Michal Čihař - Blog Archives for English

2.8.1 release in demos and snapshots

As we recently started MAINT_2_8_1 branch, which will be used for 2.8.1 release, demo server and snapshots now also contains it.

Additionally CVS is switched back to anonymous service, but SourceForge promises there will be no more than 2 hours delay. This also means that CVS snapshots are again usable as CVS sources after unpacking.

Gammu in the wild

It's nice to see reports that some large SMS services run on Gammu. I know there are more, but mostly such information is hidden and nobody except people who wrote that know about used software.

Make such reports more often, it makes people happy. Usually mailing list is just full of complains that something is not working and few good words can't make anything bad :-).

DNS blacklists in Exim

Well I expected this would be more complicated than defining DNS blacklist servers list. Hower thanks to great defaults, all you need is to put list into user defines (separate file which is included early like /etc/exim4/conf.d/main/000_localdefs should be best place):

CHECK_RCPT_DOMAIN_DNSBLS = dnsbl.njabl.org : \
                            bl.spamcop.net : \
                            blackholes.five-ten-sg.com : \
                            cbl.abuseat.org : \
                            smtp.dnsbl.sorbs.net : \
                            spam.dnsbl.sorbs.net : \
                            zombie.dnsbl.sorbs.net : \
                            web.dnsbl.sorbs.net : \
                            rhsbl.sorbs.net : \
                            sbl-xbl.spamhaus.org : \
                            psbl.surriel.com : \
                            list.dsbl.org

SourceForge? Thanks no!

phpMyAdmin started to be hosted on SourceForge long time ago (AFAIR it was in 2001). It has served mostly good for it's purpose, but these days, it's getting like nightmare.

First, at the end of March, CVS servers crashed and since that time anonymous CVS is disabled. Well at least that does not stop developing. Last week developer CVS server crashed. It has been disabled since then and we're now waiting for new CVS infrastructure, which should be ready several months ago (at least they promised so). This stopped phpMyAdmin development and also delayed deployment of some security fixes.

Okay, problems happen, but why the hell they didn't announce this on status page until some personal intervencies happened?

And I'm a bit confused about their "priority support" which is provided for subscribers. More than two days old report and no answer? I'm probably not going to pay next year...

What I miss on Gammu?

I told this for many times before, so I just repeat: Such project needs version control system. No matter which one, but having at least CVS would make things lot of better than now. However Marcin seems unfortunately not to be interested in such "innovation". So I will still use my fixes branch, some people will want to use snapshots from that and we will sync with Marcin by sending patches and randomly forgetting about some parts (good luck that bazaar won't forget).

Cryptic names

Why the hell do wakeup devices for ACPI need that cryptic names? I'd like to enable wakeup on keyboard, however I have no idea whether my notebook supports is or not. And the names don't help much:

$ cat /proc/acpi/wakeup
Device  Sleep state     Status
USB1       3            disabled
USB2       3            disabled
USB4       3            disabled
 LAN       4            disabled
MPC0       3            disabled
MPC1       3            disabled
VIY0       3            disabled
AMDM       3            disabled
 LID       4            * enabled
PWRB       4            * enabled

Security forever?

It looks like XSS attacks against phpMyAdmin will be there forever. There is floating another in the air (if SourceForge would have working CVS, it would be already released). Maybe it's time to make complete rewrite of phpMyAdmin codebase? But that's too long term project and nobody seems to be interested in that. Maybe some security audit would help resolving at least most painful issues, but this is again same problem. Any volunteer to do this hard work?

phpMyAdmin vs. TurboDbAdmin

I finally found some time to quickly look and try to use TurboDbAdmin. It's sort of competitor to phpMyAdmin. Why I write sort of? Firstly there are still users which prefer non javascript solution, second reason is that TurboDbAdmin definitely needs some time to get matured. Right now it looks to me more like demo of their AJAX toolkit than real application. But it is getting better version to version.

However they have some ideas which we might incorporate. First think I noticed in documentation is that they have settings for broken setups of MySQL which lead to wrong displaying of data. Just put names="latin1" and it should work. Nice, but I still think that people should rather learn how to use encodings in MySQL properly.

Second usefull thing is reload link in left frame. Well they aren't able to reload it automatically, so they need it right now, but that simple link is requested by our users anyway.