ZhyFly's Blog

If you are using svn, and you made a wrong log message (using --message "real message"), then you want to modify it. But how to deal with this situation?

It's really easy to use the hook of SVN, look at the /path/to/repos/hooks directory and you will find a file named pre-revprop-chage.tmpl, hm, this is the tricky.

1. rename the pre-revprop-change.tmpl to pre-revprop-change.

   #mv /path/to/repos/hooks/pre-revprop-change.tmpl /path/to/repos/hooks/pre-revprop-change
   

2. change file access permissions to executable.

   #chmod +x /path/to/repos/hooks/pre-revprop-change
   

3. modify the previous wrong log message from a file msg.

   #svnadmin setlog /path/to/repos/ -r REVISION msg
   

4. check out if it works.

   #svn log -r REVISION file:///path/to/repos
   

It's convenient to use Makefile to manage your project, this is obvious for me. However, sometimes I want to execute shell in Makefile. Then here is an example like this:

GCC = gcc
G++ = g++
RM = rm

BINS = bmp2raw

all: $(BINS)

%:%.c
    $(GCC) -o $@ -g $<

convert:
    for i in $(shell ls *.bmp);do (./bmp2raw $$i $${i%.*}); done

clean:
    $(RM) $(BINS)

This is a Makefile to manage a project converting .bmp file to .raw file using C. Besides it can also convert all the .bmp files in the current directory to .raw files without changing the name of the files (just the extension). Therefore, typing

#make convert

will get the fruit. :)

Many of us use the excellent OpenSSH as a secure, encrypted replacement for the venerable telnet and rsh commands. However, it's annoying to enter the password everytime you login a remote machine. Here will give you some good idea about SSH a remote mahcine without password securely. And you can use rsa1, rsa, and dsa authentication as you like.

rsa1

Use rsa1 authentication:

user@localbox# ssh-keygen -t rsa1
Generating public/private rsa1 key pair.
Enter file in which to save the key (/home/user/.ssh/identity):
        (hit enter)
Enter passphrase (empty for no passphrase):
        (enter a passphrase)
Enter same passphrase again:
        (enter it again)
Your identification has been saved in /home/user/.ssh/identity.
Your public key has been saved in /home/user/.ssh/identity.pub.
The key fingerprint is:
a4:e7:f2:39:a7:eb:fd:f8:39:f1:f1:7b:fe:48:a1:09 user@localbox
user@localbox# scp ~/.ssh/identity.pub user@remotebox:
user@localbox# ssh user@remotebox
user@remotebox's password:
user@remotebox# cat ~/identity.pub >> ~/.ssh/authorized_keys
user@remotebox# exit
user@localbox#

You'd better enter a passphrase when ssh-keygen prompts for.

rsa

Use rsa authentication:

user@localbox# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
        (hit enter)
Enter passphrase (empty for no passphrase):
        (enter a passphrase)
Enter same passphrase again:
        (enter it again)
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
a4:e7:f2:39:a7:eb:fd:f8:39:f1:f1:7b:fe:48:a1:09 user@localbox
user@localbox# scp ~/.ssh/id_rsa.pub user@remotebox:
user@localbox# ssh user@remotebox
user@remotebox's password:
user@remotebox# cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
user@remotebox# exit
user@localbox#

You'd better enter a passphrase when ssh-keygen prompts for.

dsa

Use dsa authentication:

user@localbox# ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_dsa):
    (hit enter)
Enter passphrase (empty for no passphrase):
    (enter a passphrase)
Enter same passphrase again:
    (enter it again)
Your identification has been saved in /home/user/.ssh/id_dsa.
Your public key has been saved in /home/user/.ssh/id_dsa.pub.
The key fingerprint is:
a4:e7:f2:39:a7:eb:fd:f8:39:f1:f1:7b:fe:48:a1:09 user@localbox
user@localbox# scp ~/.ssh/id_dsa.pub user@remotebox:
user@localbox# ssh user@remotebox
user@remotebox's password:
user@remotebox# cat ~/id_dsa.pub >> ~/.ssh/authorized_keys2
user@remotebox# exit
user@localbox#

You'd better enter a passphrase when ssh-keygen prompts for.

