linuxbutler

Recently I recorded an episode for Hacker Public Radio. It answers some questions that another contributor, knox, had about virtualenvwrapper. My episode will (if all goes well) be published on June 27 as episode 2322.

I had a very smooth upgrade of a Debian wheezy system to Devuan jessie. This is a small system that doesn’t have a desktop or use any other dbus things — it mostly runs as an unattended server and I only connect to it occasionally.

Happy birthday Devuan!

Devuan is a systemd-less fork of Debian.

I’m lucky enough to be sitting in the netconf conference, with Pablo Ayuso, Jamal Hadi Salim, David Miller and others. They are discussing current and proposed future work on the networking subsystem of the Linux kernel.

This is the by-invitation-only mini-conference. Many of the attendees here will speak at the open-registration netdev01 conference from Feb 14 — 17 at the same venue (the Westin Hotel, downtown Ottawa). It’s looking like that conference will be really great. It’s not too late to sign up! I’ll definitely be there.

I looked up a question on stackoverflow, and even found it. But it had no answer, so I wrote one.

With luck, it’s not too far wrong.

… well I guess I answered the wrong question. Oops.

Can an existing folder be redeclared a virtual enviroment with VirtualEnvWrapper?

I thought this was a project that had been made with virtualenv, and they wanted to put it under virtualenvwrapper. But apparently it was made with virtualenvwrapper, and I don’t know what they want to do with it.

They can probably get the answer to their question from my answer, though.

My answer:

Yes.

Anatomy of virtualenvwrapper

The existing project has two parts:

• the virtualenv, where python and the python libs are installed, and
• the project directory where your code is (that uses the virtualenv).

Virtualenvwrapper adds a third part, the virtualenvwrapper hooks. These are mainly shell functions that are called at certain times in a project or virtualenvs life cycle. They live in a third directory — by default, they are installed to ~/.virtualenvs (at least that was true on my Debian wheezy system). The hooks include postactivate, which we will edit below, and a bunch of others such as premkproject, premkvirtualenv, etc. The following list of keywords gives you the flavour of the hooks: initialize, pre/post, mk/rm, project/virtualenv, activate/deactivate. virtualenvwrapper puts these scripts in $VIRTUALENVWRAPPER_HOOK_DIR, which defaults to $WORKON_HOME.

virtualenvwrapper assumes

• all the virtualenvs are in one place ($WORKON_HOME) (defaults to ~/.virtualenvs) Let’s say you have two virtualenvs, one called MYVENV and the other called MYOTHERVENV
• all the project directories are in another place ($PROJECT_HOME).

Let’s say you have a project “is” in directory /home/me/where/my/proj that uses virtualenv MYVENV.

how to use workon to work on your pre-existing code and virtualenv

Here I’m assuming all your virtualenvs are in one place (in my case, they are all in /usr/local/virtualenv).

one-time operations

** edit ~/.virtualenvs/postactivate (+) to have

    case $env_name in
        MYVENV)
            cd /home/me/where/my/proj/is
            ;;
        MYOTHERVENV)
            cd /home/me/where/my/other/project/is2
            ;;
    esac

** links

    for hk in get_env_details initialize postactivate postdeactivate \
            postmkproject postmkvirtualenv postrmproject \
            postrmvirtualenv preactivate predeactivate premkproject \
            premkvirtualenv prermproject prermvirtualenv; do \
        ln -s ~/.virtualenvs/$hk /usr/local/pythonenv/$hk; \
    done

any time you want to work on your project that uses MYVENV virtualenv

    WORKON_HOME=/usr/local/pythonenv workon MYVENV

Of course if all your virtualenvs are indeed in the same place, you can define WORKON_HOME in your .profile and you won’t have to specify it on the command line every time.

The problem I’m trying to solve here is to see if my web app is setting the right headers on the response. But, the web app is under https so it’s hard to sniff. Here’s how I did it. Hopefully next time I have to do this, I will find this hint and get going a lot quicker.

In the thing below, pretendhostname is a name that the remote web server uses for the server name, and the local machine has as an alias to 127.0.0.1. Also, I have used ssh port forwarding to send the data to the remote web server.

