Matteo Mattei

Hello, my name is Matteo Mattei and this is my personal website. I am computer engineer with a long experience in Linux system administration and web software development.

linkedin rss twitter google+ github facebook

How to calculate the crc32 of a file in Python

Calculating the crc32 of a file in Python is very simple but I often forgot how to do. For this reason I put this snippet here:

You can simply call the CRC32_from_file() function passing a file with the whole path as argument.


How to log email sent from PHP through mail() function

If you have a website in a virtualhost environment that is under attack and starts sending tons of emails, is sometimes difficult to understand from where the attack is started (especially if you have several virtual hosts). However with a little PHP script you can understand from which folder the attack is coming.

Create the following file in a secure place and call it phpsendmail:

Now create the log file and set the correct permissions:

touch /var/log/mail_php.log
chmod 777 /var/log/mail_php.log
chmod 777 /path/to/phpsendmail

Now you have to edit the php.ini configuration (/etc/php5/apache2/php.ini in Debian). Search the [mail_function] section and set it in this way:

[mail function]
;SMTP = localhost
;smtp_port = 25
sendmail_path = /path/to/phpsendmail

Now you can restart Apache and look at /var/log/mail_php.log file.
Its content shoud be someting similar to this:

2013-02-03 17:50:57  To: mail1@domain1.com From: mail2@domain2.com ==> /var/www/vhosts/domain1/httpdocs
2013-02-03 17:50:59  To: mail3@domain3.com From: mail4@domain4.com ==> /var/www/vhosts/domain2/httpdocs/libraries
2013-02-03 17:51:02  To: mail5@domain5.com From: mail6@domain6.com ==> /var/www/vhosts/domain2/httpdocs/assets

Update August 2014 —————— I found a more convenient way to do it… and it saved my life with some servers that were affected by thousands of SPAM emails. You just need to create a couple of files:

Now, in the same way as above set the correct permissions and edit php.ini:

chmod +x /usr/local/bin/sendmail-wrapper
chmod +x /usr/loca/bin/env.php
[mail function]
;SMTP = localhost
;smtp_port = 25
sendmail_path = /usr/local/bin/sendmail-wrapper
auto_prepend_file = /usr/local/bin/env.php

Restart Apache and look at /var/log/mail.info. Now the content is similar to the following:

Aug 18 20:35:42 vps74403 logger: sendmail-wrapper.sh: site=www.example.com, client=77.221.130.44, script=/WP/wp-content/uploads/flags/plugin.php, pwd=/var/www/vhosts/example.com/WP/wp-content/uploads/flags, uid=, user=www-data
Aug 18 20:35:42 vps74403 logger: sendmail-wrapper.sh: site=www.example.com, client=77.221.130.44, script=/WP/wp-content/uploads/flags/plugin.php, pwd=/var/www/vhosts/example.com/WP/wp-content/uploads/flags, uid=, user=www-data
Aug 18 20:35:42 vps74403 logger: sendmail-wrapper.sh: site=www.example.com, client=77.221.130.44, script=/WP/wp-content/uploads/flags/plugin.php, pwd=/var/www/vhosts/example.com/WP/wp-content/uploads/flags, uid=, user=www-data

Very simple graphical messagebox in Python useful for console applications with py2exe

When I have to develop background console applications in Python that have to be executed in Windows, I usually use py2exe and Inno Setup for creating installer. However the big issue is always how to report and show errors to the users. My preferred solution is to keep the application as a pure console application (no graphical), set the py2exe application as a window application and handle the errors with graphical messagebox.

And since the Tk library is included in the Python standard library, it is worth using it.

Lines 10 and 11 are needed to don’t show the main Tk window in background. Updated with support for both python 2.7 and python 3.x


PySide and Qt-designer

The tool to transform myapplication.ui generated with qt-designer in myapplication_ui.py, is called pyside-uic (if you use PySide, or pyuic if you use PyQt). Its usage is straightforward:

Linux:

pyside-uic myapplication.ui > myapplication_ui.py

Windows:

C:\python27\scripts\pyside-uic.exe myapplication.ui > myapplication_ui.py

But can happen the following error:

Traceback (most recent call last):
  File "C:\Python27\Scripts\pyside-uic-script.py", line 5, in <module>
    from pkg_resources import load_entry_point
ImportError: No module named pkg_resources

To fix the problem you need to intall setuptools from http://pypi.python.org/pypi/setuptools Now to use the generated file you need to add the following code to your application:


Subversion, webdav, LDAP and folder restrictions

If you need to configure a svn server on Linux with LDAP authentication, webdav and insert specific directory restrictions you can follow these instructions.