After that you should install keychain in your /usr/bin/ directory of your localbox refer to README in the keychain tarball. Then add the following lines into your ~/.bash_profile:

# ssh-agent daemon                                                                                                  
/usr/bin/keychain ~/.ssh/id_rsa #take rsa for an example
# redirect ~/.ssh-agent output to /dev/null to zap the annoying                                                     
# "Agent PID" message                                                                                               
source ~/.keychain/${HOSTNAME}-sh > /dev/null

I used keychain-2.6.8 version for the test, if your version is different, you should hack the above code for your version.

At last, relogin in your localbox and it will display something like:

KeyChain 2.6.8; http://www.gentoo.org/proj/en/keychain/
Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL

 * Initializing /home/user/.keychain/[hostname]-sh file...
 * Initializing /home/user/.keychain/[hostname]-csh file...
 * Initializing /home/user/.keychain/[hostname]-fish file...
 * Starting ssh-agent
 * Adding 1 ssh key(s)...
Enter passphrase for /home/user/.ssh/id_rsa: 
Identity added: /home/flyzhy/.ssh/id_rsa (/home/user/.ssh/id_rsa)

Remember to Enter the passphrase when you generate the key using ssh-keygen. Then, you can securely ssh the remotebox without password.

Reference

• OpenSSH key management (Part 1) Chinese | English
• OpenSSH key management (Part 2) Chinese | English
• OpenSSH key management (Part 3) Chinese | English

Spring Festival which is the most important festival during the year in China is coming, all Chinese people come back to home to stay with the family. Therefore, we students have a long vacation and that's why you can not access the web site during the vacation. Sorry for that but wish everyone happiness in the new year.

The most common sections under GNU/Linux, and their human readable names, are:

Section The human readable name
   1    User commands that may be started by everyone.
   2    System calls, that is, functions provided by the kernel.
   3    Subroutines, that is, library functions.
   4    Devices, that is, special files in the /dev directory.
   5    File format descriptions, e.g. /etc/passwd.
   6    Games, self-explanatory.
   7    Miscellaneous, e.g. macro packages, conventions.
   8    System administration tools that only root can execute.
   9    Another (Linux specific) place for kernel routine documentation.
   n    (Deprecated) New documentation, that may be moved to a more appropriate section.
   o    (Deprecated) Old documentation, that may be kept for a grace period.
   l    (Deprecated) Local documentation referring to this particular system.

I have many many pitures in recursive directories from Microsoft Windows XP, you know, it always creates a file named "Thumbs.db" to the default picture viewer in Microsoft Windows XP, so I want to delete all these files in my GNU/Linux system. You will know it's so easy to realize this in GNU/Linux or UNIX with the usage of tree and other Shell command.

Write a simple shell script as follows:

#!/bin/bash
# rm_ThumbsDOTdb.sh
for i in $(tree -a -f -i|grep 'Thumbs.db')
do
  rm -f $i
done

Copy this file to a directory in your $PATH and change directory to that you want to deal with and run:

#rm_ThumbsDOTdb.sh

You will get what you want now.

The simplest application of squid is to setup a direct proxy server, that would let the clients to know the proxy server name(probably the IP address of the proxy server) and the http port. However, it's easy to make this come true, just follow me now.

Prepare

The default user and group of squid would be nobody and nogroup, so the first thing you should do is to add this user (nobody) belongs to the nogroup group. If you have no this default user and group in your system(Slackware would create them while the installation. To check whether you have them in your system, just do the following:

#cat /etc/group | grep nogroup
nogroup::99:
#cat /etc/passwd | grep nobody
nobody:x:99:99:nobody:/:

If you got some messages like above, you got the default user and group now. Or else do the following operation:

#groupadd nogroup
#useradd -g nogroup -d / -p passwd nobody

Download, compile and install

Download the latest stable version of squid from squid-cache which probably like squid-x.y-STABLE.tar.gz.