• In /etc/apache2/sites-enabled/the-web-app:

  <VirtualHost *:443>
      ServerName pretendhostname
     ...
  </VirtualHost>
  

• ~/.ssh/config stanza for some remote network on which the remote web server (10.0.0.26) runs:

  Host remote_gateway
          ...
          LocalForward 8443 10.0.0.26:443
  

• in /etc/hosts on my local machine:

  127.0.0.1       localhost pretendhostname
  

• Type these commands:

  $ ssh remote_gateway
  

  then in a different terminal on my local machine:

  $ curl -L -b cookie.data -c cookie.data \
      -d 'username=theusername&password=thepassword' \
      -k -D headers.txt \
      https://pretendhostname:8443/login/
  $ curl -L -b cookie.data -c cookie.data \
      -d 'username=theusername&password=thepassword' \
      -k -D headers.txt \
      https://pretendhostname:8443/some/path/somefile.data
  

This will put the headers of the response into headers.txt, where I can inspect them.

More main-stream media coverage on “the cloud”, this time from The Current

Douglas Coupland on Alcatel-Lucent, in a The Current episode produced by Kristin Nelson.

I was pleased to see “the cloud” described in plain terms in this CBC news article:

http://www.cbc.ca/news/technology/how-to-keep-your-private-photos-from-running-wild-on-the-web-1.2753397

Hopefully, we can go back to calling data centres “data centres” again, soon.

git ls-tree -r HEAD

I tried searching for how to list the files in a revision in git, and found only how to list the changed files in a revision.

I knew that gitk shows a list of files and directories in any given repo. So I looked in it (it’s a wish script) to find out how it gets the list of files for each revision. Found it around 3/4 of the way down, in proc gettree.

Probably most anything you’d want to do with git, you can find it in gitk.

A friend recently was going to update his Facebook app on his Android tablet. Even he was shocked to see what permissions Facebook was requiring for the upgrade. Facebook was requiring the following new permissions in order to complete the upgrade:

• YOUR MESSAGES
  • read your text messages (sms or mms)
• SYSTEM TOOLS
  • change network connectivity
  • connect and disconnect from wifi
• HARDWARE CONTROLS
  • change your audio settings
• YOUR PERSONAL INFORMATION
  • add or modify calendar events and send email to guests without owner’s knowledge
  • read calendar events plus confidential information
  • read your own contact card

This is in addition to the permissions that the Facebook app already has:

• SYSTEM TOOLS
  • prevent tablet from sleeping
  • toggle sync on and off
• HARDWARE CONTROLS
  • record audio
  • take pictures and videos
• YOUR PERSONAL INFORMATION
  • modify your contacts
  • read call log
  • read your contact
  • write call log
• STORAGE
  • modify or delete the contents of your USB storage
• YOUR LOCATION
  • approximate (network-based) location
  • precise (GPS) location
• YOUR ACCOUNTS
  • add or remove accounts
  • create accounts
  • set passwords
• NETWORK COMMUNICATIONS
  • full network access
• PHONE CALLS
  • read phone status and identity
• the fold (below are “hidden” permissions — it’s an Android thing I guess)
• DEFAULT
  • com.sec.android.provider.badge.permission.READ
  • com.sec.android.provider.badge.permission.WRITE
• SYSTEM TOOLS
  • install shortcuts
  • read sync settings
  • send sticky broadcast
• DEVELOPMENT TOOLS
  • test access to protected storage
• NETWORK COMMUNICATION
  • download files without notification
  • receive data from internet
  • view wifi connections
  • view network connections
  • google play billing service
• HARDWARE CONTROLS
  • control vibration
• YOUR ACCOUNTS
  • find accounts on the device

And people want to keep money and other sensitive info on their Android devices, along with these promiscuous permissions? They wonder why their privacy is being eroded and their identities stolen, when they are giving away the info — and control — themselves?

At this point, even my friend is not keen to upgrade his Facebook app.

If enough people complain this time, we can watch for Facebook to relinquish a couple of the new permissions, then sneak them back in in future upgrades.