Details
subversion_logoToday i was installing subversion on a 64Bit Windows 7 machine.
I chose the SlikSVN package to install Subversion, because i dont want to have
an Apache running on this computer, and it was the only 64 bit Subversion option.
Installed, out of the box and with installing svnserve as service with

1
2
3

sc create svnserve binpath= "c:\subversion\svnserve.exe --service
    --root c:\repos" displayname= "Subversion" depend= tcpip
    start= auto

 

it worked out of the box without any troubles.
The only thing that was not working was TortoiseSVN. So... it worked by command line but did not work with TortoiseSVN? Yes.
After trying for hours i uninstalled SlikSVN and tried the CollabNet package. With this package it worked without any troubles.

I really don't know what could be the reason for this. I also found some threads where people had the same problems.
Does anybody out there have hint, why it does not work with SlikSVN?

Details

Another good way to limit the rights of a remote user in linux is to use rbash (restricted bash). Although there are ways to bypass the restrictions it is in my opinion a nice way to protect a user from himself (and my system from this user....).

rbash

example 
useradd example -m -d /home/example -s /bin/rbash
usermod -s /bin/rbash example
passwd example

Details

Another nice way to create users on linux that have just rights for scp/ftp/cvs/rdist/rsync is RSSH (restricted ssh).

Example (for debian)

installation

apt-get install rssh

configure the rights by editing the config file (uncomment the things he should be able to do)

vi /etc/rssh.conf

add user or modify a already existing user

useradd -m -d /home/heinzi -s /usr/bin/rssh heinzi
usermod -s /usr/bin/rssh heinzi

Now the user can just access by the application you choose for him in rssh.conf.

Details

By default a user in user has a lot of rights, nothing really critical, but why allow him to peak in any config files if he doesn't really need to? So i was looking for a way to limit the rights of a remote user, without the need to chmod a lot of files. The first way i found was to create a jail shell. This is a pretty cool way to limit a user to a handful of commands and prevent him of leaving his home-directory. It works either with SFTP (easy) and SSH (bit more of configuration) and can either be applied to a user or a group. The user is named "heinzi" in this example:

SFTP

user

  Match User heinzi
  ChrootDirectory /home/heinzi
  AllowTCPForwarding no
  X11Forwarding no
  ForceCommand /usr/lib/openssh/sftp-server

group

  Match Group users  
  ChrootDirectory /home
  AllowTCPForwarding no
  X11Forwarding no
  ForceCommand /usr/lib/openssh/sftp-server

restart ssh

/etc/init.d/ssh restart

The user should now be limited to his homedirectory.

Details

Here the example for ssh:jail_small

SSH

apt-get install sudo debianutils coreutils
get the script that does a lot of configuration for us 
cd /usr/local/sbin
wget http://www.fuschlberger.net/programs/ssh-scp-sftp-chroot-jail/make_chroot_jail.sh
chmod 700 /usr/local/sbin/make_chroot_jail.sh

take a look if the script contains all APPS you need

vi /usr/local/sbin/make_chroot_jail.sh

create symlink back to home

cd /home
ln -s . home

create jailshell

make_chroot_jail.sh heinzi /bin/bash /home

config /etc/ssh/sshd_config

vi /etc/ssh/sshd_config

add at end of file

user
Match User heinzi
    ChrootDirectory /home
    AllowTCPForwarding no
    X11Forwarding no
group

Match Group users

  ChrootDirectory /home
  AllowTCPForwarding no
  X11Forwarding no

restart ssh

/etc/init.d/ssh restart

Details
bacu_logo-redWhen bacula jobs get the status "E" but the FileDaemon tells you that everything was ok, then you probably have to set the heartbeat interval in your bacula-configuration-files. It worked for me to set "Heartbeat Interval = 1 minutes" in the FileDaemon and StorageDaemon configuration files.