Then compiling and installing squid as follows:

#tar xvfz squid-x.y-STABLE.tar.gz
#cd squid-x.y-STABLE
#mkdir -p /usr/local/squid
#./configure --prefix=/usr/local/squid
#make
#make install

Configure

The first squid configuration would be /usr/local/squid/etc/squid.conf, sometimes maybe you can use /etc/squid/squid.conf as the configuration file of squid. Anyway, my configuration is shown in the following:

acl deny_ip_01 dst 1.1.1.1
http_access deny deny_ip_01
acl deny_url_01 url_regex http://www.www.www
http_access deny deny_url_01
http_port 3128
cache_mgr FlyZhy.Org@Gmail.Com
cache_mem 64 MB
cache_dir ufs /usr/local/squid/var/cache 1024 16 256
cache_access_log /usr/local/squid/var/logs/access.log
cache_log /usr/local/squid/var/logs/cache.log
cache_store_log /usr/local/squid/var/logs/store.log
pid_filename /usr/local/squid/var/logs/squid.pid
#dns_nameservers 211.64.142.7
acl all src 0.0.0.0/0.0.0.0
#acl manager proto cache_object
# let 222.195.148.* to use the proxy server
#acl wan src 222.195.148.0/255.255.255.255
#acl localhost src 127.0.0.1/255.255.255.255
#acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80      # http
acl Safe_ports port 21      # ftp
acl Safe_ports port 443     # https
acl Safe_ports port 70      # gopher
acl Safe_ports port 210     # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280     # http-mgmt
acl Safe_ports port 488     # gss-http
acl Safe_ports port 591     # filemaker
acl Safe_ports port 777     # multiling http
acl CONNECT method CONNECT
#http_access allow manager localhost
#http_access allow wan
#http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#http_access deny all
http_reply_access allow all
icp_access allow all
maximum_object_size 4096 KB
coredump_dir /usr/local/squid/var/cache

After the configuration of squid.conf, run #/usr/local/squid/sbin/squid -z to create the swap directories etc. According to this configuration you should have the following structure:

 
#tree -a -f -L 1 /usr/local/squid
/usr/local/squid
|-- /usr/local/squid/bin
|-- /usr/local/squid/etc
|-- /usr/local/squid/libexec
|-- /usr/local/squid/man
|-- /usr/local/squid/sbin
|-- /usr/local/squid/share
`-- /usr/local/squid/var
#tree -a -f -L 2 /usr/local/squid/var
/usr/local/squid/var
|-- /usr/local/squid/var/cache
|   |-- /usr/local/squid/var/cache/00
|   |-- /usr/local/squid/var/cache/01
|   |-- /usr/local/squid/var/cache/02
|   |-- /usr/local/squid/var/cache/03
|   |-- /usr/local/squid/var/cache/04
|   |-- /usr/local/squid/var/cache/05
|   |-- /usr/local/squid/var/cache/06
|   |-- /usr/local/squid/var/cache/07
|   |-- /usr/local/squid/var/cache/08
|   |-- /usr/local/squid/var/cache/09
|   |-- /usr/local/squid/var/cache/0A
|   |-- /usr/local/squid/var/cache/0B
|   |-- /usr/local/squid/var/cache/0C
|   |-- /usr/local/squid/var/cache/0D
|   |-- /usr/local/squid/var/cache/0E
|   |-- /usr/local/squid/var/cache/0F
|   `-- /usr/local/squid/var/cache/swap.state
`-- /usr/local/squid/var/logs
    |-- /usr/local/squid/var/logs/access.log
    |-- /usr/local/squid/var/logs/cache.log
    |-- /usr/local/squid/var/logs/squid.pid
    `-- /usr/local/squid/var/logs/store.log

Starting squid

After all the preparation, then we modify the /etc/rc.d/rc.local file to make squid running automatically while booting the system:

# squid
if [ -x /usr/local/squid/sbin/squid ]; then
    echo -ne "Starting squid ...\n"
    echo -ne "\t\tHTTP Proxy Server: 222.195.148.225\n"
    echo -ne "\t\tPort: 3128\n"
    /usr/local/squid/sbin/squid

Ok, enjoy!