  1. You need to install subversion and apache in your Linux server (I will omit this part).
  2. You need to configure webdav to access svn over http and configure LDAP access.

    Make sure to have the following apache modules installed and configured:

    LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
    LoadModule dav_module modules/mod_dav.so
    LoadModule dav_svn_module modules/mod_dav_svn.so
    LoadModule authz_svn_module modules/mod_authz_svn.so
    LoadModule authn_alias_module modules/mod_authn_alias.so
    

    Assumptions:

    • I am usual to configure subversion in /srv/svn folder.
    • The users allowed to access the SVN have to belong to the LDAP group CN=SVN-AUTHORIZATION,OU=Groups GSO,DC=test,DC=example,DC=com

    Edit /etc/apache2/mods-enabled/dav_svn.conf (this is valid for Ubuntu. Maybe in other distributions this file is placed somewhere else) and make sure to have the following lines:

    <Location /svn/>
      # Enable svn over webdav
      DAV svn
      # Set parent path for multiple repositories
      SVNParentPath /srv/svn/
      # Set authentication type
      AuthType Basic
      # Set authentication name
      AuthName "FLR Subversion Repository"
      # Set authorization (permissions) file
      AuthzSVNAccessFile /etc/apache2/dav_svn.authz
      # Allow to list the parent path
      SVNListParentPath On
      # Use LDAP for authentication
      AuthBasicProvider ldap
      # LDAP server is authoritative (so is the final step for autentication)
      AuthzLDAPAuthoritative On
      # LDAP bind user
      AuthLDAPBindDN "CN=svnbind,OU=Users OS,DC=test,DC=example,DC=com"
      # LDAP bind password
      AuthLDAPBindPassword mypassword
      # LDAP URL
      AuthLDAPUrl "ldap://ldap_ip_address:389/DC=test,DC=example,DC=com?sAMAccountName?sub?(&(&(objectClass=user)(objectCategory=person))(memberof=CN=SVN-AUTHORIZATION,OU=Groups GSO,DC=test,DC=example,DC=com))"
    
      # A valid user is required
      Require valid-user
    </Location>
    
  3. Create the permission file /etc/apache2/dav_svn.authz It will have the following content based on your needing:

    [groups]
    admin = matteo
    group1 = user1, user2, user3
    group2 = user2
    group3 = user4
    
    ###################################
    [/]
    * = r
    @admin = rw
    ###################################
    [repository1:/]
    * = rw
    ###################################
    [repository2:/]
    * =
    @admin = rw
    @group1 = rw
    ###################################
    [repository3:/]
    * =
    @admin = rw
    @group2 = rw
    @group1 = r
    ###################################
    [repository4:/]
    * = r
    @admin = rw
    [repository4:/trunk/sources]
    * = r
    @admin = rw
    @group3 = rw
    ###################################</pre>
    

    Now restart apache with

    /etc/init.d/apache2 restart
    
  4. Create repositories. As root issue the following commands:

    cd /srv/svn
    svnadmin create repository1
    chown www-data.www-data -R repository1
    svnadmin create repository2
    chown www-data.www-data -R repository2
    svnadmin create repository3
    chown www-data.www-data -R repository3
    svnadmin create repository4
    chown www-data.www-data -R repository4
    

You are now ready to use your new subversion repository with LDAP account, webdav access and custom user/group directory restrictions.


Speed-up your virtual machine created with VMware Player

vmware logo

If your virtual machine created with VMware Player becomes very slow and takes a long time to complete some operations it’s time to improve its performance! Close your VM, and open the *.vmx file with a text editor. Then add at the end of the file the following lines:

mainMem.useNamedFile = "FALSE"
sched.mem.pshare.enable = "FALSE"
MemTrimRate = 0
MemAllowAutoScaleDown = "FALSE"
prefvmx.useRecommendedLockedMemSize = "TRUE"
prefvmx.minVmMemPct = "100"

Make sure to not duplicate the keywords (in case you already have some lines set) otherwise the VM will not start. The above lines totally reserve the memory requested by the VM to the guest system and avoid to continuously ask to the host (and so to the swap file) for new memory chunks.

Try yourself and give me a feedback!