Windows Communication Foundation 3.5 Unleashed Errors

June 14, 2009 at 12:47 pm · Filed under Uncategorized

I am reading this book; it is very well written, and the people who wrote it are obviously very smart. Unfortunately, it is chock full of technical errors. I have wasted hours trying to get the examples to work. In the hope of saving others some time, I am listing a few of the problems I found.

In addition to these, there are lots of other errors I found in my first, casual, reading, especially in the code.

In the Fundamentals chapter (2)

Page 45, step 1: add the app.config file to the Host project, NOT the DerivativesCalculatorService project (see page 53)
error: Service ‘DerivativesCalculator.DerivativesCalculatorServiceType’ has zero application (non-infrastructure) endpoints. This might be because no configuration file was found for your application, or because no service element matching the service name could be found in the configuration file, or because no endpoints were defined in the service element.

Page 56, step 4: there should not be a colon before “svcutil” (and there is not in the screenshot below)

Page 58: The class should be DerivativesCalculatorClient rather than DerivativesCalculatorProxy (since that is the class created by the tool — see listing 2.6)

Page 67 – 72: Getting the service to run under IIS 7.0 required quite a number of additional steps, at least in my configuration.

1) — Page 69, Step 3 – Must use Add Application rather than Add Virtual Directory, at least in IIS 7.0 . I wasted quite a bit of time on this one, until I found http://social.msdn.microsoft.com/forums/en-US/wcf/thread/49d9279f-2bc1-482b-8bb0-da1261736acb/ , where this exact problem with this exact same example was noted in April 2006.
error: The type ‘DerivativesCalculatorService.Calculator’, provided as the Service attribute value in the ServiceHost directive could not be found.

2) — Need to give the IIS_IUSRS permission to the DerivitivesCalculatorService directory, so IIS can use the config file

3) — Need to give the Anonamous Login user permission to the DeriviativesCalculatorService directory, so IIS will serve it to the user

4) — I had to fix the bindings to the .svc extension using
c:windowsMicrosoft.NETFrameworkv3.0Windows Communication FoundationServiceModelReg -r
It is possible that I had that problem because I enabled IIS after I had already installed VisualStudio. Or not.

5) — I had to turn on the WCF Activation with Control Panel/Programs/Turn Windows Features On/Microsoft .NET 3.0/WCF Activation for http and non-http – see http://michael-arnett.spaces.live.com/blog/cns!5AA848FF3F707F99!1093.entry?
- error: HTTP 500 – Handler svc-Integrated has a bad module “ManagedPipelineHandler” in its module list

Page 75 – in my testing, the MSFT string was NOT encrypted when I used the netTcpBinding

Page 79 – to use the WcfTestClient with this demo, run:
WcfTestClient http://localhost:8000/Derivatives/
or
WcfTestClient http://localhost:8000/Derivatives/?wsdl

Leave a Comment

Neopost IJ25 Postage Meter Pricing Scam

March 23, 2009 at 10:00 pm · Filed under Uncategorized

I just got off the phone with Neopost, whose postage meter I have been using for a number of years. I guess I never put together the true cost of using it. The reason for my call was that my postage meter suddenly stopped working, saying “Warning, Ink Expired”.

It turns out that the Neopost IJ25 postage meter is programmed to stop working if the same ink cartridge has been installed for more than one year (as in 365 days). When I called, I was told that we should have received a single warning about a month ago that the ink would expire soon. However, if we had pushed “Ok” that one time, the warning would disappear, and the next warning would be when the postage meter stopped working altogether. I don’t know if we got the warning or not, although nobody remembers seeing it.

Nonetheless, my Neopost IJ25 postage meter is dead in the water. The cost for a replacement ink cartridge is $124: $86 for the cartridge (!!), $29 for overnight shipping “& handling” (!!), and $9.32 for tax. 2-3 day shipping would have been $23, 10 day shipping $12. Clearly, Neopost has a strong incentive to set up their IJ25 postage meter so we would not see the warning, and is not shy about overcharging for shipping.

In addition, Neopost gouges us to update the meter for postal rate changes (so it prints 43 cents instead of 42 cents) – this was $91.89 on 12/22/08, plus a special deal $67.02 for one year of subsequent updates. In the notice, Neopost gleefully noted that the postal service has agreed to start increasing the postage more often – probably twice a year. The thing is, to get the special deal, I have agreed to automatic, non-cancelable upgrades; to cancel, I must give at least 30 days, but no more than 60 days, notice. Again, clearly designed to make it more difficult to cancel.

