I know it’s a little late but the usual drive of new year innovation and releases within the Open Source world have been keeping me busy recently.

New years resolutions

1. Package AuthStor
2. Learn another RDBMS – Oracle / MSSQL?
3. Upgrade my local servers to FreeBSD 7.1
4. Pick up the guitar at least once a week
5. Lay down my first audio track in Ableton Live

The year started with my attempt at some resolutions (you know the ones you never keep) of which I am already making good progress on.

First on my list was AuthStor which is working on a basic level at the moment but there is so much more that can be done to make it easier to use. Why has it taken so long you may ask?

Well apart from being the only developer last year, I made several attempts to re-write the app in something like JSP or Zend Framework, partly because there is a lot of activity in those communities but mostly due to the complications faced with packaging around 50 Perl modules that each have their own compile time dependencies – some of which change frequently often breaking the application (no strict API/Interfaces to adhere to).

So after several prototypes why did I decide to stick with Perl?
Well for starters the changes that did break the application often forced me to change the app in a way that was more logical or introduced a more structured design. I also found that JSP and Zend although cool frameworks tended to feel incomplete and introduced complexities elsewhere e.g. containers / authentication / roles. Catalyst is simple and extremely powerful providing both a development environment and production framework that takes little effort to introduce new features quickly. I can start 2009 in the knowledge that Perl and Catalyst are the right language / framework for the job. I just need to work on the packaging now!

The next item on my list is to learn yet another RDBMS. Why? Enlightenment first and foremost, plus I am a big believer in gaining as much knowledge as possible in my chosen field. You’ll never complete the jigsaw if you have several pieces missing, and seeing as I spent a good part of last year getting to know DB2 I decided this year that my focus would by Oracle and MSSQL, thus completing the picture.

With the release of FreeBSD 7.1 there are now so many cool features that I decided to upgrade some of my older servers that have been sitting in the corner running nicely on FreeBSD 6 (they never fail). DTrace and ZFS put a stop to FreeBSD slipping behind OpenSolaris and the ULE scheduler helps improve performance over your average Linux distro, and with ULE 3 due for release in FreeBSD 8.0 (June) you can expect to see further dramatic performance improvements.

Last on my list will be to pick the Les Paul at least once a week!. One of my prezzies in 2008 was a new orange amp! If that does not encourage me to pick up the guitar I don’t know what will!. You never know I might even mix something up with the copy of Live I got for Christmas

I spent the last month taking a break from Open Source, partly due to FreeBSD 7.1 failing to hit the FTP servers as scheduled (any excuse), but mostly due to Santa’s early delivery of Ableton Live. Not really Open Source I may add but extremely cool nonetheless and a much needed break from coding!.

I find that staring too much at code can hamper the creative process (hehe), and as you know Creativity and Innovation go hand in hand with Open Source Software!.

Speaking of which, while I have been busy playing with waveforms and elastic audio, the Open Source world has been all guns blazing with cool releases like MySQL 5.1 GA, Open Solaris 2008.11, VirtualBox 2.1 and Wordpress 2.7 to name a few.
You really cannot take a break these days without something big in the world of Open Source happening in your absence.

So the year is nearly at an end which got me thinking, what was the highlight of 2008 in the world of Open Source?.
I have to confess to spending more time than I would have liked this year working with proprietary software, always in combination with Open Source tools of course!. So if I had to highlight anything from 2008 it would be that Open Source is now more pervasive than ever. From your OSX laptop at home to the Linux servers at work, right the way up to the Internet’s biggest sites and services (running FreeBSD ), you’ll find Open Source Software behind every successful venture. In fact it is now so popular even Microsoft could not resist the urge to get in on the game!.

In fact there are so many Companies using Open Source now that proprietary software may actually be the minority! We all know everyone loves an underdog, so maybe propreitary software will be the hit in 2009? Then again with the state of the economy maybe not!

The biggest influence for me this year (both good and bad) had to be Sun Microsystems who played a large part in Open Source adoption in the enterprise and continue to lead the way with their open business model (GlassFish, MySQL, Netbeans, OpenJDK, OpenSolaris and VirtualBox to name just a few of their many contributions).