Details

oralogo_small

 

"java.lang.InstantiationException: jms.xml: port 9240 already in use"

This error can occur if you try to start the oc4j (startinst.bat on windows) and the oc4j was not shutdown with the shutdown script that is delivered by oracle. Just execute the shutdown script (stopinst.bat on Windows). That should solve your problem.

 

Details

If you want to run XPlanner+ with the security-manager of tomcat turned on, you need to give following permissions tested with tomcat5:

 

permission javax.security.auth.AuthPermission "modifyPrincipals";
permission java.net.SocketPermission "127.0.0.1:3306","connect, resolve";
permission java.net.SocketPermission "localhost:9090","connect,resolve";
permission java.lang.RuntimePermission "getProtectionDomain";
permission java.lang.RuntimePermission "shutdownHooks";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.el";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.coyote";
permission java.lang.RuntimePermission "accessClassInPackage.javax.el";
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
permission java.lang.RuntimePermission "accessDeclaredMembers";
permission java.io.FilePermission 
"/var/lib/tomcat5.5/webapps/xplanner-plus/xplanner-plus-activity.log", "read,write";
permission java.io.FilePermission "*","read";
permission java.io.FilePermission "/usr/share/tomcat5.5/common/-","read";
permission java.io.FilePermission "/usr/share/tomcat5.5/bin/bootstrap.jar", "read";
permission java.io.FilePermission "/usr/share/java/commons-daemon.jar", "read";
permission java.io.FilePermission 
"/var/lib/tomcat5.5/webapps/xplanner-plus/WEB-INF/classes/logging.properties","read";
permission java.util.PropertyPermission "*","read,write";
permission java.net.SocketPermission "jakarta.apache.org:80","connect,resolve";
 

 

I tested this permissions on Debian Lenny. The xplanner-plus-activity.log is in this path because i changed it manually. Reason is that there seems to be a bug in the log4j configuration i already reported.

Details
xppSome years ago a colleague introduced a tool named XPLanner in our project. I was a little bit sceptic, because it's originally designed for agile develoment, not exactly i was used to. But after some days i noticed that it is a really good tool to keep an eye of your own tasks, and also to the tasks of your colleagues, that is for example important if you wait for some feature to finish to complete your own work.
I really liked it! But a while ago development stopped completely. A lot of people were waiting for a new version, there seem to be a lot of installations still out there. I also tried some other tools for XP or agile development, but i could not find anything comparable.
XPLanner is simple and fast. You need about ten  mins to explain somebody else how to use it.

Some weeks ago i came upon XPlanner+ that is a continuation of XPlanner. Maxim Chirkov seems to be the lead developer, and is doing a good job. I currently am trying to make it run on Debian, that is not that easy mainly because of my (the lack of) Tomcat-skills.
This project is really worth to keep an eye on!

Details

tomcat

And again a tomcat issue! If you ever get over

 

1
2
3

Cannot configure CacheManager: 
file:/var/lib/tomcat5.5/webapps/testappl/WEB-INF/classes/ehcache.xml:12: 
Could not set attribute "path"

 

in your logfiles, you have a permission problem on your tomcat-application-server. If you are in debian go to the directory /etc/tomcat5.5/policy.d/ choose the right file (system/debian/webapps/catalina/admin policy) and add following permission

1
 
permission java.util.PropertyPermission "java.io.tmpdir", "read";

 

After restarting your tomcat (/etc/init.d/tomcat5.5 restart on debian) this config issue should be gone.

 

Details

I am trying to get an webapplication run on Debian. This application needs the sun-jdk not the GNU-jdk. Following is reproducable at will:

A) WORKS:
apt-get install sun-java6-jdk sun-java6-plugin
apt-get install tomcat5.5 tomcat5.5-admin

B) DOES NOT WORK:
apt-get install tomcat5.5 tomcat5.5-admin
apt-get install sun-java6-jdk sun-java6-plugin

A does not install the gcj VM, B does install gcj + sun (that's fine)

i tried to make B choosing the sun-jdk by
update-alternatives --config java
update-alternatives --config javac
update-java-alternatives --set java-6-sun

when starting the tomcat-manager always java 1.5 is displayed
when removing apt-get remove java-gcj-compat
the manager is not able to run anymore

There seems to be an issue, when installing the tomcat without a sun-java-jdk (or jre) is present. I am investigating further.

