Monday 10 October 2016

Override Overkill

I've spent a good couple of hours of time over the last few weeks trying to figure something out. This was not a huge issue that needed resolving quickly but it was something which would eventually need to be fixed.

Background
I've been asked to copy the data from a live server in order to create a new test server. The data is pretty much a snap shot of the live server. It contains two databases, a bunch of .jar files and some NTP configurations. I take backups from both these databases and create test versions, I set up all the other little bits and pieces (FTP etc..) and I'm done.

I start to create the systemd files which will be used to run daemons on startup, most of them work perfectly fine...but one particular file ( a master daemon used to kick off multiple daemons) fails.

Issue
Turns out one of the daemons connects to the first database in order to grab credentials for the second database, which it then connects to and runs some stored procedures. This was failing with an SQLException wrong username or password.

This is strange because I have other daemons that follow this procedure and connect successfully. Both are getting there username and password from the same place...or are they...

Solution
Digging around in the code I release there are multiple ways in which the user can obtain the username and password, by default they look in the database, the credentials found can be overridden via
  1. config file
  2. command line arguments
The credentials are not being overridden in the config file as this would mean all daemons would have the same issue, no, it must be that someone somewhere has hard coded the credentials are arguments.

After searching around I find that within the master daemon someone has indeed done this. How massively irritating... Removing these arguments and letting the daemon get its credentials from the database solves the issue.

What grinds my gears
This seems to me to be either a lack of communication between the original developers or old code which should have been removed. Admittedly this issue wouldn't take to long to resolve for someone working on it full time, but that's not really the point here.
I can understand getting the values from the database and then also writing a override function which lets the user set there own credentials, this makes sense, but keep it in one place! In this software this is the only daemon that lets the user use command line arguments to override the credentials. Why? We have a perfectly good config file specifically for that reason...

Friday 7 October 2016

Exploring Node

So I've been spending quite a bit of my spare time looking into node. It's actually more interesting than I first thought, Mainly because I can run it on my Raspberry Pi.

Currently I have a chat server running which uses socket.io. This was incredibly easy to set up a basic chat server (when I say basic, I mean basic..). I've been customising it visually and logically for a few days now.

Visually I have decided to make it look like a Linux terminal, this is done mainly with CSS but also with a JQuery plugin called Typed.js. I've used this before for other projects and I find it easy to use and it does what it says on the tin.

Logically I have enabled it to recognise URLs using regex, this was the easy part... I wrote the sendMessage functionality so the message sent would ignore HTML and JavaScript in order to stop injection attacks. This seems like a good idea at the time. Later on I introduced the regex to spot URLs in a string and apply the <a href> tag to them. when testing this i got the following:

Karl: This is a test <a href="http://www.google.co.uk">www.google.co.uk</a> end of test

So my way around this was to break up the message but keep the order, each URL found would be inserted as HTML, everything else inserted as text. I'm researching into how other chat clients resolve this issue, I think my way my have some security vulnerabilities, but hey, it's a good way to learn.

I'm also looking into file sharing and possibly enabling some kind of webcam chat. I'm currently looking at socket-signaler-client which I think has the ability to give me what I want.




Thursday 29 September 2016

SSHenanigans

OK so today I have been going all over the place in order to connect to the PC currently less than 10 inches away from my feet.

Recently I have had a head cold, which as you probably know makes you just want to lie on the couch drinking honey and lemon... Unfortunately for me I had some work to do so rather than go into the office I emailed our network guy and asked him if he could give me access to the computer under my desk via SSH. Not a problem.

He suggested that I configure my ssh server to require both a key and a password. This made sense as having a key and knowing a password is better that just knowing a password or just having a key.

I set up a new ssh key using the ssh-keygen command and then copied the key to the PC under my desk and also edited the ssh_config file to include the line 'AuthenticationMethods publickey,password'

Everything worked as it should and I was able to do some work on that day.

The next day I got into work and realised I did not have the key on my main work PC that I needed to access the PC under my desk...this key was currently on my laptop at home (my head so full of mucus forgot to remind me to make a copy).

I started thinking about maybe walking home to get a copy of the key when I remembered that I had a raspberry pi at home which I could connect to via SSH. I connected to the mini server and scanned my network for my laptop (which, fortunately, I had left on while updating). I found the IP address for my laptop and connected to that via SSH. I was then able to copy the key back to my main computer and use the ssh-add command to install it. Finally I now had access to the PC under my desk *phew*..

Tuesday 27 September 2016

Learning Node.js

Node.js has always looked interesting to me, yet I have never explored it properly.

Every time I hear people mention Node.js its almost always followed by the words "web-server", so naturally I assumed Node.jswas a light weight web-server. Turns out (by just Googling node.js) that it is in fact just a JavaScript Run-time.

Once I installed Node I realised I could just run the following in a console:

$ node
> console.log('Hello');
Hello
undefined

Undefined is returned because node returns the return value of each command. This command has no return value. 

The reason people always mention web-servers is because its incredibly easy to create a basic web-server with node:

web-server.js

var http = require('http');

http.createServer(function (req, res) {
  res.writeHead(200, {'Content-Type': 'text/plain'});
  res.end('Hello World\n');
}).listen(8080);

console.log('Server running on port 8080.');

Now running node web-server.js will launch the web-server, going to http://localhost:8080 will show the text.

Node.js has a very large number of library's which can be used to do almost anything. One project I am quite keen on is a drag and drop page which will parse a CSV file and output relevant data. I'm going to be working on this over the next few hours and I will update this post once complete.

Thursday 4 February 2016

Understanding VIM

Me and Vim have a complex relationship. I spent a lot of time loathing it, a small amount of time putting up with it and now all my time using it.

I was born in the late 80's. I grew up with graphic user interfaces, this was a good thing, it was easy to pick up and play with. I didn't have to worry about permissions,  .swp files and the like. I could use my mouse to highlight all the text, click where I wanted to start typing and just start typing.

Then when I got older and started using Linux I took my first step into the world of real programming, no more batch files for me!
I was told that Vim was an incredibly useful tool you could use to write code, I tried it, it did not make me happy.

"Why do you have to press 'i' every time you want to type?" I asked myself shortly after discarding it and using a more notepad-esque option.
I read that the reason for this is so you can execute useful commands such as a search and replace:

 :%s/foo/bar/g

"How is this better than CTRL+F?" I thought. My general opinion was that Vim was needlessly complicated and so I forgot about it.

After university I got a job at a company which provided Real Time information for buses. Each bus stop had a digital display which received information via GPS or Wifi. One of my jobs was to remotely access these digital displays and update the software within. The problem was that each display ran a headless version of Linux called TinyCore, this means it had no GUI. I watch a few of my colleagues editing config files using Vi or Vim and decided to give the editor another go (not that I had any choice). I learned a few basic commands and I got used to it, but I still didn't like it much.

Things stayed that way for a while, It's only been the last few years that I have realized what I have been missing with Vim.

I have downloaded Vim Improved text editor which I now use daily, hourly almost. The great thing about it is that it you learn the command line vim by using it. when you click file it gives you all the usual options, i.e. Open, Save etc, but just on the right it shows you the relevant command to preform that action on the command line.

Currently I do a lot of work on a Linux server running redhat. With Vim I can, remove duplicate records just by typing:

:sort u

I can column select by pressing 'SHIFT+V' or 'CTRL+V' and then select my column, then by pressing 'I' and typeing what I need, then pressing 'ESC' all rows have been updated.

I have misjudged Vim and i am now spending a lot of my time realizing how great this software actually is.