Category Archives: Internet

Apache on a Stick

I had been idly wondering how you’d go about running Apache (or some other webserver) from a USB stick when I came across this site that makes doing it so ridiculously simple that I nearly fell off my chair!

Just start the “Mowes Mixer” mentioned in the last line of that home page and then select the ‘I do not have…’ option. You can then complete the software selection screen like so:

I’ve gone for the “Small Edition” Apache, MySQL and PHP5 -which is a 9MB download and yields as much functionality as you’ll need for the purposes of serving a Kickstart configuration file (for example). From the list of application software, you could add something like WordPress or Drupal: that will give you a portable website in which you could document Oracle-related tips or ideas (or anything else for that matter!) Add WordPress, for example, and your download goes up to 11MB, which is no big deal.

Once you download, you’ll end up with a zip-file sitting on your Desktop (or wherever you downloaded to, obviously). Unzip it, and copy the uncompressed folder to a USB drive that’s got around 100MB of free space.

Now double-click the mowes.exe file in that folder and an “installation” process takes place. The name’s a bit misleading, I think, because absolutely nothing gets installed on your PC to which the USB drive is attached. Instead, all that happens is that some directories and configuration files are created on the USB drive itself, once you’ve picked a language and agreed to the GNU GPL license. Your host PC’s firewall will probably also throw a fit when MySQL starts (allow it access, basically) and there’ll be a similar alert when Apache gets going (again, allow it access). Otherwise, that’s it!

You end up with this ‘control panel’ running on your host PC:

…which allows you to stop and start the web server. When you click End, the software quits completely, leaving nothing behind on the host PC. To get to the web server in your host PC’s browser, simply type the address http://localhost. If you’re trying to get to it from another PC (as you would if trying to Kickstart a Linux install on a virtual machine, for example), you refer to it by your host PC’s IP address -so, in my case, http://192.168.0.42.

The first time I tried this from a different PC (i.e., trying to access the server remotely), I obtained a 403 – You don’t have permission to access / on this server error. This is simply because the default Apache installation is very restrictive. To ease things up a bit (i.e., a lot!), click the Options menu in the MoWeS control panel and make the Security Options bit look like this:

Essentially, that means switch off the ‘only allow access to this server’ option; also switch off the one about ‘do not change the file .htaccess’; and then add an IP address of ‘ALL’ to the ‘allow access from…’ dialog. Stop and re-start the server and you should find remote PCs can now get to the web server’s home page OK.

Just note that WordPress (and, I’m guessing, quite a lot of the other applications) has its own configuration which, by default, expects all pages to be living on “http://localhost”. This means that accessing WordPress remotely won’t work properly (because ‘localhost’ on that remote PC means something very different than on the PC running the web server). The configuration option to change in WordPress is this one:

That’s found under the Settings option: just change the URLs to the IP address of the machine hosting the USB stick, and you’re good to go.

I wasn’t looking forward to getting Apache working from a USB device… but this makes it trivially easy to do and you get practically a complete “LAMP stack” thrown in for nothing… though without the “L”, obviously!

Should you need it, here’s my already-configured version as a zip file: just download, unzip, done. It doesn’t get much easier, I think!

Keepass on Linux

6 Replies

I mentioned several posts ago that my old Yahoo account had been hacked and that, as a result, I was madly changing passwords on everything I’d ever touched. I’m happy to report that this seems to have done the trick: no more dodgy sign-ins from the likes of Peru or Slovenia, for example, and no more spam (as far as I can tell) being sent from my old yahoo email account.

I also mentioned earlier that I was now keeping all my passwords in the completely zero-cost password manager called Keepass. Not only do I store the passwords there, I also get Keepass to generate the passwords in the first place… properly randomised, upper- and lower-case, plus numerals, plus special characters: you get the idea! In fact, I now don’t know what my passwords are to anything! If I need to log in to something, I simply run Keepass, copy the encrypted password into the clipboard (from which it is auto-cleaned after 30 seconds) and paste it into the password field. I know my Gmail password is 64 characters long, therefore, but I don’t know anything else about it and, so long as I can run Keepass, I don’t need to.

It’s a little fiddly, perhaps. But it’s definitely a more secure way to do things.

Provided I can run Windows, that is, because Keepass is a Windows-only application. (Yeah, a security product running on Windows… quit the laughing already!)

I only realised this flaw in my methodology when I got stuck on one of my old PCs which happened to have Fedora 15 x86_64 installed on it and found I couldn’t log in to anything!