The only thing that is reasonably priced is the actual rental of the Neopost IJ25 postage meter and scale, at $219.57 for 12 months.

However, the actual cost of using the Neopost IJ25 meter for 12 months is: $219 rental, about $90 reprogramming, and $124 for the timed ink cartridge, or $433, or about twice the quoted rental cost. Not to mention the inconvenience of having a postage meter that dies unexpectedly and with no (practical) notice.

So why is that a scam? For the same reason that it is a scam when an airline quotes an airfare that doesn’t include baggage. Neopost should be honest about the actual cost of renting their equipment, and not gouge their customers for the rate reprogramming and ink cartridges. There is no excuse for charging $29 for overnight shipment of a 4 ounce cartridge. And, worst of all, they should not design the Neopost IJ25 postage meter to fail unexpectedly and without (practical) warning, significantly inconveniencing their customer.

You can bet that between now and next December, I will be looking into other options that don’t include a meter programmed to fail.

If anyone from Neopost cares to dispute or comment on this post, I will be happy to talk with them. If anything is incorrect, I will certainly correct it.

Comments (22)

Dreamweaver Secure FTP (SFTP) Configuration

March 1, 2009 at 10:09 pm · Filed under Dreamweaver

The Dreamweaver configuration documentation for “Secure FTP” is poor to non-existant. I am not talking about how to check Dreamweaver’s “Use Secure FTP (SFTP)” checkbox (which is trivial, but for which there is LOTS of documentation), but rather how to set up your secure server to receive the Secure FTP communication from Dreamweaver.

The trick is that Dreamweaver’s “Secure FTP” is not FTP! It is ssh! It runs on port 22, which is not configurable (within Dreamweaver, as of CS3).

So, for all of us who have wasted hours setting up an ftp server, and trying to figure out why Dreamweaver wouldn’t connect through the firewall, now you know!

You just have to set up sshd to receive connections on port 22, and don’t waste your time with vsftpd!

When configured properly, the (Ubuntu) /var/log/auth.log will report the connection via sshd, and sshd will report “subsystem request for sftp”. sftp is an ftp-like program that runs under and through ssh. You can read more about the sftp client via Linux “man sftp”. You can use the sftp client to connect between Linux computers to transfer files over ssh like you would use ftp, but with no need to set up an ftp server (again, sftp uses the sshd server).

Comments (5)

Ubuntu Server Configuration

March 1, 2009 at 2:49 pm · Filed under Ubuntu

A few random notes.

To start the iptables rules for the firewall on startup, first, create the firewall script, adding the iptables rules one by one, and save the rules with:


iptables-save > /etc/default/iptables

Then, to load the rules automatically with the new Upstart init system, I just create a new file, /etc/event.d/iptables :


# Script to start firewall
# Save rules with iptables-save > /etc/default/iptables

start on runlevel 1
start on runlevel 2
start on runlevel 3
start on runlevel 4
start on runlevel 5

exec /sbin/iptables-restore < /etc/default/iptables

That way, you aren’t changing any existing files, just adding the new one. On every reboot, the iptables rules get loaded. You can check that they are loaded with:


sudo /sbin/iptables-save | less

Leave a Comment

iMovie '09 Error – Audio Exporting Problem

February 8, 2009 at 9:42 am · Filed under Mac

Apple recently updated its iLife suite (including iMovie) from ’08 to ’09.  I haven’t done much with movie creation, but wanted to make a short video demonstration of my 3 dimensional breast augmentation simulator.  We shot some video at the office.  I easily imported the tape into iMovie ’08, but when I went to edit it, I noticed that iMovie ’09, which had just been released, had two features I wanted: precision trimming, and the ability to slow down a clip.  So, I ordered the upgrade.  It came quickly, and installed easily. About reports that it is version 8.0 (717). Check for Updates reports that it is the current version.

I edited my video until I was happy with it.  iMovie crashed a couple of times, but did not lose any of my work.  I went to export the video into a format I could post.  That’s when my problems began!

On many of the clips, I had set the audio to zero, so I could use voiceover to explain them.  I also adjusted the speed so that I would have more time for my voiceover than the length of the clip.  In a  couple of places I added some simple transitions.

However, on the exported video, in one of the clips I could still hear the audio that had been recorded with the video, even though the volume was set to zero!  (Now, of course, the audio was very slow and sounded like a growling monster).  And on one of the other clips where I had not adjusted either the speed or the volume, I could not hear the audio at all!

