I don’t wish this to be a rant, and I wish it to be far from fuel for the flame wars which have been burning for several decades over open source projects which transform into “mostly closed” and very non-free “products”.
Read more over on my LinkedIn post…
After months of frustration – having our outbound emails randomly fail for distribution groups (alias lists in Courier MTA terminology) – I found the cause.
Our SMTP smarthost doesn’t allow multiple “RCPT TO:” commands in an email header.
By default, Courier batches up all emails forwarded to the same domain name. There’s a switch to turn this off: http://www.courier-mta.org/courier.html
batchsize
This file contains one line, containing a single number. This number specifies the absolute maximum number of recipients for a single message. If the Courier mail server receives a message with more recipients, the message is duplicated as often as necessary until each copy of the message has no more than batchsize recipients. If batchsize is missing, it defaults to 100 recipients per message.
Bingo bongo.
A few of us today at work discussed the upcoming Apple Watch (pre-orders from 10th April) and the topic of water-proofing came up.
A little research on Google reveals no “definitive” answer, so I took matters into my own hands and hunted the main official Apple Watch (web-)pages for any hint.
Sure enough I found this:
*Apple Watch is splash and water resistant but not waterproof. You can, for example, wear and use Apple Watch during exercise, in the rain, and while washing your hands, but submerging Apple Watch is not recommended. Apple Watch has a water resistance rating of IPX7 under IEC standard 60529. The leather bands are not water resistant.
Cite: Footnote on https://www.apple.com/watch/health-and-fitness/ accessed 2015-03-30
Wikipedia helpfully explains the meaning of “IPX7”:
Where there is no data available to specify a protection rating with regard to one of the criteria, the digit is replaced with the letter X.
The first digit indicates the level of protection that the enclosure provides against access to hazardous parts (e.g., electrical conductors, moving parts) and the ingress of solid foreign objects.
The second digit indicates the level of protection that the enclosure provides against harmful ingress of water.
Cite: http://en.wikipedia.org/wiki/IP_Code#Liquid_ingress_protection
So no data available re. solid particles.
Regarding water though there is, it’s rated at “7”:
Immersion up to 1 m
Ingress of water in harmful quantity shall not be possible when the enclosure is immersed in water under defined conditions of pressure and time (up to 1 m of submersion). Test duration: 30 minutes
The lowest point of enclosures with a height less than 850 mm is located 1000 mm below the surface of the water, the highest point of enclosures with a height equal to or greater than 850 mm is located 150 mm below the surface of the water
So “waterproof”? I’d say not. “Survive use in the shower and bath”? Absolutely. “Come out of a swimming pool working”? I’d personally not risk £400 on it.
For cross-reference against Wikipedia, this PDF explains in a very readable fashion: http://www.osram.co.uk/media/resource/hires/342330/technical-application-guide—ip-codes-in-accordance-with-iec-60529-gb.pdf
Nearly a year since I last blogged. Phew, caught it just in time 😉
First time this year (2013) I got to drive home without my lights on. The clocks haven’t even gone back yet! Woo-hoo for springtime 🙂
So today’s topic, CKEditor and A4 paper. Mmm-hmm. Letter paper, A4, A5, in fact any size. You want to let someone WYSIWYG edit layout on a piece of paper, envelope, acetate, banner, badge or whatever. Sure, we can do that!
<script type="text/javascript">
// ON CKEDITOR READY:
CKEDITOR.on('instanceReady', function() {;
var iframe = $('#cke_editable_area iframe').contents ();
iframe.find ('html').css ({
'background-color': '#b0b0b0'
});
iframe.find ('body').css ({
'width': '297mm',
'height': '210mm',
'background-color': '#ffffff',
'margin': '0mm',
'padding': '5mm'
});
});</script>
Yee-haa cowboy. The above uses the CKEditor instanceReady event and some jQuery magic (not optimally written :)) to force the width/height of the editable area. Unfortunately text can flow past the bottom (but not off the sides or top) – but that’s probably a good thing, else the user would not “see” that they’ve made a mistake.
Some grey colouring gives the illusion that you’re working with your favourite text editor.