Happily, there is a (fiddly) workaround: there’s an equivalent product, called KeepassX, which will run on Linux, provided you compile it from source. Doing that is just a little trickier than I’d like, so here’s the Fedora 15 64-bit recipe for doing that, should it be needed in future:

Download the KeepassX software. Save it to a convenient place: I use my Desktop folder.
Right-click the downloaded .tar.gz file and select ‘extract here’. You should end up with a directory called keepassx-0.4.3
As root, issue this command to install a necessary prerequisite: yum install libXtst-devel
As root, cd to the new keepassx-0.4.3 subdirectory and run the command: yum install mingw32-qt-qmake
Still as root, run the command: /usr/lib64/qt4/bin/qmake
Still as root, run the command: make
Still as root, run the command make install

You should now be able to type the command keepassx in a terminal session as yourself and have the software run correctly.

The only other issue you’ll have is that if you’ve used the latest version of Keepass on Windows (version 2.something or other) to create your password ‘vault’, you won’t be able to open it in the Linux version (which is compatible only with version 1.x) because of file format changes between versions. Happily, if you go back to the Windows version and select File -> Export, you’ll be able to output a copy of your vault in 1.x format, which KeepassX will then be able to read without drama.

Which only leaves the small matter of saving the password vault (and its 1.x equivalent) on an encrypted USB thumb drive. On Windows, I use Truecrypt to encrypt the entire device (and to subsequently mount and unmount it) -and, happily, it’s available for Linux as well. Installation is an absolute doddle:

Download the Linux version of the Standard Truecrypt software (I prefer not to go console-only!)
Right-click the download and select ‘extract here’
As root, in a terminal session, invoke the extracted file (which is a shell script) by issuing the command:
/home/hjr/Desktop/truecrypt-7.0a-setup-x64.
Substitute your own path and file name in that lot, obviously.
Select option 1 (to install Truecrypt), agree to the license… job done.

You now just type the command truecrypt in a terminal session as yourself to run the software, which behaves exactly as it does under Windows. The only slight twist is that when you mount your thumb drive, Truecrypt will first prompt you for the encrypted device’s master password, which is fine. But it will then prompt you for your Linux user account’s password -which may well not have the necessary privileges to mount devices. If that’s the case, it will complain that it ‘Failed to obtain administrator privileges: hjr is not in the sudoers file’.

Which, finally, prompts the inevitable question: how do I add myself to the sudoers file, then?! Easy: as root, issue this command:

echo ‘hjr ALL=(ALL) ALL’ >> /etc/sudoers.

(Use your own username, obviously, unless you too happen to log on to your OSes as ‘hjr’!) As soon as you’ve done that, re-run Truecrypt as yourself and you should be able to mount and dismount the encrypted thumb drive at will.

Google be Praised

3 Replies

I don’t think I’d be spilling any trade secrets if I said that whenever I go searching for Oracle tips/workarounds, I am always bound to find links to utterly useless results at Experts Exchange and any of the bazillion domains hosted by Don Burleson.

There have been browser extensions you could install to block things from the Google results pages by domain, but they’ve always been something you had to remember to install -and if you changed browsers, you were potentially back at step 1.

Today, Google have announced a game-changer: an option to block an entire domain from their search results, merely by clicking a link! Brilliant!

For example, if you’re doing an Oracle installation and come across the all_no_orcl linking error, you’ll do a search and end up with results like these:

The first two results there are from different domains owned and run by Don Burleson. If you think, as I do, that it would be useful to remove those two domains from any future search for reliable technical information about Oracle, you can now just click the Block dba-oracle.com and Block dbaforums.org links now helpfully included in the search results above. You’ll get a little ‘cloud puff’ animation as that particular domain disappears into thin air!

If you ever do the same search again, this time those blocked sites won’t appear in the results:

Now, the Oracle forums are the first results listed.

This feature works in all the major browsers (IE8, Chrome, Firefox), though I’m not sure it’s working reliably in Australia yet. It also, unfortunately, requires you to first visit a site on the domain you want to block and then to back-click to the original search results page. Only then does the ‘block’ link appear.

Currently, Google promises that the new feature won’t actually alter the Page Rank for any domain that gets blocked, but that might happen in the future.

At the bottom of any future search results page, you’ll see a count of how many links to blocked sites have been suppressed, along with an option to display them anyway. There’s also a management link, so you can unblock domains should you decide to:

All this means that you can make search results less full of stuff you know from bitter experience is likely to be a waste of time or, worse, downright misleading -and that’s a great thing to be able to do.