A search of the Apple Support forum quickly determined that I was not the only one having this problem.  For example, see http://discussions.apple.com/thread.jspa?threadID=1888183&tstart=0 and http://discussions.apple.com/thread.jspa?threadID=1896387&tstart=0

Apparently, if you set the speed to other than the Apple Defaults (e.g., 50%, 25%, 12.5%), sometimes the audio volume adjustment is not respected in export, although it works fine when previewed in iMovie.  And sometimes later clips AFTER A TRANSITION do not have their audio if there is an earlier clip somewhere in the movie with one of these non-standard speed adjustments EVEN IF THE AFFECTED CLIP ITSELF DOES NOT HAVE ANY SPEED ADJUSTMENT.  And this occurs on export EVEN IF THE MOVIE PREVIEWS CORRECTLY IN iMOVIE!

This problem appears to occur in all exports, to QuickTime and not to QuickTime, at all speeds, and even to DVD (although I did not test that).

In my case, I was able to workaround the problem by changing the speed of the clip whose audio was still audible to the standard 12.5% (it had the problem when set to 19%), and by deleting two transitions.

Any ideas on how to get Apple to fix its broken iMovie ’09?

Comments (40)

Konica Minolta Twain Driver Not Recognized

December 30, 2008 at 9:02 pm · Filed under Programming ·Tagged , , ,

I recently had a problem getting the Konica Minolta Twain Driver for the C253 scanner (among others) to be recognized by the twain device manager, and thus it was not listed as one of the twain devices available, either in PhotoShop or in Atalasoft DotTwain.  The nice people at our local Hughes Calihan Konica Minolta here in Phoenix helped me figure this out, along with Lou Franco of Atalasoft (see his comments below), and I wanted to post the solution for anyone having a similar problem.

Ultimately, the problem was that another software package (I believe it was Business Object’s Crystal Reports XI Release 2), installed a copy of the LIBEAY32.dll into the C:WindowsSystem32 directory.  LIBEAY32.dll is part of the open source OpenSSL suite, and I have 18 (!) different versions on my system.  They mostly live in harmony, but when the Konica Minolta twain driver tried to load, it would get the version of LIBEAY32.dll that Crystal Reports had put into System32 (since that is very early in the Dynamic Link Library Search Order — see http://msdn.microsoft.com/en-us/library/ms682586.aspx) and when the LIBEAY32.dll that was loaded did not have the proper ordinal entry point, the Konica Minolta twain driver would not be loaded by the twain device manager.

When PhotoShop loaded, it would emit an error message about the missing ordinal in LIBEAY32.dll; when File/Import was pulled up in the menu, the Konica Minolta twain device would just be missing, and there would be no error here.

Compounding the problem was that my test application using the Twain source manager via the Atalasoft DotTwain ShowSelectSource() function did NOT issue any error.

However, a test application I made with Visual C++ loading the Twain device source library for the Konica Minolta scanner did produce the error.

It turns out that the only difference between my test application and Photoshop was the SetErrorMode() function, which sets the process’ ErrorMode. You can call GetErrorMode() and SetErrorMode() following these imports:
[DllImport("Kernel32.dll")]
private extern static uint SetErrorMode(uint mode);

[DllImport("Kernel32.dll")]
private extern static uint GetErrorMode();

If you then call SetErrorMode(0) before the Atalasoft ShowSelectSource() function, the user DOES see the error messages from the operating system. However, the Twain Source Manager twain_32.dll does not return any error code to ShowSelectSource(), so obviously ShowSelectSource() cannot return any error code either. As noted below, the only way for a calling program to get an indication that a source did not load is to call the twain source DLL directly rather than through the Twain Source Manager, and observe that the LoadLibrary call returns NULL.

Having figured out that the problem was that the Business Objects LIBEAY32.dll was in the System32 directory, the solution was a little difficult.  The Konica Minolta Twain Driver worked once the LIBEAY32.dll was removed  (or renamed) in System32, but Crystal Reports XI Release 2 tries to repair it’s installation if if finds that file missing. 

