Skip to content

Blog

Adventures with WindowMaker and Debian

Back in my earlier Linux days, I would experiment and fiddle a lot with different setups for desktop environments and appearance, customising my Linux system to my heart’s content! An example: I loved the 3D desktop effects of Xgl/Compiz back in 2006.

Time moved on, and I ended up settling with the defaults that distributions provided. I liked Ubuntu’s direction with Unity, upon its release in 2011.

I have fallen out with Ubuntu and Unity more recently, however. The troubling privacy issues with the Amazon ‘lens’ and other changes to their corporate behaviour scared me off.

So, I moved over to Debian for my personal server and my Linux desktop systems, and I have been very happy with it. At the same time, though, I wanted to get back to my previous spirit of playing around with different bits of software instead of just going with the defaults and surrendering to a full-size desktop environment. Frankly, the way I use Linux means I don’t find an overwhelming need for a wide variety of graphical applications.

With that in mind, I have set up a very unusual, and minimalist, desktop experience, which I thought I would document a little here for those that might be interested.

WindowMaker screenshot, showing Iceweasel, Terminal and others

» Read the rest of this post…

Upgrading to MariaDB 5.5 on CentOS 6

Installing PHP 5.5 on CentOS 6 using IUS Repositories

I have been inspired once again to fire up my screencasting rig, to show you how to install PHP 5.5 on CentOS 6 using Rackspace’s IUS Community Repositories.

More and more web applications now are likely to require versions of PHP beyond 5.3. CentOS 6 users are stuck with 5.3, with backported security updates, unless they diverge from standard repositories or compile PHP themselves! Until CentOS 7 is with us, those of us trying to run a rock-solid web server on CentOS will be left out in the cold running recent web applications like Moodle 2.7 which require a newer PHP.

In this video, I show you how to use the IUS repositories to get PHP 5.5 running. These repositories, with their Rackspace backing, seem likely to be nice and stable going forward.

As always, I’d love any feedback you might have.

Creating a Custom Child Theme in Moodle 2.6

I’m spending a fair amount of my time now working on and supporting a medium-sized Moodle installation. I will not sugar coat it: Moodle is far from my favourite piece of web software — its considerable UI complexity being my chief complaint — but it does do a reasonable job and it has a rich enough feature set to make it quite an asset in the education world.

This complexity to Moodle sometimes doesn’t exactly make it easy to do the right thing as a developer, and working with themes could be somewhere where developers diverge from best practices. The temptation to clone your favourite theme just to make a few tweaks here and there leaves people unable to track changes to the base theme, and keep their site up-to-date.

So, I have put together a video showing how you can create a custom theme (a child theme in WordPress parlance) that inherits mostly from your base theme, but allows you to override CSS and even bits of the HTML structure of Moodle’s generated pages.

I think it’s actually an easier process than people think!

As always, I welcome feedback, and if you found this particularly helpful, I’m always happy to have a few pennies drop into the PayPal account!

Find this tutorial useful?





How to install Cacti on CentOS 6

It has been far too long since a video tutorial made its debut here, so I would like to introduce a new tutorial!

Cacti is a great graphing and monitoring tool, but I have struggled in the past with getting it installed, and getting it to do what I want. It can be a little bit complex and fiddly, but recently I have had more success and am putting it to good use measuring and graphing more things.

In this tutorial, I will walk you through installing Cacti on a basic CentOS 6 system with Apache, PHP and MySQL already installed. By the end of the video, it is collecting information for the default graphs in the default installation.

I hope to extend this video series soon with some details about the additional graphs I have recently succeeded at getting installed.

As always, your comments and feedback are appreciated!

Cleaning up the IP.Board url4short mess

XDebug to the rescue…

The condensed, I-just-want-to-fix-my-site version:

On your server, try:

grep ‐ri \$mds /wherever/your/website/folder/is

to locate the injected code, and while file it resides in. You can then go into that file and remove it.

Also try re-caching all the skins and languages in the Admin Control Panel. Make sure all IP.Board updates and patches are applied to prevent the compromise happening again.

Reset your passwords and keys. Take measures to detect and continue detecting other infiltrations.

My friend Niall Brady dropped me an email, saying that some of the users of his Windows-Noob forums were reporting getting redirected to a spammy-looking site (url4short dot info) when clicking on search results to the site.

The forums run the Invision Power Board (IP.Board) software. There had been some reports of vBulletin boards being hit with this kind of spammy redirect, but fewer suggestions that this was an IPB problem. There had been a patch for a critical IPB issue released in December, but that had, obviously, been applied to the site as part of normal good practice.

Nevertheless, I was concerned. Clicking on a search engine result should definitely not be redirect somewhere other than the result page!

Without evidence that the issue was not limited to one machine, or one connection, however, it could not be ruled out that it was just malware on that visitor’s machine.