(Incidentally, if you want to stick to managing your own blocks using extensions, the plugins are still available: Personal Block List for Chrome and OptimizeGoogle for Firefox).

Gmail Consolidation

Leave a reply

I appear to have acquired quite a few email accounts over the years, most of them Gmail-based ones. It would be nice to have them consolidated into the account I use currently… and, happily for me, it’s not only nice but easy to do. It basically involves two simple pieces of configuration, one on the original account and one on the new, like so:

Log onto the old Gmail account.

Click Settings and select the Forwarding and POP/IMAP tab:

Ensure that POP is enabled for all messages. Since I’m effectively killing this old email account off completely, I also make sure that when messages are accessed with POP, the delete Gmail’s copy option kicks in. The default option is to ‘archive’ them instead, which is fine (it will still look like the old account’s been cleared out when you casually glance at it), but deleting them completely makes more sense to me.

That completes the setup for the old account.

Now you switch to the new account (it helps to have a couple of browsers for this, so that you can be logged in to one account in one (say, Opera) and logged into the other in, say, Firefox!). Again, go to Settings. This time, go to the Accounts and import tab. In the block for ‘check mail with POP3′, click the Add POP3 email account button. Type in the old email address you’re aiming to import and click the Next step button. Now you fill in the form with the appropriate details:

Since it’s an old gmail account we’re transferring from, the defaults are fine: port 995 on smtp.gmail.com, using a secure connection. Again, there’s an option to ‘leave a copy of a retrieved message on the (old account)’, but it’s off by default and I think that makes sense. I suspect this option over-rides the option I set earlier ‘delete’ or ‘archive Gmail’s copy’, but it does no harm to make sure both options, on either end, are set to achieve the same thing!

Click the Add Account button, and you’ll be asked whether you ever want emails from your current account to be addressed in such a way that they look as if they came from the old one:

As you can see, I think the appropriate answer here is ‘No’, since I’m effectively trying to close down a gmail account, not make it appear to still have life in it!

Otherwise, that’s about it, really. Click Finish to complete the process and the new account will (eventually -it can take many, many minutes) poll the old account for its contents, copy them across and delete them from the source. Net result: old account transferred to the new (at least, as far as emails are concerned. I don’t have contact details dotted about the place, so I had/have no interest in getting those transferred across).

I suppose that really only leaves one other question: is it possible to close a gmail account completely, for ever? After all, once the old emails are successfully across to the new, what’s the point of keeping the old account in the first place (some of mine go back to 2005 or earlier and haven’t received anything other than spam for ages. It’s not like anyone will mind that the old address ‘dies’, therefore).

Well, the answer to that one is again quite simple: yes, you can delete an old gmail account, and here’s how.

First, log onto the old account as before. Then click Settings, and the Accounts and Import tab. Down the bottom, click the link to Google account settings (found in the ‘Change account settings’ section). A new page will appear:

Click that “edit” link, next to the “My products” heading. You’ll now see something like this:

So, you’re now close! Click that last link (“Close account and delete all services”), and you’ll then have to confirm that you know what you’re doing:

You’ll need to switch on a check mark next to each item in the list, provide your password, and finally click the Delete Google Account button. You’ll then see a fairly curt message to confirm that your account has really been deleted… and that’s the job done. Once you log out, you’ll not be able to log back in with that username, for it has ceased to be!

There’s just one other minor detail to worry about… back in your new or current Gmail account, you’ll still have a ‘please import via POP3′ entry that points to the just-deleted account. You can go and delete that now, since you won’t need to import anything further from something that no longer exists! (The good thing about doing this bit of tidying up, too, is that you’re only allowed to do a POP3 import with a limited number of accounts. Having one in the list that isn’t actually functional means you’re taking up one of your slots for no good reason. So, housekeeping!)

Repeat all the above as necessary until all those old, spare and redundant Gmail accounts no longer exist!

After that, you’ve only got your non-Gmail old accounts to worry about… but that’s a story for another post.

Unmetered

Leave a reply

Living where I live (i.e., slightly less than 100Km from Sydney city centre), we cannot get “proper” broadband. No cable company flogs its wares in our neighbourhood; no local telelphone exchange is equipped for anything more than tin-can-and-string telephony, so ADSL is right off the options list! Our phone lines are so bad, we can’t even get ISDN -and that’s supposed to be accessible by 98% of the population! In desperation, we use Wireless Broadband, courtesy of Telstra Bigpond.