However, by placing the LIBEAY32.dll from the Konica Minota twain driver directory (in a subdirectory of C:windowstwain_32, where the twain device files live) into System32, both the Konica Minota twain driver and Crystal Reports seem to be happy.  For good measure, I put a copy of the LIBEAY32.dll that Crystal had put into System32 into Crystal’s own directory (since that has higher priority in the .dll search order) so that Crystal should load its own LIBEAY32.dll

For reference, I tracked down the problem by making a test Visual Studio C++ app and trying to load the Konica Minolta twain device driver (mostly from http://msdn.microsoft.com/en-us/library/784bt7z7.aspx) :

#include <windows.h>

Then, in the click handler:

HINSTANCE hDLL; // Handle to DLL
UINT uErrorMode = SetErrorMode(0); // so you get an error message from the OS
LPCWSTR str=L"C:\Windows\twain_32\KONICA MINOLTA\RTM_V3\kmtw3R.ds";
hDLL = LoadLibrary(str);

The LoadLibrary call produces a MessageBox (see the SetErorrMode() docs) with the error, and returns NULL, if there is a problem loading the twain source driver library. Note that the twain device driver will need other files in that directory, and you will get those errors first; you can fix that problem by adding it to the PATH for testing. The System32 will still be ahead of the PATH (but not ahead of the application .exe directory) so you will get the error message you are looking for. Also note that the twain device driver library, in actual use, will NOT need the PATH to be set; the twain device manager appears to take care of that.

Another approach that works is to change the current working directory to the directory containing the twain source driver before calling LoadLibrary on the driver, as this will more closely approximate the DLL Search Order used by the twain source manager. Again, the problem is that, although the source driver does install the files it needs into its own directory, the LIBEAY32.dll that Crystal installs into System32 is still AHEAD of the LIBEAY32.dll installed into the source driver’s directory! (see Lou Franco’s comments below) DLL Search Order is a fairly complex topic, and can vary depending on a number of factors; google “Dynamic Link Library Search Order” for info. Note that, unless SafeDllSearchMode is disabled, changing the current working directory does not change the DLL search order.

Also, when I tried this with a 64 bit version of Vista, Crystal installs LIBEAY32.dll into /Windows/SysWOW64, which is the directory that takes the place of /Windows/System32.

Regretably, when LoadLibrary fails, FormatMessage produces only a message that the operating system could not run the file. The only detailed info available seems to be the message box provided directly to the user by the OS, and only when SetErrorMode(0) is in effect.

See also: http://www.cube316.net/blog/archives/200710/147.html for a similar problem.

– Edited 12/31/08 10PM to add info about using SetErrorMode() to show the error message box, that the lack of error reporting to the application occurs at the Twain Source Manager level, to reinforce the info about DLL Search Order, and to take Lou Franco’s comments into account; Edited 12/3/09 to add info re 64 bit Vista – JMN

Comments (6)

Ruby on Rails 2.3 and PostgreSQL on Ubuntu Hardy 8.04 LTS and 10.04 LTS Server

November 28, 2008 at 3:45 pm · Filed under Programming, Web Programming ·Tagged , , ,

Update: A few changes for 10.04 LTS, using PostgreSQL 8.4

When running rails (other than rails –version), I got the error “No such file to load: net/https”. That was fixed by installing libopenssl-ruby, as in:
aptitude install libopenssl-ruby
This should probably be done before installing rails, although installing it after rails was installed fixed the problem

gem update –system produces a message that “gem update –system is disabled on Debian. RubyGems can be updated using the official Debian repositiries by aptitude or apt-get”

Instead, I found the following at https://help.ubuntu.com/community/RubyOnRails

sudo gem install rubygems-update
sudo update_rubygems note: this will clean out your gems!

Note: I had to reinstall rails after update_rubygems, which I ran after I had installed rails. I would probably do this before installing rails.

The “-y” flag is now the default, and if you use it you get a message to that effect

irb and apache2 were already installed by the time I got to those steps. There is an apache2 metapackage that I would probably use instead of the apache 2.2 packages noted below if I still needed to install apache2.

Before you can run the programs you have installed with gem (e.g. Rails), you will need to add:
export PATH=/var/lib/gems/1.8/bin:$PATH

When I ran the Passenger installation, I got a message to install three more packages:

aptitude install apache2-prefork-dev
aptitude install libapr1-dev
aptitude install libaprutil1-dev
However, only the first one of those actually did anything. Since the passenger installation gives good diagnostics, it is reasonable to let that tell you what still needs to be installed.

Following the instructions on the Passenger install for configuring Apache, the sample configuration included some inline comments with ‘#’ — these caused an error in Apache2 and had to be moved to a separate line.

Passenger may need a file named .htaccess to be installed in the /public directory of your rails app, with the following two lines:

PassengerEnabled on
PassengerAppRoot /full/path/to/the/root/of/your/rails/app
The PassengerAppRoot should NOT be your rails app’s public directory, but the .htaccess file needs to be in that public directory. The Passenger docs incorrectly state that the PassengerAppRoot is assumed to be the parent of the public directory, but that is only true if the public directory is named in DocumentRoot, and not if you are using an alias.