Shove the result to a fresh page with the following CSS for printing, certainly with Chrome – works like a champ. (Note I’m using A4 measurements in the JavaScript, so the CSS below is to match that.)
body {
font-family: sans-serif, Arial, Verdana, "Trebuchet MS";
width: 297mm;
height: 210mm;
background-color: #ffffff;
margin: 0mm;
padding: 0mm;
}
@page {
size: landscape;
width: 297mm;
height: 210mm;
margin: 5mm;
}
UPDATE: further information on how I achieved this has been requested … what I ended up with (after much fiddling) was a 95% accurate “what you see is what will print” … using a kludge of ugly tricks.
The main JS:
<script type="text/javascript">
// ON CKEDITOR READY: Sets up page size and white colour background in edit area
CKEDITOR.on('instanceReady', function() {;
var iframe = $('#cke_editable_area iframe').contents ();
iframe.find ('html').css ({
'background-color': '#b0b0b0'
});
iframe.find ('body').css ({
'width': '297mm',
'height': '420mm', //was 210 ****
'background-color': '#ffffff',
'margin': '0mm',
'padding': '5mm'
});
iframe.find ('td').css ({
'padding': '-1px'
});
});</script>
That generates a landscape A4 page, editable in your browser.
To print, I pass the content (HTTP POST, basically) into a printable page:
<html lang="en" dir="ltr">
<!-- the following stylesheet is provided by ckeditor - and provides some sane defaults for displaying -->
<link rel="stylesheet" type="text/css" href="/css/ckeditor.css" />
<body
class="cke_contents_ltr cke_show_borders"
spellcheck="false"
style="width: 297mm;
height: 420mm;
background-color: rgb(255, 255, 255);
margin: 0mm;
padding: 5mm;
cursor: auto;">
<table
class="cke_show_border"
cellspacing="0"
cellpadding="0"
style="width:1120px; border:none;"
_moz_resizing="true">
<?php print $contents; ?>
</table>
</body>
</html>
The CSS referenced is vanilla from CKEditor.
I have a ReadyNAS Duo, and several Mac devices backing up to it (via the typically “Apple awesome” Time Machine feature).
I recently upped the allocated disk space in FrontView to 300GB, from 120GB – which while each Mac’s Time Machine preferences said “NAS device, 300GB” – claimed the disk didn’t have enough “temporary space” to perform the backup.
Hmm.
I got SSH access to the ReadyNAS working – (I used Enable SSH plugin), and took a look around the filesystem.
It appears in classic OSX style, Apple have opted for a simple .plist info file:
cat /c/.timemachine/Matthew\ Hall’s\ MacBook.sparsebundle/Info.plist
...
<key>size</key>
<integer>107374182400</integer>
...
Upping the value to the match the new disk size (300*1024*1024*1024), solved the issue.
Presumably (speculation) OSX treats the .sparsebundle directory as a disk image – and the Info.plist defines how “big” the disk image is – even though its a directory (can anyone confirm?). Thus the “disk” was indeed 300GB, but the existing backup image was only 100GB …
Shame Netgear / Apple didn’t put something obvious to allow updating the .plist file, but never mind! Problem solved …
“It’s like playing Bingo, only you you win what you’ve already paid for!”
— Michael McIntyre
What a week. What a month. What a year.
So much has happened, far more than I could or should ever write about.
Recently we’ve been migrating MySQL servers from one hardware to another – for anyone (me!) that finds this useful in the future, firstly “Hello, and I hope the future is better than the current ‘past’!”, and secondly “I hope this does what you need”:
#!/bin/sh
HOST="$1"
USER="$2"
PASS="$3"
mysql -h "$HOST" -u "$USER" -p"$PASS" -e \
"SELECT CONCAT(\"SHOW GRANTS FOR '\", \
user,\"'@'\",host,\"'\;\") FROM mysql.user;" -B -N | \
mysql -h "$HOST" -u "$USER" -p"$PASS" | egrep -v "^Grants"
That small bash script accepts 3 arguments, HOSTNAME, USERNAME and PASSWORD. Executing it will output “CREATE USER” statements for all users on the MySQL instance.
While migrating the MySQL servers, we took the opportunity to setup a new monitoring solution – Zabbix. I’ve used it a couple of times in the past, and in my most humble opinion it’s failing is it’s flexibility. It’s just so flexible!
We have a fair number of Cisco switches and routers at our disposal here in the office, and setting up Zabbix templates for each is not high on my bucket list. Why do something by hand that can be done automagically by a computer?