Although most of the time it seems like they cannot do anything right, one thing is for sure, without the corporate weight of Sun behind the Open Source ethos we may not have made it here so quickly. So while your saving big bucks with your ZFS storage and processing millions of transactions with MySQL, don’t forget to say thank you to Sun next time you are complaining about JavaFX or MySQL 5.1.
You may even want to swap those complaints for contributions (I know complaining is often easier). Thanks Sun!

So if you are one of the few companies yet to Open your code to the world, what are you waiting for? This Christmas give the gift of knowledge and share your achievements instead of fearing the competition and wrapping your code in a black box (don’t worry we won’t laugh at it). You’ll feel much better knowing you helped make the world a better place!

Until next year I wish you all a Very Open Source Christmas!! and as always Happy Coding!

If you are security conscious and nowadays who isn’t?, you may have pondered over ways to make your external SSH connection safer.
Of course there’s always One-time Passwords and Public Keys, but if like me you watch the daily barrage of brute force attacks you may be thinking it’s only a matter of time…

That’s what I was thinking at about the same time an SMS arrived on my mobile….then it hit me….I take my mobile everywhere, if only my server could call me and ask if it is really me trying to log in.

My first instinct was to try and insert a Perl or Python script into the login process. After all Clickatell have several libraries that you can use to send SMS messages. How hard could it be?
Well for starters it didn’t feel right relying on a script that runs within an interpreter that is running within a shell, but how else could it be done? Pluggable Authentication sprang to mind but that’s hard right? Wrong!.

Hitting the FreeBSD handbook I was able to gain a decent understanding of PAM functionality and even managed to find some sample code. Shame the programming section had not yet been written. O’Reilly to the rescue. After reading a few articles on PAM it wasn’t long before I had a working prototype, in fact most of my time was spent deciding upon the right library/s to use.
The end result is a pam module that can be dropped into the authentication chain for any PAM aware application/service – think SSH, FTP, POP3 etc.

Upon successfully entering your Username/Password the pam_codemein module uses libcurl to send an HTTPS request via Clickatell, my preferred SMS gateway, which then forwards the random Code to your mobile before prompting you to enter the same Code at the prompt to gain access. Of course there are issues with using SMS, such as mobile reception and timeouts, but in testing I didn’t notice any.

If you are concerned over the cost of SMS messages, Clickatell are a bulk SMS provider so rates are good, and if you prefer to be contacted via some other method the code can be adapted to any other service e.g. XMPP via TLS, you could even GPG encrypt the Code in an email if you prefer.

It was only after I had the fun of writing this module that I stumbled across this blog post. Shame as it may have saved me a lot of time, but hey where’s the fun in that? I’ll just have to get cracking on the XMPP method – either that or search deeper within Google.

Have you seen RT 3.8!

It’s been a long time coming but after 2 years in the making the enterprise-grade ticketing system that is RT has had a well earned facelift, and what a difference!!.

Upgrading from 3.6.3 would have been straightforward if it was not for the fact that I also decided to upgrade to MySQL 5.1 at the same time. The final product made the pitfalls worthwhile however and RT is now slicker than ever. Plus I got know RT better along the way – bonus!.

If your thinking of upgrading to RT 3.8 / MySQL 5.1 just remember to use the MyISAM engine for the Attachments table (It’s worked so far for me with around 84k tickets). Failing to do so will result in slow response from the UI on certain actions due to MySQL failing to select the correct index on certain queries:

ALTER TABLE Attachments ENGINE=MyISAM;

It looks like the optimiser is broken for the InnoDB plugin, however if you check out this bug it may have been fixed by now (I was using FreeBSD port: mysql-server-5.1.26).

If only your database would just tell you that replication had failed or that the disk was full…
Ok some database servers do but MySQL doesn’t (yet). Another excuse to write a script

In my pursuit for total database visibility I have been searching for a tool that would tell me when something went wrong, that would simulate regular usage, and let me know if anything failed. After all SNMP can only probe so far and if your database is secure the last thing you want to do is open up another port on your server.

Don’t get me wrong there are tools out there that do a decent job of monitoring MySQL. MySQL Entperprise Monitor is one such tool. But if you want to look under the hood or add some functionality specific to your environment things start to get tricky.