Also, if you are using an alias and the Rails app is not in the root of the website, you may need config.action_controller.relative_url_root = "/test" in your config/environment.rb file

Also note that, except where noted, the installation commands need to be run as root (sudo su -) or with sudo.

There has been much confusion and consternation about setting up Ruby on Rails with PostgreSQL

(e.g., see: http://joshkim.org/2008/10/26/postgresql-ruby-and-rails-i-quit)

There seems to be a lot of support for running this on a Mac, but less so for running it on modern Ubuntu. There are several moving parts here, so once I had figured them out, I wanted to record my notes to save others some of the same aggravation.

Note that there are some other issues and differences between MySQL and PostgreSQL – for example see: http://blog.tiagocardoso.eu/rubyonrail/2008/02/20/porting-to-postgres-on-rails/

In particular, one difference noted there between PostgreSQL and other SQL’s is that PostgreSQL is stricter about the difference between single and double quotes.  Double quotes are for “delimited identifiers”, such as table and column names, and prevent them from being mistaken for keywords.  For example, “SELECT” could be the name of a table or column or variable, whereas SELECT is an SQL keyword.  Single quotes are for string constants.  Use two adjacent single quotes for a literal single quote, as in ‘Dianne”s horse’.  Where this will get you is if you use double quotes in :conditions=>”" and :joins=>”", which will work in MySQL but not PostgreSQL.  Another difference is that “like” may need to be changed to “ilike” in PostgreSQL if you want case insensitive queries.

This post doesn’t attempt to address all issues, but just to get a system from a base Ubuntu Hardy (8.04 LTS) to a working Ruby on Rails 2.2/PostgreSQL 8.3 system.  This will also install working sqlite3 and postgresql drivers, and will test the installation as we proceed.

It also doesn’t attempt to address migration of data; do a web search on “mysql postgresql yml” to see several alternatives here.

(Some of these installation instructions are modified from Agile Web Development with Rails, third edition beta, which I assume you already have)

apt-get update
apt-get upgrade
aptitude install build-essential

if aptitude is not installed, that will cause an error.  Install with:

apt-get install aptitude

Now:

aptitude install ruby rubygems ruby1.8-dev libsqlite3-dev
gem update --system

At the end of a lot of output, was the notice that

RubyGems installed the following executables:

/usr/bin/gem1.8
If 'gem' was installed by a previous RubyGems installation, you may need to
remove it by hand

In my case, I did have to remove the old ‘gem’ file by hand:

mv /usr/bin/gem /usr/bin/gem.old
mv /usr/bin/gem1.8 /usr/bin/gem

If you get the error about the uninitialized constant Gem::GemRunner(NameError), this is your problem

Then:

gem install -y rails

if you get an error that “could not find rails (>0) in any repository”, simply try again

gem install -y rails

To use irb, you need:

aptitude install irb

if you want git:

aptitude install git-core git-doc

if you want apache:

aptitude install apache2.2-common

For passenger:

gem install passenger
passenger-install-apache2-module

You may get some instructions about additional software to install for the passenger apache2 module to be compiled.  You will also get some instructions for configuring passenger to work under apache2.  Be aware that, with Ubuntu, you are encouraged NOT to edit the apache2.conf file, which may need updating with a new version of Ubuntu, but rather to edit other files included by apache2.conf, such as httpd.conf and the sites-available files (linked into sites-enabled when you want them to be enabled).

To use sqlite3 (e.g., for initial testing)

gem install sqlite3-ruby

For PostgreSQL:

aptitude install postgresql postgresql-client

Now, in order to access PostgreSQL, you need to have a PostgreSQL user defined, as well as a PostgreSQL database defined.

The PostgreSQL installation creates the ‘postgres’ Linux user, the ‘postgres’ PostgreSQL user, and the ’postgres’ database, so to get into the database, you can just (from root):

su postgres
psql

and poke around (psql has pretty good help – use l to list databases, du to list users, ? for help, and q to quit.)

