Monday, October 22, 2007

Subversion, Fedora, PAM, winbindd, Apache and NT4 Authentication

In order to get a Subversion source control server running via Apache HTTP server on Redhat/Fedora Linux, with no separate user authentication, I had to get the Apache server on the box to authenticate the Subversion svn URL against a Windows network. In this case that meant an NT4 Windows domain. There's a few tricks to this that took awhile to figure out. Here's an outline of the process to get Apache to protect the resource using Windows network login and passwords...

0. Install the Apache module mod_auth_pam.

1. Connect the Linux host to the Windows domain. From the menus, select: Administration -> Authentecation -> Authentecation -> Winbind

Configure winbind and and click the "join" button. Note that this required the Windows administrator's username and password.

2. Edit the system's services and enable winbindd to run on startup

Now these commands should work:



wbinfo -u
wbinfo -g
wbinfo -a \\%;

For example:


wbinfo -a XYZ\\jsexton%my_password

should successfully authenticate jsexton against the NT domain XYZ.


3. Setup PAM's http configuration. Here's the use of pam_permit.so. Without this, PAM will check for a valid local account and fail. You'll find references out there to having to make /etc/shadow readable by the httpd for this reason. But using the permit option avoids this problem. This took awhile to figure out because I was using myself as a test and I do in fact have a local account. What I didn't realize was that it was not smart enough to deal with the leading Windows domain on the username. User "jsexton" existed on the linux box, but "XYZ\jsexton" did not. Not having to enter the Windows domain with the username when logging in would also solve the problem, but I don't see how to make that happen in the winbindd setup, for an NT domain.

File /etc/pam.d/http



#%PAM-1.0
auth sufficient pam_winbind.so debug
#account required pam_winbind.so debug
account required pam_permit.so

4. Set Apache to load PAM:

File /etc/httpd/conf.d/auth_pam.conf



LoadModule auth_pam_module modules/mod_auth_pam.so
LoadModule auth_sys_group_module modules/mod_auth_sys_group.so

5. Protect a sample directory:

File /etc/httpd/conf/http.conf



Alias /test/ "/test/"
<Directory "/test">
AllowOverride None
Allow from all
Order Deny,Allow
AuthType Basic
AuthName "AUTH TEST"
AuthPAM_Enabled on
Require valid-user
</Directory>

Now loading http://localhost/test/ should ask for a name and password and authenticate against the Windows domain (note the trailing slash on the URL). Enter the Windows domain in the username with one back-slash, ie "XYZ\jsexton". Watch /var/log/messages and /var/log/httpd/error_log for information. The exact location of some of these files may vary on your system.

Thursday, October 18, 2007

Colbert

http://tv.msn.com/tv/article.aspx?news=279894&GT1=7703

"Stephen Colbert announced his candidacy for president on "The Colbert Report" on Tuesday night, tossing his satirical hat into the ring of an already crowded race.

"In a guest column for Maureen Dowd in Sunday's New York Times, Colbert wrote: "I am not ready to announce yet — even though it's clear that the voters are desperate for a white, male, middle-aged, Jesus-trumpeting alternative."

http://en.wikipedia.org/wiki/Pat_Paulsen

http://www.paulsen.com/
(Have a look at the editorials section)

Now that we don't have equal time rules, it's a lot easier for comedians to run for high office, and Colbert is definately funnier then the rest of the candidates (except for John McCain, that guy cracks me up!).

Wednesday, October 17, 2007

Shocking Story! Vista is Junk!

http://vista.blorge.com/2007/10/12/dutch%E2%80%99s-consumers%E2%80%99-union-asks-free-copies-of-xp-for-vista-victims/

"In a recent meeting between the Dutch Consumers. Union (Consumentenbond) and Microsoft Netherlands, the consumer organization asked for free copies of Windows XP for members who were having problems with Vista. Microsoft, of course, refused.

"The refusal has led Consumentenbond to call on consumers to explicitly ask for Windows XP when purchasing a new computer and for shops to provide free Windows XP packages to those dissatisfied with Vista."

Changing the Message Displayed on HP Printers

http://kovaya.com/miscellany/2007/10/insert-coin.html

"This little perl program allows you to set the "Ready Message" on HP printers to whatever you'd like.

...

"You can think up your own funny, confusing or scary messages. My personal favorite is "INSERT COIN" which fits perfectly on the small LCDs. You can even sit in sight of the printer and change the message while watching the reaction of your victim."

Everyone should do this. Right away.

Thursday, October 11, 2007

So When's the Big Sale on Wallstreet?

I was thinking about the stock market...

