Fosdem: some thoughts

Submitted by DenRaf on Sat, 02/23/2008 - 15:53

A speaker should definitly share their presentation at the moment they start their presentation. I'm always sitting in the back of room, at the moment the mozilla dev room, and like it was a bit crowed with the previous talk, it would be nice if you just could follow the presentation on your screen.

This reminds of a movie called "Hackers", I think, were they had some software that just could take over every screen. A bit more realistic is the idea of you logging in to a presentation server, and when the speakers continues along his presentation you see that active slide in your browser. Some dev with a bit spare time? :)

Of course you can go sit a bit more in front, but sitting in the back is some behavior of me inherited from my time at school.

Update: the mozilla dev room had just some update. It's called Just says it all ...

Drupal 6 + tagadelic

Submitted by DenRaf on Wed, 02/20/2008 - 21:48

Since the tagadelic module is not drupal 6 compatible yet,  you have to apply a patch:


cvs -z6 checkout -d tagadelic contributions/modules/tagadelic

cd tagadelic; patch -p0 < ../tagadelic-198672-16.patch

Now the module works in Drupal 6, but the content of your tagcloud is only updated when you run cron.php. I wanted to have this done automatically when I edited tags, when I add or remove content or changing the setting of the cloud. I found everything I needed to know here, but I will make it easy:

In modules/tagadelic/tagadelic.module change line 231:

from: cache_set($cache_name, $tags);

to: cache_set($cache_name, $tags, 'cache_page', CACHE_TEMPORARY);

As mentioned here, they will make it just a configuration option.

Loving Drupal each day more and more, and you have to love the ever growing community around it.

Drupal 6

Submitted by DenRaf on Wed, 02/20/2008 - 21:38

I have to say, the more I work with Drupal, the more I love it. So you can expect a move of this blog to drupal soon. :)

Only last week we created a nice theme for our technical website. Only after finishing our website, Drupal 6 was released and of course we wanted to upgrade asap.

Here you can find a little manual on converting your Drupal 5 theme to Drupal 6. In the theme it-self doesn't have to change that much. Expected things are sidebar-left by left, sidebar-right by right, ...

People who use primary links, will notice that they don't work. The trick is to edit page.tpl.php:

from: <?php print theme('menu_links', $primary_links); ?>

to:  <?php print theme('links', $primary_links) ?>

So the real new thing is the .info file for the theme. Our theme is basd upon the litejazz-theme, so I'll put our .info file here.

name = inuits_tech
description = Theme for INUITS' technical site
core = 6.x
engine = phptemplate

version = "6.0"
project = "drupal"

regions[user1] = user1
regions[user2] = user2
regions[user3] = user3
regions[user4] = user4
regions[user5] = user5
regions[user6] = user6
regions[content_top] = content top
regions[content_bottom] = content bottom

regions[left] = Left sidebar
regions[right] = Right sidebar
regions[content] = Content
regions[header] = Header
regions[footer] = Footer

Some thoughts about eID

Submitted by DenRaf on Tue, 02/05/2008 - 21:22

It's been a year since the first implementations around eID started showing up. Yeah indeed, just before FOSDEM or maybe that's just coincidence, but my thoughts are still the same.

I think, and I'm not alone in this case, there is a security flaw. And not just one that's quickly solvable, but a flaw in design. The thing is, you get your card with a private key and you just don't know who else has your key. Ain't it the goal of keys, that you create a private key and you distribute your public key?

And now some other really nice thing about it. It's not writable. Of course not you say, but listen up.

Say, you move to an other place. Wouldn't it be nice, to just be able to change that? I can understand you need to go to the city hall of your new place, and prove you come to live there, but that it is at least a quick write over. But no, it's not. You need to go back home, cause they have to order a new eID for you. After 2 weeks, you get your new card, with your new address, but also with a new private/public key pair. Now you can warn all your friends, who have signed your key, you have a new one, again.

So, instead of using an eID, use a smart-card with your own keys, this way you at least can control them.

OpenID server

Submitted by DenRaf on Tue, 12/04/2007 - 22:42

These days we all like an online identity. In Belgium you could use the eID for authentication, but I prefer OpenID since I can control it completely.

After trying a few OpenID servers, I came along phpMyID. It is the best so far, so I will stick to it.