Exit psql with ‘q’

To create a PostgreSQL user so you can test rails with PostgreSQL (in my case, I created user ‘nachbar’, since that is my Linux username) FROM THE SHELL (not from psql):

su postgres
createuser nachbar

(answer ‘y’ to the question about being a superuser)

If you get an error that, for example ‘Ident authentication failed for user “xxxx” ‘, that means you forgot the ‘su postgres’.  Ident authentication means that PostgreSQL will allow Linux user ‘postgres’ in because there is also a PostgreSQL user ‘postgres’

Once you have created your user (in my case, ‘nachbar’), AS THAT USER, try:

psql postgres

Here, ‘postgres’ is the DATABASE name to which you are connecting.  If you don’t specify a database name, psql will try to connect to a database with the same name as your username, which does not exist.  (try just ‘psql’ here to see that error)

Once you have psql working and your user set up in PostgreSQL, create a test rails application and test sqlite3 — as your own user (i.e., not root):

rails test
cd test
script/generate model product title:string
rake db:create
rake db:migrate
script/console
t=Product.first
(that should return nil, since there are no products saved yet)
p=Product.new
p.title="My Title"
p.save
t=Product.first
t.title

The last command should read you  back “My Title” from your saved Product

Now, exit the console, and switch your app to PostgreSQL

exit

edit config/database.yml:

under development:, change adapter to ‘postgresql’ and database to ‘test_development’.  No need to set a username, password, or anything else

Install the postgresql adaptor (as root)

First: install the postgreSQL header files:

aptitude install libpq-dev
gem install postgres

Then, test it:

irb
require 'rubygems'
require 'postgres'

Now, (back as your own user, not root, and in the rails test project directory): create the PostgreSQL database:

rake db:create
rake db:migrate

Test that these were created in PostgreSQL:

psql test_development
l  (to list databases)
dt  (to list tables - should include the products table)
q  (to exit psql)

Run the same “script/console” test above, which should give the same results as it did with sqlite3.

Check the PostgreSQL database:

psql test_development
select * from products;
(don’t forget the semicolon.  Should show your your “My Title” product, now in PostgreSQL)
q

Rails is running with PostgreSQL!

Note that we did not set a user or password in database.yml, because we had created the ‘nachbar’ user as a PostgreSQL superuser, and that was the user that script/console and rake were running as.  We used ‘Ident’ authentication in this case.  There are several choices here, including creating another PostgreSQL user under which Rails will run.  Since ‘nachbar’ is now a PostgreSQL superuser, you can run the createuser command as ‘nachbar’ or ‘postgres’, but not as root!  In PostgreSQL, if the password is null, password authentication will always fail.

Other miscellaneous notes

PostgreSQL configuration notes:

PostgreSQL is set up to allow multiple “clusters”.  Installation creates a single cluster, “main”, which will probably be all you need.  In the following, “main” could refer to multiple directories if you have multiple clusters.  Also “8.3″ is my PostgreSQL version number.  Other versions will, of course, have different directory names.

PostgreSQL configuration goes into /etc/postgresql/8.3/main and /etc/postgresql-common

PostgreSQL bin is in /usr/lib/postgresql/8.3/bin .  That directory is NOT added to the PATH, but appropriate links for psql, createuser, etc. are placed into /usr/bin.  Other commands, such as pg_ctl may not be in the path.  The base path for the Ubuntu bash shell is set in /etc/login.defs file in the ENV_SUPATH and ENV_PATH vars

The data directory is /var/lib/postgresql/8.3/main — see /var/lib/postgresql/8.3/main/postmaster.opts

According to /etc/init.d/postgresql-8.3, environment vars are set in /etc/postgresql/8.3/<cluster>/environment

possible options to /etc/init.d/postgresql-8.3 are:

start, stop, restart, reload, force-reload, status, autovac-start, autovac-stop, autovac-restart

(the functions are sourced from /usr/share/postgresql-common/init.d-functions)

On init, the init.d script looks for directories in /etc/postgresql/<version> (by default, ‘main’ exists there) then, in those directories, look for postgresql.conf, which is the file that sets the data directory (/var/lib/postgresql/8.3/main), and the hba_file and ident_file (in /etc/postgreql/8.3/main), port, etc., as well as all sorts of configuration FOR THE SERVER

start.conf determines whether the specific server gets started on bootup

to backup:

pg_dumpall > outputfile

to stop the server:

pg_ctl stop

some samples in

/usr/share/postgresql/8.3

Rake and Rails data on PostgreSQL

The ‘postgresql’ database driver supports rake commands such as


rake db:drop
rake db:create
rake db:schema:load RAILS_ENV=production

Be aware that PostgreSQL does not use autoincrement fields, but rather implements a more structured system using PostgreSQL sequences. Rails will create these for you, and will tell you about it. Thus, the rake db:schema:load will produce messages like:


-- create_table("appts", {:force=>true})
NOTICE: CREATE TABLE will create implicit sequence "appts_id_seq" for serial column "appts.id"
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "appts_pkey" for table "appts"

Those notices tell you that this mechanism is working properly.