What they call a bull market has officially entered a 5th year. The average length of a bull market is 3 1/2 years, so it's doing well. I think, as many do, that '08 is going to be good - really good. But what worries me is that after that, beginning sometime in late '08, I have no idea what could happen. I'm thinking at some point I'll move a lot of money out of stocks.

I think what Alan Greenspan has said is ture. Bull markets (bubbles if you like) end naturally for internal reasons at any moment. Whatever happens to be happening in the world at that moment will get blamed for it.

http://www.pbs.org/nbr/site/onair/transcripts/071010_gharib/

"The issue is once you get to the point where the speculative fever breaks, which it does on its own for internal purposes, what happens to be standing there at the point of the break, whether it be somebody making a speech, whether it is a weather change, whether it is some form of event, it will become the cause of the next decline. But the cause is essentially internal. It`s the internal dynamics of booms and busts or bubbles and bursts. It`s human nature. It`s not something which we can do very much about."

Wednesday, October 10, 2007

DRM and Record Labels

Speaking of bad ideas, get a load of this:

http://www.sfgate.com/cgi-bin/blogs/sfgate/detail?blogid=19&entry_id=21013

I just can not believe eBay. I really can't. A couple weeks ago I got another slick "catalogue" in the mail from Macy's - er - I mean eBay. This one was personalized with my ebay login. "Hello jsexton", or some such. Gee, they know my name, I'm sooo impressed. Then it goes on to hype merchandise that I have no interest in what so ever. My eBay rating is nearly 1,000. I've bought and sold on eBay a lot over many years. And yet the best they can do with this information is use my login name to try to sell me brand new, name brand goods that have nothing to do with my interests - which they know! It's frustrating watching eBay waste their market leading position.

Tuesday, October 09, 2007

Clouds

I think this is much bigger news than it appears on the surface. I think this is the beginnings of the future of technology, er, I mean the Googture of technology.

http://www.informationweek.com/research/showArticle.jhtml?articleID=202400042

"Google(GOOG) and IBM(IBM) on Monday announced an initiative to advance large-scale distributed computing by providing hardware, software, and services to universities.

"The two companies aim to reduce the cost of distributed computing research, thereby enabling academic institutions and their students to more easily contribute to this emerging computing paradigm."

Monday, October 08, 2007

Google.com

GOOG is over $600/share and just going crazy.
Everyone says the sky's the limit and I'm inclined to agree. The company is doing everything right and they completely dominate their market. And here's a sign Google is strong - the MS-FUD machine. Me-too, late to the party, no meaningful product on the table, Microsoft is attacking Google. Ballmer is saying that Google reads your email! Shocking!

http://www.crn.com/software/202300583

Ya, well Microsoft Vista reads your hard drive. Whatever...
Maybe it's just the "New Economy".

Har!

http://www.reuters.com/article/internetNews/idUSL2779608320070927?feedType=RSS&feedName=internetNews

"The Internet is killing off the art of telling jokes and now the average Briton only remembers and recycles the same two jokes, a new survey showed on Friday.

"Up to 75 percent of those surveyed by Loaded Magazine admitted they spent up to an hour a week at work sending humorous e-mails."

Friday, October 05, 2007

Bikes on Hawthorne

http://bikeportland.org/2007/09/27/pdot-releases-latest-bike-count-report/

Bicycles represent 18% of all vehicles on Portland's Hawthorne Bridge and 11% of vehicles on the four bicycle friendly Willamette River bridges.

Bicycle traffic in Portland has more than doubled since 2001.

Energy

http://www.wired.com/science/planetearth/magazine/15-10/ff_plant_4tech

Wind

Geothermal

Solar

Synfuel

http://www.wired.com/science/planetearth/magazine/15-10/ff_plant

"Unfortunately, passing chemistry class doesn't mean acing economics. Scientists have long known how to turn trees into ethanol, but doing it profitably is another matter. We can run our cars on lawn cuttings today; we just can't do it at a price people are willing to pay."

http://www.wired.com/science/planetearth/magazine/15-10/ff_plant_renew

"We've got only a few decades to save the world: Somewhere between 2030 and 2050, if current trends persist, atmospheric CO2 levels will hit 500 parts per million, temperatures will rise 2 degrees, and the Greenland ice cap will begin turning to slush, causing sea levels to rise 20 feet."

http://www.nytimes.com/2007/09/25/washington/25nuke.html?ex=1348372800&en=ac936439741767c7&ei=5088&partner=rssnyt&emc=rss

"In a bid to take the lead in the race to revive the nuclear power industry, an energy company will ask the federal Nuclear Regulatory Commission on Tuesday for permission to build two reactors in Texas.