The plans available are enough to make you cry: the best I get is a 10GB monthly download limit for an eye-watering $129. Once you hit 10GB, there’s no extra data allowance available for purchase (and, in fairness, no extra charges): you just get shaped to speeds that would make a lethargic snail look sprightly. Friends and colleagues remark casually about their 200GB plans for $90 and wonder why I walk away in a hurry!

Nevertheless, I am generally happy with Bigpond: the connection seems always-on for about 95% of the time; the reception is good; speeds are excellent; and, when I need to, I can pack the whole thing, together with my netbook, and have Internet access on the morning train. Convenient, speedy, reliable -what more could you want (apart from more bandwidth and lower costs!)?

And my feeble 10GB allowance goes a lot further than you might think, thanks to the wonders of files.bigpond.com. Here, you’ll find Linux distro ISOs galore, a yum or apt-get update repository for the likes of Ubuntu or Fedora… and every single byte of this data munificence is completely unmetered, meaning that none of it counts in any way towards your 10GB monthly limit. Some months, therefore, I’ll actually download in excess of 25 or 30GB of stuff: 10GB on the ‘plan’ and maybe 20GB from files.bigpond.com, which magically ‘doesn’t count’!

Cue the inevitable sting in the tail: on June 30th, with all of three days’ notice, files.bigpond.com was taken down. No more unmetered access to anything… and therefore about 2/3rds of my effective monthly download limit abolished, at a stroke. This, as you can imagine, did not make for the happiest day of my life when I found out about it the moment I tried to download a new Fedora 13 ISO and kept getting redirected to the Bigpond home page. (Why they couldn’t email us to warn us, I have no idea: they’re happy enough to email a notification every time a phone bill arrives, after all!)

This was actually a deal-breaker for me. A loss of effective functionality so severe meant that I was fed up enough to go find another ISP. Actually, it turns out that there isn’t a single ISP in Australia that offers unmetered downloads for wireless broadband accounts, which is a bummer of major proportions! But there are lots of ISPs who will sell you a 6GB plan for $50 or so, with extra 6GB data blocks available on demand for about the same price (think Internode, for example). Once you’ve resigned yourself to never having access to unmetered downloads again, it’s a simple calculation to work out that Internode will sell you 12GB for $100, compared to Bigpond’s 10GB for $130: it’s not hard to work out where to go to!

The only thing you can hold against Internode is that they use the Optus wireless network, which is half the speed of Telstra’s on a good day -and I’ve had reception difficulties with them in the past (though their coverage maps now indicate a lot of that should be ancient history). But still, more data for less money: what’s not to like?!

More out of a sense of duty than actually expecting a decent reply, I took the trouble to write to the Bigpond sales people in these terms: I like Bigpond’s wireless service; I don’t want to change providers; but without that unmetered content, your product is sub-standard and non-competitive. Please tell me some good news that means I won’t have to change.

The usual two days’ wait for a reply ticked by.

Then yesterday, I got it: dear Howard, please be advised that we’ve made http://mirror.aarnet.edu.au unmetered.

Well, this a game-changer …and very, very unexpected (it’s always unexpected when Telstra/Bigpond actually listen to their customers!) Aarnet is an excellent mirror -much better, in fact, than the original files.bigpond.com. It has all the appropriate distros in DVD ISO format (apart from Centos, which is a bit of a bummer), and yum and apt-get repositories for updates. CPAN is there, so is Mozilla, Apache and a lot of others. For that to be unmetered makes me even happier than I was before and renders any thought of moving to the likes of Internode completely moot. Well done, Bigpond!

Which begs the question, I suppose: why pull the plug on a valuable resource, only to put the plug back in after you’ve pissed off a significant proportion of your customers? If it’s that easy to unmeter a site like aarnet, why not arrange to do that first, and then announce that since a gold-plated unmetered site is now available, there’s no need for the home-brew bronze alloy version? It would have been the sensible thing to do, I think (unless they simply had no idea about their customers and honestly weren’t expecting the storm of protest and discontent their original switch-off decision provoked).

It reminds me a bit of Julia Gillard’s approach to being Prime Minister: announce a regional processing centre for refugees in East Timor one day and only then start negotiating with the government of that country as to whether it’s actually possible to do! Surely the negotiations might usefully have preceded the announcement? But then that would mean having to hold off on the announcement whilst the practicalities were nailed down. It’s always harder to actually achieve something (i.e., actually do some governing!) and then announce it than the other way around, of course: which is presumably why it’s so often the other way around these days!

Anyway, Bigpond get at least half a thumbs-up from me for being relatively nimble in their ability to turn a mess of their own making into a positive. And I shall now get back to downloading some more ISOs… unmetered!