If you want your own OpenID server, follow this little howto

- Download the server from:
- Untar it
- create your hashcode: echo -n '<username>:phpMyID:<password>' | openssl md5
- Do your configuration in phpMyID.config.php. The auth_password is the hashcode.
- rename phpMyID.config.php to index.php
- upload the files to your server. (You can just put it in a folder that is world accessible)

Muliple domains support in Openfire

Submitted by DenRaf on Fri, 10/12/2007 - 07:38

On the openfire-forum and on a lot of others is this the subject of many threads, however it almost works out of the box.

I'm running 3 domains which all like jabber support. Lazy as I am, I just want to maintain one jabber-server instance. All 3 domains are being authenticated on the same LDAP-server.

Openfire version: 3.3.3

LDAP Settings
Port: 389
Base DN: dc=com
Administrator DN: uid=admin,ou=people,dc=mydomain,dc=com

Result is that all users of all domains are able to login and chat with each other. Users of the not default domain are also able to use the groupchats. But not everything is ok, there are also some issues:

Users of the not default domain:

  • aren't listed
  • show up as member of the default domain
  • Not only show up as those, but for access lists you have to use the default domain. So this could give a user conflict

OTRS and remote MySQL database

Submitted by DenRaf on Mon, 10/08/2007 - 08:23

At our new company we have a dedicated MySQL database machine and we use OTRS for ticketing.

The thing is when you use the packages provided by otrs, you end up installing mysql-server on the otrs-machine. And that's just what I didn't want to do. So instead of just complaining I edited the spec files, the rcotrs-config files and rebuilded the rpm.

Now you don't need to install mysql-server anymore and the otrs init file isn't checking anymore for a running database. However the otrs init still tests the connection to the database. Just what we want.

You can download the src rpm here and the normal rpm here. In the src rpm you also find the spec files for the other supported plaforms (redhat 7.x, redhat 8.0, suse from off 7.3)

O2Micro cardreader on Dell, Acer

Submitted by DenRaf on Sat, 08/25/2007 - 15:14

This is how you can get the O2Micro smart card reader that is used on Dell D820 and my Old Acer Travelmate 6003. This reader is for sure used at allot of other machines, but those are listed here I've tested myself.

You can get the tar package here. This one was originally only for kernel 2.6.16 but some of the source is replaced by new files found here. For this tar package you don't have to do anything. I use it since kernel 2.6.19 and I now use it on kernel

This package has one dependencie: pcsclite-1.2.9 or higher

All you have to is download and untar the package.
- run configure-release or configure-debug
- modprobe ozsrclx

There is a new package on this site, but was not able to get it working yet.

Auto svn-recover on old svn systems

Submitted by DenRaf on Fri, 08/24/2007 - 23:39

These days if you are using the latest svn with berkely db, this is not one of your problems. Auto-recovery is build-in.

But for people like me that stick by their old svn for various reasons it is a waist of time for recovering every corrupted repository. For making it yourself easy, you make a script for that, that you hit when you noted that a repository was corrupted. But still, not easy enough. So you make a script that checks every repository configured and if one is corrupted, fixing it at the same time. Good, now we are getting there, but still. Sometimes the check will hang endlessly and so will your script. So what then?

Expect. Use expect to check your repository and add a timeout. So when the check will hang, kill it after the timeout is reached.
Expect expects various outputs of the command it executes, and for each expect rule you can do something. For instance giving it an exit-code.

I noted something quiet important, expect 5.42 only compares to the last line of a multi-line response of the command it executes.

You can find my script here.

Almost everything is configurable, even mail notification.

You can add this script to your cron tasks, so you just have to do nothing IF one fails.

Apache redirect response header

Submitted by DenRaf on Fri, 08/24/2007 - 23:08

All admins of advanced Apache setups will cross this problem someday. So did I :)

You have some nice reverse proxy setup, everything working just fine, except that one redirect that happens on one of the backend machines to a non default port.
You have no choice then redirect that to a default port. I searched long after this, and with me a collegue

Lets say when you surf to, you are proxied to backend server with ip End for example that backend server redirects you to a non-default port like 8443. And you end up with your browser going to directly. If these ports aren't blocked already, you'll probably go to somewhere completely different.
Normal redirects are catched by your proxy and you'll not see a thing, but not these.

Everybody knows the mod_rewrite module, but that only handles request headers. For this you need to change to response headers. You could do this with some fancy stuff with something self written for using mod_perl or so, but the solution is by far more simplier.

mod_headers is the answer to this problem:

In your VirtualHost config for that machine on your proxy:

Header edit Location ^

This will have as a result that the location header send by your backend server will be changed to if it starts with Your browser directly go to and problem is solved.