Thus this (very hacky, PHP) script which automatically generates Cisco (SNMP) templates for Zabbix.
Simply run “show snmp mib ifmib ifindex” on your Cisco device of choice, and shove the output into the script’s STDIN. Hey-presto, out comes a Zabbix template!
Modifying the default options in the template is very easy; just edit what you like after line 34.
*sigh*
It’s been for several weeks that I’ve been trying (and failing) to aquire Domain Admin status on our Samba domain.
With Windows 2000 and XP, administrative access was easy. A local admin account called “administrator”, and a local policy stating who’s an administrator – all peachy.
You can tell I’m not a Windows administrator by job! Obviously domain admins is a far cleaner way to go.
So I dip my toe into Windows 7 on a Samba 3 domain.
It works well. Too well. There’s a small issue with the workstations claiming “there’s no logon servers available to handle the request” for 60+ seconds from a cold-start, but I think that’s solvable (I suspect WINS, NetBIOS or DNS is failing to warm up in a timely manner). The domain admins however eluded me.
“So it’s OK” I think to myself. “Login as the local administrator – set some local policies up. … Oh wait, Windows 7 disabled those because I joined the domain and didn’t first give them passwords. Sheesh! Joining the domain admin group it is then.”
Well I searched the Internet and ripped my hair out. Week after week the issue prevailed. Windows 7 wouldn’t obey the “Domain Admin”. “Elevated access required.”
Finally I trip across this: http://fixunix.com/smb/64004-domain-admin-group-samba-3-a.html
The second guy motions that “Domain Admins” must be group ID 512 (in the Windows mapping) – and blam.
One Samba restart later … all works.
Check the documentation out at http://www.samba.org/samba/docs/man/manpages-3/net.8.html … specifically you’re looking for something like this:
net groupmap add rid=512 unixgroup=MYUNIXGROUPHERE type=domain
As I sit here typing, the very Playstation Network (PSN) service which has received so much flak over the last month is finally approaching usability once more.
I would like to say a huge thank-you to the guys at PSN, there’s no question over how hard you’ve been working to get things this far. Despite how many will disagree with me, I’d like to thank the non-tech guys at Sony too, for your honesty and speed with dealing with things.
I work at a PCI-DSS regulated company myself, as a programmer, and don’t have 1% of the customers PSN does. We also don’t provide a service that millions of people rely on “real-time” for entertainment purposes, nor which they expect to find working 24/7.
You guys have done a good job, please keep it up.
This could have happened to anyone, although it’s always easy to point the finger when you’re the ignorant customer.
Validation of email addresses. What a painful subject.
About a year ago I looked into the possibility of using SMTP to validate email addresses. As it turns out, it’s not perfect (a lot of false-positives) but it’s very reliable (I’ve failed to get any false-negatives).
The following code outlines how this works (written in PHP, because I was thinking about it in the context of web-apps):
<?php
function validate_email_regex ($email) {
return preg_match ('/\b[A-Z0-9._%+-][email protected][A-Z0-9.-]+\.[A-Z]{2,4}\b/i', $email);
}
function validate_email_smtp ($email) {
if (!validate_email_regex ($email)) return false;
list ($user, $domain) = split ('@', $email);
if (!getmxrr ($domain, $mxhosts)) return false;
$i = 0;
$fp = false;
$thishost = isset ($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : exec ("hostname");
foreach ($mxhosts as $mxhost) {
if (++$i > 3) break; // don't check more than 3 MX records
if ($fp) fclose ($fp); // cleanup from last iteration
$fp = fsockopen ("tcp://$mxhost", 25, $errno, $errstr, 10);
if (!$fp) continue;
if (!$str = fgets ($fp)) continue;
if (substr ($str, 0, 3) != '220') continue;
fwrite ($fp, "HELO $thishost\r\n");
$str = fgets ($fp);
if (substr ($str, 0, 3) != '250') continue;
fwrite ($fp, "MAIL FROM:<[email protected]$thishost>\r\n");
$str = fgets ($fp);
if (substr ($str, 0, 3) != '250') continue;
fwrite ($fp, "RCPT TO:<$email>\r\n");
$str = fgets ($fp);
if (substr ($str, 0, 3) != '250') {
fclose ($fp);
return false; /* don't proceed with other MX records because of a bad user */
}
fclose ($fp);
break;
}
return true;
}
?>