Details

patchToday i was looking for about an hour for the patch to upgrade my newly installed Oracle Developer Suite to 10.1.2.3. It was hard to find, because Oracle renamed the product on the update page to "Oracle Fusion Middleware Family". Yell

If you wanna get it, here is the Patchset Number: 5983622.

  1. Oracle Reports font subsetting
  2. Adding Fonts on Unix for Oracle Reports PDF
  3. Harddisk recovery tools free and not so free
  4. REP-1352 Font Issue
  5. Oracle Reports with barcode
  6. Enterprise-Manager + RMAN No RMAN found, Message file not found
  7. ORA-1017: invalid username/password when creating database link
  8. resolv.conf overwritten empty after reboot
  9. AmazonBestseller which products are cheap?
  10. 4gb seg fixup errors after upgrading from etch to lenny
  11. Oracle Bug ORA-07445: exception encountered
  12. C compiler cannot create executables.
  13. Oracle Java File permissions
  14. EM Manager "Compute dynamic property takes too long"
  15. where to download com_migrator
  16. PL/SQL Email-Validation
  17. Power Consumption of Dell Server
  18. Enterprise Manager and ORA-00018
  19. Io exception: The Network Adapter could ...
  20. Centos = Redhat Enterprise Linux
  21. Enterprise Manager notification not working
  22. the magic Oracle WITH-clause
  23. Error in invoking target - Oracle on Debian
  24. Oracle Installation on Debian for dummys II
  25. Oracle Installation on Debian for dummys I
  26. Oracle-Reports Asynchronous calls with SRW-API
  27. on-commit not working on materialized views
  28. using Materialized View
  29. How to determine the character-set in Oracle
  30. how to compile invalid sys-objects
  31. ORA-06553: PLS-320: the declaration of the type...
  32. Access Control with Context/Fine-Grained Access Control
  33. MDA Vario/Qtek 9100 Ersatzstift/Replacement Stylus
  34. Versioning of a table in Oracle
  35. datapump fails with ora-06502
  36. Where to find Opatch
  37. How to create a SPFILE from a PFILE
  38. How to use UTF8 in PDFs created by Oracle-Reports
  39. Oracle Failsafe and SPFILE
  40. phone-number check in constraint
  41. webutil wuc-024 (WUC-24)
  42. Failsafe ORA-00942 "View or Table does not exist" workaround
  43. direct access to the database without TNSNAME.ORA
  44. Failsafe ORA-00942 "View or Table does not exist"
  45. Connection to host failed. Bad SQL_SCRIPT at - line 227.
  46. Is Oracle Failsafe just for Databases?
  47. Do you know Oracle Failsafe???
  48. REP-56055: Exceed max connections allowed
  49. Troubles with OracleDataSource
  50. Enterprise Manager clone Database results in "insufficient disk space"
  51. How to distribute Oracle Reports Part II
  52. How to distribute Oracle Reports Part I
  53. No valid GPS-Signal on Acer N35
  54. How to use a terminal-file in webforms
  55. ORA-00257 ORA-16020 Archiver Stuck
  56. ORA-39002 ORA-39070 ORA-39087 with Datapump
  57. Installation Forms and Reports Service failed
  58. Simple Machine Forum
  59. Don't use timers in webforms - WHY NOT?
  60. The difference between PJC and Java Beans in Forms
  61. Forms and Reports Services Standalone
  62. ORA-00932: inconsistent datatypes
  63. Compare Database Performance
  64. Scott and Tiger
  65. Surprise Surprise Oracle Developer Suite 10gR2
  66. Working with Oracle Express Edition
  67. Oracle Express - an Oracle-Database that's for free
  • You are here:  
  • Home
  • IT-Blog