Rails, Passenger, and PostgreSQL users

As indicated in the Passenger docs, passenger will run as the user that owns config/environment.rb, but that can be changed as indicated in the User Switching section of the Passenger docs, and can be modified by the PassengerUserSwitching and PassengerDefaultUser options in your httpd.conf or apache2 site files. Whichever user Passenger runs as must have a PostgreSQL user with the appropriate rights. Options include making that user a PostgreSQL superuser, or instituting better access controls with SQL GRANT commands.

In addition, options include other than the “Ident” mechanism of logging into PostgreSQL that we have discussed above. See the PostgreSQL website for details.

As one example, you can create the group and user “passenger” to use for passenger to run as, including the PostgreSQL user.:

adduser --system --group passenger

Change the group for the railsapp directory files by cd to the railsapp directory and issuing

chgrp -R passenger *

Change the mode for the log files and directory, so that the group (now ‘passenger’) can change those

cd log
chmod g+w .
chmod g+w *

Create the PostgreSQL user passenger:

su postgres
createuser passenger

(answer ‘n’ to all three questions: superuser, create databases, create roles)

Grant access to the passenger PostgreSQL user:

su postgres
psql
c myrailsapp_production
grant all on audits, sessions, users, mymodel1s, mymodel2s to passenger;
grant all on sequence audits_id_seq, sessions_id_seq, users_id_seq, mymodel1s_id_seq, mymodel2s_id_seq to passenger;
q

Either change the owner of config/environment.rb to passenger, or set PassengerDefaultUser to passenger

Now Passenger will run as the ‘passenger’ user, and will also set the effective group to the default group of the ‘passenger’ user (also passenger, in this setup). It will access PostgreSQL as the PostgreSQL passenger user, as well, using ident authentication.  Of course, ident authentication works only within a single machine.  To access PostgreSQL from another machine, set the hostname, username, password, and port in Rails.

touch tmp/restart.txt to restart Passenger on the next request.

Setting timezone on Ubuntu (different than setting it for your Rails app)

ln -sf /usr/share/zoneinfo/America/Phoenix /etc/localtime

Setting up the mail server on Ubuntu so Action Mailer Works:

Mail: exim4 was already running, but would not deliver except locally.  Make changes to /etc/exim4/update-exim4.conf.conf – esp change configtype to ‘internet’ (so mail can go out to the internet) but leave local_interfaces at ’127.0.0.1′ so mail will be accepted only from the local system.  Also change readhost to ‘myhostnamehere.com’ so headers show that as the origin, and hide_mailname so readhost works.  Also, change /etc/mailname to mydomainnamehere.com, to indicate the domain of the user sending the mail.

The Virtual Server

To reproduce what I have done, I Actually implemented the above on the 1&1 VPS I Linux package imaged to Ubuntu 8.04 LTS (64 bit). I think you can get a discount on that if you click this link:
Banner

Happy Hacking!

Comments (10)

Flash Player Bug with RoR 2:HTTPService fires fault by http status code 201

June 14, 2008 at 12:40 pm · Filed under Web Programming ·Tagged ,

Regarding Flexible Rails: Flex 3 on Rails 2, by Peter Armstring, and its Forum

This relates to a previous thread, but the solution is buried deep within the thread. There is a bug in Flash Player, which has been reported:

http://bugs.adobe.com/jira/browse/SDK-14153

Adobe considers this bug report “closed” with the “resolution” of “cannot fix”. Basically, Flash Player HTTPService incorrectly faults on status code 201, which indicates “successful creation”. The Rails 2 scaffolding code returns this status code 201 on successful creation, triggering the fault event from HTTPService, and preventing the code in CreateLocationCommand.as on page 318 (for example) from working.

Since Adobe has given up on fixing this error, a workaround is required. One workaround would be to intercept the fault event, locate the status code 201, and treat it as “success”. However, I cannot find the status code in the fault event (!). You could also just treat the fault as a “success”, but then you wouldn’t know whether the create was successful.

The best workaround seems to be to change the status code returned from 201 to 200. This can be done in the rails controller. In this case, using iteration 8 code, pomodo/app/controllers/locations_controller.rb, line 55, change “:created” to “:ok” and CreateLocationCommand.as will work again.