"It is the first time since the 1970s and the accident at Three Mile Island that an American power company has sought permission to start work on a new reactor to add to the existing array of operable reactors, which now number 104."

Thursday, October 04, 2007

!

Oh for gosh sakes Bush is an idiot!

http://duggmirror.com/celebrity/NO_your_other_right_hand_pic/

The man has armies of handlers and trainers, the best, this should never happen - Cripes!!

Tuesday, October 02, 2007

Skype

http://www.reuters.com/article/internetNews/idUSN0128731720071001?feedType=RSS&feedName=internetNews

"NEW YORK/SAN FRANCISCO (Reuters) - EBay Inc said on Monday it would cut as much as $1.2 billion off the $4.3 billion potential price it agreed to pay for Web-based phone-calling service Skype two years ago.

"The writedown on the value of the deal came as eBay said Skype co-founders Niklas Zennstrom and Janus Friis had resigned as executives, and marks a tacit admission of lackluster returns from Skype since eBay acquired it two years ago."

Not long ago I started using Skype. Although its functions overlap with those provided by many simular systems, it works well, and I like it. I've used eBay for many years as a buyer and a seller. It has some problems, but it works OK.

Whoever thought eBay should aquire Skype and start operating an IP phone company should really be looking for another job. It makes no sense at all, and eBay has proved this by finding no synergy, at all, and now by making little money on the whole thing. It never did make any sense.

File under "duh"...

Monday, October 01, 2007

14,000

DOW 14,000 today. Will it close over? I doubt it... But it should be a good day. This is the start of the 4th quarter. Q4 is frequently good. We have the "Santa Claus" rally coming up, and an election where people know we'll be getting rid of an idiot (money doesn't play ideology). Plus, the economy is fundamentally strong. It'll take off as people realize that the housing hype is 90% just the whining of a single industry looking to be bailed out.