So what’s this dbAlerter?

dbAlerter is the name of a project (Script) that I started developing to provide notification of key server events. It’s written in Python; Why?, I wanted something lightweight. Java would have been my first choice but the JVM eats too much ram and felt too heavy for such simple functionality.
Python on the other hand feels lighter and when running a script as a daemon it seems to take up less resources allowing the DB to use more memory and continue doing it’s job. Plus it’s been a while since I wrote anything with Python, variety is the spice of life!

Speaking of Java, if you have ever used tools like JConsole and jmap (and if not why not!) you may not have realised that since JDK 6 Update 7 there’s now one tool to rule them all – VisualVM.

VisualVM pulls together several commandline tools like JConsole, jstat, jinfo, jstack, and jmap to make monitoring and profiling a more visual experience.

Now that the changes from BSD Java have been merged into the OpenJDK and the FreeBSD Foundation have updated the JDK to 1.6.0-7 I’m pretty sure the original concept of write once run anywhere is closer than ever.

Databases are used by many different disciplines, from your DBA to your Developer, right down to the End User. They can also be viewed from many different perspectives…

DBA’s are usually interested in the server configuration, index usage etc. Developers however are often concerned with retrieval methods, datatypes and occasionally stored procedures. One thing is for sure, your database if used effectively will be changing frequently, and with so many people accessing your database do you know what the last change was? Would you know if someone added an index to a table? (would you care… )

Revision Control is often used to track changes to source code and other documents, so why not your database?.

When I first started to think about change control for my database servers one tool sprung to mind, Rancid. If you manage more than one network device you may already be familiar with the Really Awesome New Cisco confIg Differ.

Using a combination of scripts Rancid will connect to your network devices, check for changes by comparing the config with a VCS managed copy and notify you with details of the changes. Why not do the same for your database? Enter dbRecorder.

Rather than extend Rancid I decided to prove the concept by writing a quick Java application that utilised Open Source libraries like SVNKit and jYAML. The features continued to creep and before I knew it I was recording more than just table definitions. Server configuration and grant tables all found their way into my Subversion repository coupled with e-mail notification whenever anything changed – nice huh!.

The aptly named dbRecorder is currently targeted at my database of choice, MySQL. It’s far from a finished product (then again so are most of my ideas) but it’s working to a degree and can only improve over time….

One thing I never got around to was making this site work well with IE6 (or even just splash the screen with some silly message when someone using IE6 tries to connect) and with Firefox 3 soon to be released I am hoping I won’t have to. If you have not tried Firefox 3 already you can visit the site today and pledge your download to help break a world record as soon as it is released!.

It’s been a while since I had chance to work on Informeer as my itch was one of multi-user web based password management (AuthStor). Oh and moving house.

Now that things are settling down again (Servers back up and running) I decided to take a break from AuthStor and focus on something new – Informeer.

The concept is simple, Centralised Notification.

I am forever configuring notifications from several sources, be it backup alerts, host monitoring notification and even simple applications that send mail via SMTP. When living in a world of change, both software and business, having to visit every application to change an e-mail address or add a new user to a notification schedule can be quite time consuming. Add to that the effort of having to modify firewalls, SMTP servers and XMPP settings etc etc. The idea of a single web interface where all your notifications can be configured is quite appealing. Informeer aims to make that a reality (one day).

While I take my time with the implementation I thought I would post a basic intro to RPC-XML using Perl. The RPC-XML Perl module makes writing your own client/server application a piece of cake, and while not quite point and click, it will give you enough flexibility to centralise your own notifications (or anything else for that matter). It’s not rocket science, but it works!

If you have been looking for a flexible quick and easy fix to the centralised notification problem, or even if you are just looking to push some data from a firewalled site to one of your servers This Tutorial should help get you started.

In between moving house and playing with notifications I found time to upgrade to Wordpress 2.5 and MoinMoin 1.6, and wow what an improvement in both camps.
The Wordpress dashboard is the most visible improvement – it’s amazingly clean! If you have been waiting for 2.5 to settle down or just cautious about upgrading, I would say take the plunge, you won’t regret it. As for MoinMoin 1.6, there really is no better Wiki engine out there (my opinion) and it just keeps getting better with every release!.