James Nachbar
http://www.plastic.org

Comments (2)

Flex-Rails:protect_from_forgery problem with Rails 2.1 produces ioError 2032

June 14, 2008 at 12:36 pm · Filed under Web Programming ·Tagged ,

Update for Rails 2.2: According to the release notes: “Request forgery protection has been tightened up to apply to HTML-formatted content requests only” in Rails 2.2 — I have not tested this, but it should obviate the problem addressed in this post for Rails 2.2 and newer.

Regarding Flexible Rails: Flex 3 on Rails 2, by Peter Armstrong:

The book talks about commenting out protect_from_forgery, and then uncommenting it in iteration 5 without mentioning what had changed to allow protect_from_forgery to be used.

In reviewing old vs. new rails code (particularly vendor/rails/actionpack/lib/action_controller/request_forgery_protection.rb), it appears that the older versions of rails did not run the forgery protection check for .xml requests, but the newer versions do. Thus, unless you are manually adding the appropriate parameters (see the above file for the current test being done to see if the form request is forged), you will fail the forgery test unless you prevent the test from running. More info on that here:

http://ryandaigle.com/articles/2007/9/24/what-s-new-in-edge-rails-better-cross-site-request-forging-prevention

at a minimum you will need:
skip_before_filter :verify_authenticity_token
in your sessions_controller.rb to avoid the ioError 2032.

You can track this error down by adding a fault event handler to the HTTPService (e.g. in LoginBox.mxml on page 153). You can also look at the output from the server (the “ruby scriptserver” command) which will show status code 422 instead of 200 for the “session.xml” request.

For a more detailed look, go to the rails log at logdevelopment.log and look at the end for the most recent error. It will show that ActionController::InvalidAuthenticityToken was thrown by /vendor/rails/actionpack/lib/action_controller/request_forgery_protection.rb:86:in `verify_authenticity_token’

CSRF attacks are not so relevant for applications running within Flash Player (as opposed to, for example, applications running within a browser), since Flash Player won’t go from one site to another.

If you want to continue to use forgery protection for the .html requests, the best solution is to

1) uncomment protect_from_forgery (so the protection token is generated),

2) skip_before_filter :verify_authenticity_token in the controllers that need to allow .xml to be served without the forgery protection, and then

3) call “verify_authenticity_token” (the same call used by request_forgery_protection.rb) within the .html generation code that you want to protect. verify_authenticity_token will throw the InvalidAuthenticityToken exception if the token is not correct.

If you want to protect your .xml calls too, the check within verify_authenticity_token is:
form_authenticity_token == params[request_forgery_protection_token]
so you would need to get your rails app to send the form_authenticity_token to the Flex client when the session is created, and then your subsequent calls will need to set the “request_forgery_protection_token” param.

James Nachbar
http://www.plastic.org

Comments (2)

Flex-Rails: Non-Debug Flash Player caches, so fails to update list – status code 304

June 14, 2008 at 12:33 pm · Filed under Programming, Web Programming ·Tagged ,

Regrading Flex/Ruby on Rails Programming:

And then just when everything was working in the debug Flash Player, I decided to fire-up IE & run the application in Flash Player in non-debug mode, and it stopped working: after creating an item, the list blanked out rather than being updated.

Ultimately, the problem was that, in non-debug mode, using IE (but apparently not Firefox), Flash issued a “conditional get”, and was getting a 304 “not modified” response instead of the updated data. In debug mode, Flash was issuing a regular GET, and thus got the correct info. Thus, the application worked in debug mode, but not in non-debug mode.

I have seen that RoR 2.1 included some new caching functionality, although I don’t know if this is the kind of caching they are talking about, or why rails was reporting “not modified” even after the database upon which the response was based had been modified..

That Rails was returning status code 304 could be seen in the server window (“ruby scriptserver”)

For some reason, even though I am creating a new HTTPService object for each call, the return from the POST (i.e., the one object being created) was still being returned in the result event when I sent a GET to obtain the entire list. I could determine that by sending the result event info from the list command to the debug window:

var x:XMLList = XMLList(event.result.children());
Pomodo.debug(x);

Even though this was the result of the GET call, I was still getting the result of the POST.

My fix (actually more of a workaround) was to add a time-generated string (“?” + Number(new Date()) ) to the end of the request URI, thus avoiding the caching problem. A better solution might be to send a “no-cache” header from the RoR portion, although I have not tested that. More on avoiding caching here:

http://www.ruby-forum.com/topic/76658

More evil IE caching, I guess!

James Nachbar
http://www.plastic.org

Leave a Comment

« Newer Posts