Jeff Sexton

007 1:144 Scale 1:350 Enterprise 10 Barrel Brewing 14 1856 2001 A Space Odyssey 3D modeling 40and20 4th of July 78 RPM Abyss Adam West Advertising Agora Models Air Canada Airline Airways Brewing Alan Bennett Alaska Alberta Alberta Street Pub Alfa Romeo Spider Touring Gran Sport Amati Amazon Amnesia Brewing AMT Analog signal Android Anomalies and Alternative Science Antiques Apache Apollo Apple Apple Stores Art Artisanal Beer Works Assembly Brewing Aston Martin Astoria Asus Atlas Audrey Augmented reality Aurora Famous Fighters auto-awesome Automobile Autos Aviary Aviation Backups Baelic Brewing Bale Breaker Brewing Bandai Barack Obama Barley Brown's Beer Bars Base Camp Brewing Batman Battery Beards Beer Beer Bar Bell System Bellwether Berkshire Hathaway Betty White Beyond the Fringe Bigfoot Bikes Bill Clinton Bird Food Bird Toys Birds Birthdays Bleriot Bleriot XI Block 15 Brewing Blogger Bojack Horseman Bolton Landing Brewing Boltons Boneyard Brewing Books Boxer Ramen Boxer Ramon Breakside Brewing Brian Eno Build Management Buoy Brewing Burger King Business and Economy Business Process Execution Language Bye & Bye Byte-order mark Canadian Carrot Cats Chex Mix Chihuly Chipmonk Christmas Civil Defense Clinton Clocks Closet Doors CNN Cockatiels Cocktails Collections Columbia Grafonola Columbia River George Columbia River Gorge Corners Corvallis County Cork Crooked Stave Brewing Crows Crux Brewing Cuisinart Culmination Brewing David Byne DB5 Dear Jane Debian Deschutes Brewing DFW C.V Diabetes Dick Curtis Digital Living Network Alliance Digital television Dinosaurs Disney Doll House Don the Beachcomber Double Mountain Brewing Dow Jones Industrial Average Dragons Dudley Moore Duesenburg SJ Roadster Durham University DVD E-mail address E9 Eagle Eagle Creek Fire Eaglemoss Easter ebauche Ecliptic Economics Ed Ed and Olive Eels EJB Elgin Elysian Brewing Energy development Enterprise Enterprise JavaBean ESP Evergreen Air Museum Everybody's Brewing Ex Novo Brewing F-84G Thunderjet Facebook Family Photos Fathers Day Fearless Brewing Fedora Ferment Brewing Ferns Festival of The Dark Arts Filesharing Finance Finger Firesign Theater Fireworks Flowers Flying Sub Food Ford Fort George Brewing Fossil fuel Free House Garfield James Abram Garfield Minus Garfield Gateway Brewing Gene Sexton Gene Wilder George Carlin Gigantic Brewing Gilgamesh Brewing Glass Glassfish Global warming Golden Arches Goldfinger Goofy Google Google Assistant Google Buzz Google Docs Google Home Google Lively Google Photos Google Reader Google Wave Google+ Goose Graffiti Grammar Gravy Great Divide Brewing Great Notion Brewing Greek Festival Greenhouse gas Gruen GT40 H. G. Wells Half-Life 2 Halloween Harlan Hawaii Helbros High-definition television Hilo Hilo Brewing History Ho 229 Hollywood Theater Hopworks Urban Brewery Horizon Models HP Hybrid electric vehicle IBM Impala Inner city Instagram Insulin Investing IPMS Iris Irony J.C. Penny James Bond Jane Austen Java Java Architecture for XML Binding JC Penny JDBC Jeannine Stahltaube Jeff's! Jim Davis joe the plumber John McCain Jonathan Miller Jubelale Kapaau Karma Kauai Kay Thompson Kermit the Frog Keys Keys Lounge Kids and Teens Kona LA Auto Show Labrewtory Larry King Laser Laserdisc Leavenworth Wenatchee River Level Brewing Lilly Tomlin linux Little Beast Brewing Lloyd Center Logging Lowry Sexton LPs Lucky Lab Magnets Mark Cuban Market trends Martin Mull Maytag McDonald Mediatomb Meier and Frank Mel Brooks Mercury Microsoft Microsoft Windows Migration Brewing Mobius Models modern Times Brewing Money Monkey monsters Moon MOUNT HOOD Mount Tabor Movie Reviews Multnomah Falls Music Music industry Muxtape MySQL NetBeans Netflix Nikon Nikon Z50 Ninkasi Brewing Nintendo Nissan Cube Norm Coleman North Bar Nuclear fallout Nuclear warfare Nuggest Nuts OBF Office Depot Offshoot Beer Co Oktoberfest Ola Brewing Old Town Brewing Olive Open ESB Oracle Corporation Orca Oregon Orion Space Clipper Owls Pacific Ocean Packard Boattail Pam American Parrots Patio Sale PDX Pearl District Pearl District Portland Oregon Peppers Performance Review Peter Cook Peter Iredale Pets Pfriem Brewing Philip K Dick Phone Book photography Pizza Plank Town Brewing Play Station PlayStation 3 pluspora Pocher Podcast Poke Pokémon HeartGold and SoulSilver Polar Lights Politics Pono Brewing Portal Portland Portland Development Commission Presidents Pride and Prejudice Programming Projects PS3 PS4 Pumpkins Quotation Marks Rad Power Radio Radio Room Ramen Ramon Recipes Recording Industry Association of America Renewable energy Reservoir Reuben's Brewing Reubens Brewing RIAA Richmond Pub Robot Chicken Rock-paper-scissors Rogue Brewing Round 2 Sales San Francisco Santa Sarcasm Sasquatch Brewing SATA Science fiction film Sea Quake Brewing Seattle Selfie Serbia Service-oriented architecture Seward Shelby Cobra Shipwreck Shopping Signs Silver Moon Brewing Slide Rule Snow Soap Soap Cutter Social Security Social Studies Society6 Sony Sopwith F.1 Camel BR.1 Soviet Space 1999 Space Race Spad XIII Speaker Repair Spirit of St. Louis Spitfire SQL Squirrel's St Patricks Day Stanford Hospital Star Trek Star Wars Starbucks Stock market Storm Breaker Strip search Stripes Studebaker Studellac Sun Microsystems Supernatural T-Mobile Tablet Tamiya Tamiya Spitfire Taube TechCrunch Technical Television Terminal Gravity Thanksgiving The Producers ThinkGeek Three Creeks Brewing Thunder Island Brewing Tiki Time Bandits Toaster Tom Peterson Tools Top Ferment Total Recall Transportation Security Administration Trumpeter Tubboat Tyco UFOs Unicode United States United States Department of Homeland Security Universal Plug and Play Unknown Primates USB USS Yorktown Valcom Van Gilder Hotel Vegetable garden VHS Victoria Video Video game Vintage Images Vintage Vintage! Virtual world Volcano Hawaii Volvo C70 Voyage to the Bottom of the Sea Wall Street War of the Worlds Warren Buffett Warrenton watches Watercolor Wayfinder Brewing We Can Remember It for You Wholesale Web service Web Services Description Language Whiskey Wii Windows 7 Windows Phone 7 Windows Vista Windows XP Windy Wingnut Wings Wood Worthy Brewing WWI WWII X-Files X-ray vision XML XML Schema Y2K Yeti YouTube Yugo Zero Mostel Zima Zoom H2n