That just leaves me to post a quick MySQL tip that may well be obvious, but happens to catch me out from time to time.

MySQL Tip of the month

If you ever get the urge to convert a 1Gig MyISAM table (with 34 million rows) to InnoDB within MySQL, try to avoid the simple ALTER TABLE tablename ENGINE=INNODB; method.
I made the mistake of running that command on a fairly decent server with bags of space and memory only to find the command running over 5 hours later with an InnoDB tablespace at around 4Gig (ok a bit of tuning might have helped)

Your best bet is to dump the table using mysqldump, drop the existing table and re-import the table after modifying the definition to be InnoDB. That worked for me in less than 10 minutes. Alternatively you can create a new InnoDB table and insert directly from the existing table as per MySQL documentation e.g INSERT INTO newtable SELECT * FROM oldtable.

I’m sure I am not the first to make this mistake, and may not be the last…..

AuthStor came to life back in late 2007 after the Password Safe I had been using became corrupt. Not through any failure in Password Safe’s functionality but really to the way it was being used – Multi-User.

I had been seeking a decent Web Based Password Manager (Open Source of course) for ages but had not found anything that I liked. All the semi-decent software out there seemed to be Closed Source with license fees attached and to be honest I would feel more comfortable if I understood the inner workings, especially if this software is storing the key to my empire (mwuhahahaha).

So after a long history of Spreadsheets, Password Safe, Keychain and various other methods of storing passwords I finally decided to scratch the itch and roll my own password manager.

Now AuthStor is not my first attempt at a password manager, in fact I originally started to write an extension to MoinMoin that provided a method of storing passwords directly within the Wiki. This worked great for a while but was not the most secure method of managing passwords, especially as the secret key was embedded within the Python code!. I learned a lot from mmPasswords and hope to improve upon that greatly through the development of AuthStor.

So what is in store for AuthStor? (Get it? ) Well key features will include Multi-User capability, Full auditing, GnuPG encryption, REST like interface and that is just the start. Future plans include interfaces like SMS, VoIP and anything else I can think up.

Here is a sneak peak of the progress made so far:

The application itself is written in Perl and runs on top of the Catalyst Framework. Why Catalyst? Flexibility, Performance, Scalability, the list goes on… Catalyst’s plugin architecture provides multiple views (among many other things) so I can focus on the functionality and not worry about the presentation. Speaking of presentation, AuthStor makes extensive use of the Yahoo! User Interface Library to provide a rich interface with dynamic elements such as DataTable’s, Toolbars and Treeviews and all wrapped in a BSD License!!. Nice work folks!.

Expect a commit in the next few weeks…

It’s been a few weeks since I last posted here or even found time to develop any of the ideas that continually spring to mind. In fact this is the first weekend in several where my head is not stuck in a book about Perl, Solaris or UML. Why you may ask? (or not).

Well after finally getting round to taking the Solaris Network Administrator exam, I thought it only right that I complete the set and get to know Solaris Security a bit better by taking the SCSECA.

After achieving the SCSECA, I was just about getting ready to start writing code again when I stumbled upon the UML Certification Program.
I have been a fan of UML for a long time but never found a tool that I felt comfortable using, or more to the point a tool worth the money!. That was until on the very same day I decided to trial Visual Paradigm, could this be the UML tool I have been seeking?

Visual Paradigm for UML is not overly expensive (many price levels to cater for all requirements), it runs on Windows / Linux / OSX and it’s easy to use – I like it!.

Armed with the UML tool I have been looking for and a copy of the UML 2 Certification Guide I spent another week brushing up on my UML skills while studying for the first of 3 exams offered by the OMG, UML Certified Professional – Fundamental.
I passed the exam last week and learned a lot more UML along the way!
So finally, with all that studying out of the way I can finally get back to the fun stuff – Code.

But where does Perl fall into this jacked-in period? Well I have been waiting for Perl 6 for a long time now and plan to use Catalyst as the platform for BinaryStor and AuthStor. So what better way to get up to speed than a Perl readathon of as many Perl books as I can get my hands on. From Learning to Mastering and eventually Best Practices all over again, you never know I might just finish reading before the release of Perl 6.

