Caleb Gilbert's blog

How to make a terminal alias for Mac OS X

After looking around for how to make an alias for Mac OS X's terminal/shell I ended up cobbling together my solution from a variety of different (mostly unixy-linuxy) places. So in the name of good documentation, here is the magic formula for the next time I need to set up an alias for happier command line hacking:

  1. First we edit/create a profile. For a normal user do:
    pico /etc/profle
    ...or for root/superuser do:
    pico ~/.profile
  2. Add your alias like so to the file:
    alias aliasname='mycommand /path/path'
    (notice no space between equal sign and ')
  3. Save your changes and close the file
  4. Load/reload your profile with:
    . /etc/profile
    ...or for root/superuser do:
    . ~/.profile
  5. If you are using root/sudo you will need to use sudo -i in order to load the profile upon login (more info about this here).
  6. Done.
21 October, 2009

Step-by-step: Set up an NFS share

Published in: 

This article assumes you have NFS and portmap installed on your server already. I think a lot of distros come that way, but some of the links below the instructions mention installation steps if you need it. If you need to install for Redhat or Centos just do:
yum install nfs-utils nfs4-acl-tools portmap

I. First, setup the NFS server

(note: in the steps below 192.168.0.2 is the nfs client, and 192.168.0.3 is the nfs server)
1. mkdir /home/fileshare
2. Add this to /etc/exports on NFS server:
home/fileshare 10.181.229.183(rw,sync)
3. Add this to /etc/hosts.allow on NSF server
portmap: 192.168.0.2/255.255.255.255
portmap: 192.168.0.3/255.255.255.255
4. Check to make sure portmap is running correctly by doing:
/sbin/service portmap status
...check /var/log/messages for any error that might occur
5. Start nfs and portmap:
/etc/init.d/portmap
/etc/init.d/nfs
6. Make entry for the ip gets added to APF or else connection will timeout:
apf -a 192.168.0.2
7. Make sure services start on boot:
chkconfig nfs on
chkconfig portmap on

SPECIAL NOTES
1. If portsentry is on the server, make sure that it doesn't get in the way when trying to start portmap. If this an issue, comment out everywhere where '111' appears in /etc/portsentry/portsentry.conf (111 is the port that portmap uses) and stop and stop portsentry to reload (/etc/init.d/portsentry stop, /etc/init.d/portsentry start)
2. add ip of client server to /etc/portsentry/portsentry.ignore

II. Second, setup NFS client

1. Make shared directory on client
mkdir /home/fileshare
2. Add to /etc/fstab on client so will get mounted on reboot
192.168.0.3:/home/fileshare /home/fileshare nfs rw,hard,intr 0 0
3. Start portmap:
/etc/init.d/portmap
4. Make entry for the ip gets added to APF or else connection will timeout:
apf -a 192.168.0.3
5. Mount with:
mount -a
6. Make sure portmap starts on boot:
chkconfig portmap on


Other articles
http://linuxwave.blogspot.com/2008/08/nfs-howto-for-centos-5.html
http://rootit.org/2008/07/nfs-shares-on-centos/
http://www.johnandcailin.com/blog/john/scaling-drupal-step-one-dedicated-data-server
http://www.eth0.us/nfs-crash-course
11 August, 2009

Improving your Drupal site's security: Cracking Drupal review

If you're a Drupal professional, you owe it to yourself and your clients to internalize the lessons and techniques inside Cracking Drupal: A Drop in the Bucket. This is true because, statistically, any insecurities in one's site are many times more likely to be introduced by one's own custom theming/modules than by Drupal core. The book mentions the audit of a high-profile Drupal site that uncovered 120 security issues, of which the vast majority were found in the customized theme layer! (much more than from contrib/custom modules even)

There are many good things to choose from, but for me the best thing about Cracking Drupal is that I finally have a definitive one-stop place to go for information about Drupal security: what to watch out for, how to test it, best practices, worst practices. It's all there.

