Here, I’ll admit it. One of the things I’ve always been a little scared of, in terms of Linux server administration, is LDAP. It’s obviously incredibly useful in many ways, not the least of which, it’s the most current and secure way of centralizing user, group and system configuration information, even across the web. And it offers great inter-operability with other types of systems, whether big-blue Unices, things that Came from Redmond, or even those slick little units that are Designed in California.

But, the nomenclature and concepts can be rather slippery at first, to the young mind (but here is a good intro). And while there is tons of documentation out there, it is not easy reading in general. In fact, it will guarantee to cure insomnia.

This guide is the result of an attempt to get user authentication sharing working via LDAP. After many false starts, it boils down to something pretty simple really. This won’t really be useful in a enterprise production system, but is a good way to get your feet wet.

Read the rest of this post »

NIS is a bit of an old-school solution on UNIX systems for sharing user information, including logins, across systems. This allows administrators to centralize all user account information, as well as home directories, across any number of physical machines. There are some security implications (like having to disable iptables on the server, see below), and maybe LDAP would be a better choice. But for a home or small organization behind a good firewall, an NIS system could be a lot simpler to create.

Read the rest of this post »

Something I found out today when I decided to make a quick edit to a video taken on my cellphone:  Newer GSM cell phones and devices (such as my now-dated Android G1) now tend to save video in 3GP format. This shiny new multimedia format may have many advantages, but it is not widely supported yet on mainstream desktop software, and also may encapsulate certain codecs that are not free to use. This includes the AMR audio codec, which is patent-encumbered and cannot be freely distributed. Since this is what Android and many others use in their 3GP video output, it has become a common issue.

So, apparently there are people under the impression that you can only read and edit these videos using proprietary software such as Quicktime Pro, sketchy shareware or dodgy apps from questionable code houses. For just making the very occasional simple edit to a cheesy cellphone video, it’s a lot to ask.

Fortunately, there is a good alternative. All you need  little command-line mojo and some patience.

Read the rest of this post »

A minor UI detail in development required that we include the width and height of certain images in the HTML and XML views. Since we were using the file_column plugin, which doesn’t normally save any image information besides the file name, this turned out to require some hacking.
Read the rest of this post »

This seems to be a very popular subject to write about for those of us with the fix-it-and-forget-it mentality. But everything I dug up either contained outdated information or set up too unnecessary hoops (like this Redhat KB article for instance). So as my attempt to better the world today (and make a record for my own reference), here is a simple and robust way to export NFS shares from a Redhat/Fedora system with iptables enabled.
Read the rest of this post »

The ASUS Eee 1008HA is the latest in the popular line of ‘netbooks’ that are reportedly taking over the world, or at least the consumer electronics portion thereof. We picked one up from Amazon for about $419 as a way to keep in touch during summer travels (because, really, what good is a vacation if you can’t have a daily internet fix), and keep our darling 2-year-old entertained with some pre-recorded digital media during a 5-hour plane trip.
Read the rest of this post »

Somewhere, there are people who had to sit through this being shown on a giant screen at a sales meeting, and resisted the urge to gouge out their own eyes with a spork. My compassion for humanity reaches new highs.

lifted from here

This howto will show you how to setup an SSL certificate on a Plesk server so that it will be used when people connect through secure pop, smtp and imap.

To do the following, you need a certificate. It can be self signed or CA signed. Using a self-signed cert will of course result in some browser warnings for those who have not added the certificate as locally trusted on their computer.

Read the rest of this post »

I get questions a lot from designers about not only optimal page width for layouts but what height to use to ‘keep everything above the fold’. Here is one answer I gave recently -

For width, I’m not a designer but I’ve read that 960px width is the way to go these days, because it lends itself to being divided into columns that look nice:

As far as ‘above the fold’, I just have to caution against using any such concept on the web. Horizontal scrolling can and should be avoided, but vertical scrolling is something you cannot 100% avoid. All I can tell you is that on a 1024×768 display (at least 95% of users have that or higher) you should be OK with a fixed 600px high block. But there are many different display formats out there, the browser chrome can take up a lot of room, and not everybody maximizes the browser window.

Here are some other sites that say more-or-less the same thing - but planning to get absolutely everything ‘above the fold’ for everyone is tough because then you might only have 400px or so, according to the actual statistics.


update [Dec 17 2009] A Google engineer just released his side-work project, which will let you view any site through an overlay that graphically represents the statistics they have gathered on viewport size. If that doesn’t make sense, don’t worry, it’s easy, check it out.

So this shows the ‘fold’ is not a fixed value, which we already knew. It’s never good to hide the legendary ‘Big Important Button’, but if you want to design to even the 80th percentile then you have a real small area to work with.

But to take it even further, here are a few more articles, based on empirical data, that generally conclude that scrolling should not be feared:

Installing rssh to allow scp/sftp sessions only for user accounts is a breeze. Getting them into a chroot jail took a bit more reseach, but in the end turned out to be pretty easy.

This is on CentOS 4.6, but this technique should work almost identically for any Linux system thanks to the l2chroot script.

Read the rest of this post »