As for the Code I cannot make my mind up as to where to focus my energy and so opted for a working NetUnit (I did think of porting it to Perl ). It’s far from complete of course and suffers from the constraint of root privileges, but I’m hoping a future Java release will fix that….

I had one of those lightbulb moments the other day while pondering a problem I recently encountered relating to firewall changes.
The problem came to light the morning after some firewall rules had been modified, nothing new there I hear you say.
Of course at the time everything looked to be working, that is from the perspective of the few people that were actually working that late in the night. It was only when the morning came and the rest of the business started to come online that the problems were apparent. It didn’t take long to fix the problem but it got me thinking, how could we prevent this in future?

I have been spending some time looking at Unit testing recently and began to wonder if there were any testing tools or frameworks that could be used to prevent this kind of problem in future. Unit testing for software is pretty much standard practice nowadays and works well during the development phase, but once the application is in situ how can you test the operation from a networking perspective?. Web testing tools are great for validating web application functionality and I’m pretty sure there are loads of other test frameworks out there, but are they easy to use? I wanted a way to describe and validate the problem before and after the work was undertaken, and so NetUnit was born…

NetUnit aims to be simple to use, something I could give to a non-techie and have them run a Test Suite to validate connectivity or application functionality. NetUnit mimics Apache Ant in its operation and design, in fact I was going to write some Ant tasks at first but kept thinking of new ways to extend the tool in future.

The Test Suite used to describe the Tests to perform is a simple XML file. NetUnit parses this file and outputs the result of each test along the way – simple huh!.

Another benefit of this tool that immediately sprung to mind was the ability to take a Test Suite file and generate documentation for your applications external network interface or firewall policies. In fact the ideas don’t stop there and I have quite a list of features that could be implemented in future. Time permitting as always….

While working on MySQLDump.java this weekend I decided to look into the new features that are heading our way in MySQL 5.1. It cannot be long before we see a general release and I needed to start thinking of ways to backup items like Events. This also made a good opportunity to start afresh with my dev server and try out the latest Solaris 10 8/07 release with GlassFish v2, the releases just keep coming! (SXDE 9/07 was just released).

The Solaris 10 install was as smooth as previous releases (Using Text Based) and once started took at least an hour or so to finish, I cannot remember the exact time as after checking the status a couple of times I forgot all about it. The general feel was much improved however, and the overall speed increase made the upgrade worthwhile.

GlassFish installed and ran as expected – easy. I would be very interested to see the difference in http performance when compared to Apache. Something for another day maybe?

Next on my list was MySQL 5.1.21-beta.
I originally downloaded the pkgadd version but failed to start the server due to a an [ERROR] Can't find messagefile. It was only after receiving the same message with the Tar distribution that I headed over to the MySQL Bug System where it seemed the issue was a known one – BugID 30678.

Not a major issue as the solution was to simply add --language=./share/mysql/english/ to server install / startup commands. Something that I am sure would have been fixed in the release candidate. I would like to see a more complete installer for Solaris, something similar to the FreeBSD port. The pkgadd install does not really offer much customisation and both the Tar file / pkgadd lack any sample service manifest files.

Once installed everything worked as expected and my first task was to install the Sakila test database. I intend to use this database to validate the operation of the MySQLDump.java app. It may not be the biggest database to work with but it does support a wide variety of data types, views, triggers etc. I am currently using the MySQL Toolkit to verify the backup and restore. If you have not used the Toolkit before (it’s written in Perl) it includes a nice utility that can test if 2 tables are identical – handy for validating a backup.

I envisage using unit tests for this purpose in future, but need to find a good book on TestNG first. A quick dump of the film_text table worked as expected and the data was identical to that supplied by MySQL, I must be on the right track! – If only I had more time…

I did however find time to attend the MySQL Backup and Recovery webinar this morning and was impressed with the new Backup API planned for MySQL 5.2 onward. I just booked my place at the European MySQL Conference and hope to get some more insight into future developments, or at least a copy of the MySQL 5.1 Cluster Certification Study Guide.