Finally, keep in mind that just reading this book will not of itself make your site more secure. I've had to re-read certain things a few times before it sunk in all the way. A process helped along even more by downloading the vulnerable.module, the module the book uses for many of its examples, and testing out the examples inside of it for a few hours.

Many thanks to greggles for putting this together for the Drupal community. For another review of Cracking Drupal see Aaron's write up of it.

31 July, 2009

Provisioning and install script for a speedy Drupal workflow

I made this script and the database backup, dump, and SVN commit script because I was determined to spend as little time as possible doing sysadmin while setting up dev and staging sites, so that I could spend as much time as possible developing (e.g., the fun stuff). With one command the script can:

  • 'svn up' a version controlled database, and upload it to your database
  • Run queries against database to set preferred site defaults
  • 'svn up' site docroot
  • Copy over fresh "files" directory from another site (e.g., production). Note, not a good option if you have your "files" directory version controlled.
  • Set owner:group file permissions on all site files

How to
The script should go in non-public, secure directory, which is somewhere below the site doc root. I haven't tried running it with permissions less than sudo, though it may be possible. Invoke by doing:

sh path/to/provision_and_install.sh

Download
provision_and_install.sh.zip

28 March, 2009

Database backup, dump, and SVN commit script for Drupal workflow

Published in: 

This script is useful for keeping a database within reach of an 'svn up' anywhere it needs to be deployed (e.g., dev and staging sites). In addition to creating a database dump, it also svn commits the database. I use it in conjuction with this provisioning / install script, but it can be used on its own.

How to
The script should go in non-public, secure directory, which is somewhere below the site doc root. I haven't tried running it with permissions less than sudo, though it may be possible. Invoke by doing:

sh path/to/dump_and_checkin.sh

It has logging and verbose output for confirmation of it's operations on the command line.

Future possiblities includes doing something like this to cut down on the size of the diffs committed, but since haven't gotten a chance to test that in a prodcution environment, am sticking with with plain-and-simple in order to guarantee integrity of the SQL file.

Download
dump_commit.sh.zip

dump_commit_w_perms.sh.zip (dump and commit, plus update file permissions, a feature not related to backup - simply for maintenance reasons. I use this one myself, but use the other script if this feature is not wanted or needed)

28 March, 2009

How to have a fun and successful time at Drupalcon

Very soon 1,399 of your best friends will be converging on Washington DC to talk about all things Drupal, web, business, yada yada yada. What could be more fun than that?! Well, for some people, believe it or not, the thought of so many people or the thought of having to do anything particularly social with people that they don't already know, is a bit overwhelming/unappealing. Under normal circumstances I fall into this category. Starting a couple years ago at my first big Drupal function, however, I made a deliberate decision to try to overcome this tendency. As it turns out that was one of the best decisions I've ever made in my life. The effects which have followed "forcing" myself to go say hi to more people than I normally would back then are still with me to this very day.

Hopefully anyone reading this won't confuse what I'm saying as an endorsement to run up to everyone they've ever wanted to meet and harrass them - if you're already a social butterfly - you probably don't need to force yourself to be more social - that would just be obnoxious ;-). But by all means if you're hanging around somewhere - don't hesitate for a second to say hi to whomever is around you. ("So what do you do with Drupal?" is always a nice starting point)

Couple more tips:

1) If you need to, remind yourself that if all of this sociability sounds like too much work and all you want to do is float around a bunch of people anonymously - you could have just stayed home and tracked the conference online!

2) Whether gardening or heading to a convention - when you're planting seeds - it will probably take the seeds some time to even spout, let alone turn into a blossoming tree. Some seeds might not even ever get going. So plant many of them and don't worry to much about tomorrow, today. You'll enjoy yourself more and likely be more enjoyable to talk with.

1 March, 2009

Pages

Subscribe to RSS - Caleb Gilbert's blog