the way it is, made a lot of people wanting to switch to things like WordPress(well at least from what I hear :) . Moving a blog onto WordPress with 0-broken links, no missing images, while keeping all embedded things, such as YouTube videos and Technorati Tags fully functional with 0-downtime ain’t a simple task. Small blogs may not really care about everything I’ve mentioned, but some serious blogs out there however need all that done, done fast and done right the first time.

Continue reading

MySQL5 TINYINT, SMALLINT, MEDUIMINT, INT, BIGINT boundaries

From MySQL Documentation, boundaries of the numerical types are as follows:

Type Min Value Max Value Bytes
TINYINT -128 127 1
TINYINT UNSIGNED 0 255 1
SMALLINT -32,768 32,767 2
SMALLINT UNSIGNED 0 65,535 2
MEDIUMINT -8,388,608 8,388,607 3
MEDIUMINT UNSIGNED 0 16,777,215 3
INT -2,147,483,648 2147483647 4
INT UNSIGNED 0 4,294,967,295 4
BIGINT -9223372036854775808 9223372036854775807 8
BIGINT UNSIGNED 0 18446744073709551615 8

Dump MySQL table or SELECT resultset into CSV or TSV file

Full table select:


SELECT * INTO OUTFILE '/tmp/file.csv'
FIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '"'
LINES TERMINATED BY '\n'
FROM `table`;

Variations(for instance select from derived table):

SELECT tbl.* INTO OUTFILE '/tmp/file.csv'
FIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '"'
LINES TERMINATED BY '\n'
FROM (
SELECT t1.category_name, t2.full_name
FROM table1 t1
LEFT JOIN table2 t2 ON t1.category_id = t2.category_id
) AS tbl;

To add a heading row into the exported by MySQL CSV file you can use UNION statement:

SELECT 'Column Name 1', 'Column Name 2'
UNION
(
SELECT tbl.column1, tbl.column2 INTO OUTFILE '/tmp/file.csv'
FIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '"'
LINES TERMINATED BY '\n'
FROM table1 tbl
);

Note: /tmp/file.csv must writable by mysql process