» Read the rest of this post…

Protecting your browsing with Certificate Patrol for Firefox

I read this BBC News story about mistakenly issued security certificates recently, which allowed the people with those certificates to impersonate any Google websites and intercept traffic to them. It struck me as quite significant that this particular story made it to &#8216mainstream’ tech reporting.

There is a more detailed, and perhaps more accurate, commentary on this attack on Freedom to Tinker. It perhaps may not have been ‘cyber criminals’ as the BBC reported it when I first viewed the story!

Anyway, given the attention to this issue, I thought it a good opportunity to review this kind of attack against SSL/TLS — the security system upon which we all now depend. More importantly, I wanted to show Certificate Patrol, an add-on for Firefox that would allow you to notice a suspicious change to an certificate and thwart this kind of attack.

The weaknesses inherent in having too many organisations that are able to issue security certificates for any domain are becoming more clear. While this kind of attack is extremely rare, at the moment, ‘at the moment’ is a very poor security response! Hopefully, more awareness of these limitations of the internet’s authentication infrastructure can help put pressure on browser vendors, website owners and CAs to make everyone more secure.

Raspberry Pi

Raspberry Pi logo

In other 2012 gadget acquisition news, I got my hands on a Raspberry Pi this year, too.

Raspberry Pi in box

Ordered in the summer, and only delivered last month, due to the high demand, it is something I have not yet had an opportunity to play with as much as I would have liked. The advantage of having to wait that long, however, has been a beefier 512 MB version of the device!

In the spirit of my recent iPad mini post, here are some first thoughts on the device:

  • It is amazing how much you can do on such a tiny and inexpensive device. With the Debian wheezy build that is the Pi’s default operating system, you have access to almost the same rich range of software packages on any other Debian system. I was able to install Nginx to serve up web pages at rapid speed, and I am quite sure it would be possible to completely replicate Van Patten Media’s Managed Hosting platform that I have spent much of the year working on, even on such a device!
  • It is unashamedly geeky. This will probably be enough to put off some people who have received a Pi, but perhaps who don᾿t have the support in place to best use it. It isn’t that difficult to get started, but you do need to be able to get the OS onto an SD card. For me, though, I like that opportunity that it gives you.
  • It legitimises the hobbyist again. This pleases me a lot. Many great things were achieved by (originally) hobbyist hackers; re-igniting that spirit has huge potential.

There is some irony in that the Pi is, in a number of ways, the polar opposite of the iPad — it is hobbyist rather than consumerist. The Pi gives you complete control but requires some fiddling, the iPad gives you little control but is so intuitive.

I leave this year much more satisfied about the state of computing because of these two devices.

Why? There is now opportunity for both consumer hardware, and hobbyist hardware, to co-exist and complement each other.

Disable ‘New Tab’ Page in Firefox 13

Today’s release of Firefox 13 brings with it more imposed functionality changes to the only version of the browser that we can use, because it is is the only one kept current with security updates*.

This time, it is a brand new, Google Chrome-style ’New Tab’ page. I’m sure it is great for lots of people, but personally, I prefer a blank home page and a blank page when I open a new tab.

To restore the old behaviour, and have a blank new tab, browse to about:config. Accept the warning, then search for newtab. Do not change newtabpage.enabled.

Instead, double-click browser.newtab.url and set it to about:blank.

Disable 'New Tab' Page in Firefox 13

There, that’s how I prefer it again!

* UPDATE: A slight correction — there is a version of Firefox 10.x called Firefox ESR (Extended Support Release) that is kept up-to-date, so that is also an option!

Why I Like Ubuntu’s Roadmap

Ubuntu founder Mark Shuttleworth, on user interface and user experience, and looking at desktop user interfaces holistically:

In the open source community, we celebrate having pieces that ‘do one thing well’, with lots of orthogonal tools compounding to give great flexibility. But that same philosophy leads to shortcomings on the GUI / UX front, where we want all the pieces to be aware of each other in a deeper way.

It’s only by looking at the whole, that we can design great experiences. And only by building a community of both system and application developers that care about the whole, that we can make those designs real. So, thank you to all of you who approach things this way, we’ve made huge progress, and hopefully there are some ideas here for low-hanging improvements too 🙂

This approach is why I find myself most aligned with where Ubuntu is taking the Linux desktop. The changes they have introduced to the UI over recent versions have been controversial — sometimes even breaking with revered Unix-y traditions — but I broadly think they are the right decisions to move the platform forward.

With mobile computing taking the lion’s share of industry attention, who is doing the thinking on innovating the traditional desktop? Ubuntu.

I will readily acknowledge that this kind of traditional desktop computing will probably be less important in the future than it has been in the last decade.

I don’t think that means no-one will want to use a desktop. I certainly don’t think it is a reason to stop innovating.