Matteo Mattei

Hello, my name is Matteo Mattei and this is my personal website. I am computer engineer with a long experience in Linux system administration and web software development.

linkedin rss twitter google+ github facebook

Subversion, webdav, LDAP and folder restrictions

If you need to configure a svn server on Linux with LDAP authentication, webdav and insert specific directory restrictions you can follow these instructions.

  1. You need to install subversion and apache in your Linux server (I will omit this part).
  2. You need to configure webdav to access svn over http and configure LDAP access.

    Make sure to have the following apache modules installed and configured:

    LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
    LoadModule dav_module modules/mod_dav.so
    LoadModule dav_svn_module modules/mod_dav_svn.so
    LoadModule authz_svn_module modules/mod_authz_svn.so
    LoadModule authn_alias_module modules/mod_authn_alias.so
    

    Assumptions:

    • I am usual to configure subversion in /srv/svn folder.
    • The users allowed to access the SVN have to belong to the LDAP group CN=SVN-AUTHORIZATION,OU=Groups GSO,DC=test,DC=example,DC=com

    Edit /etc/apache2/mods-enabled/dav_svn.conf (this is valid for Ubuntu. Maybe in other distributions this file is placed somewhere else) and make sure to have the following lines:

    <Location /svn/>
      # Enable svn over webdav
      DAV svn
      # Set parent path for multiple repositories
      SVNParentPath /srv/svn/
      # Set authentication type
      AuthType Basic
      # Set authentication name
      AuthName "FLR Subversion Repository"
      # Set authorization (permissions) file
      AuthzSVNAccessFile /etc/apache2/dav_svn.authz
      # Allow to list the parent path
      SVNListParentPath On
      # Use LDAP for authentication
      AuthBasicProvider ldap
      # LDAP server is authoritative (so is the final step for autentication)
      AuthzLDAPAuthoritative On
      # LDAP bind user
      AuthLDAPBindDN "CN=svnbind,OU=Users OS,DC=test,DC=example,DC=com"
      # LDAP bind password
      AuthLDAPBindPassword mypassword
      # LDAP URL
      AuthLDAPUrl "ldap://ldap_ip_address:389/DC=test,DC=example,DC=com?sAMAccountName?sub?(&(&(objectClass=user)(objectCategory=person))(memberof=CN=SVN-AUTHORIZATION,OU=Groups GSO,DC=test,DC=example,DC=com))"
    
      # A valid user is required
      Require valid-user
    </Location>
    
  3. Create the permission file /etc/apache2/dav_svn.authz It will have the following content based on your needing:

    [groups]
    admin = matteo
    group1 = user1, user2, user3
    group2 = user2
    group3 = user4
    
    ###################################
    [/]
    * = r
    @admin = rw
    ###################################
    [repository1:/]
    * = rw
    ###################################
    [repository2:/]
    * =
    @admin = rw
    @group1 = rw
    ###################################
    [repository3:/]
    * =
    @admin = rw
    @group2 = rw
    @group1 = r
    ###################################
    [repository4:/]
    * = r
    @admin = rw
    [repository4:/trunk/sources]
    * = r
    @admin = rw
    @group3 = rw
    ###################################</pre>
    

    Now restart apache with

    /etc/init.d/apache2 restart
    
  4. Create repositories. As root issue the following commands:

    cd /srv/svn
    svnadmin create repository1
    chown www-data.www-data -R repository1
    svnadmin create repository2
    chown www-data.www-data -R repository2
    svnadmin create repository3
    chown www-data.www-data -R repository3
    svnadmin create repository4
    chown www-data.www-data -R repository4
    

You are now ready to use your new subversion repository with LDAP account, webdav access and custom user/group directory restrictions.


Speed-up your virtual machine created with VMware Player

vmware logo

If your virtual machine created with VMware Player becomes very slow and takes a long time to complete some operations it’s time to improve its performance! Close your VM, and open the *.vmx file with a text editor. Then add at the end of the file the following lines:

mainMem.useNamedFile = "FALSE"
sched.mem.pshare.enable = "FALSE"
MemTrimRate = 0
MemAllowAutoScaleDown = "FALSE"
prefvmx.useRecommendedLockedMemSize = "TRUE"
prefvmx.minVmMemPct = "100"

Make sure to not duplicate the keywords (in case you already have some lines set) otherwise the VM will not start. The above lines totally reserve the memory requested by the VM to the guest system and avoid to continuously ask to the host (and so to the swap file) for new memory chunks.

Try yourself and give me a feedback!


PHP Fatal error with PhpMyAdmin and APC

If you are running PhpMyAdmin and APC, it can happens that you get some errors like these:

PHP Fatal error:  Call to undefined function PMA_log_user() in /usr/share/webapps/phpMyAdmin/libraries/common.inc.php on line 914
PHP Fatal error:  Call to undefined function PMA_select_language() in /usr/share/webapps/phpMyAdmin/libraries/auth/cookie.auth.lib.php on line 220
PHP Fatal error:  Call to undefined function pma_generate_common_url() in /usr/share/webapps/phpMyAdmin/libraries/header_meta_style.inc.php on line 48
PHP Fatal error:  Call to undefined function PMA_DBI_connect() in /srv/http/librolandia.it/test/phpmyadmin/libraries/common.inc.php on line 916
PHP Fatal error:  Class 'PMA_Error_Handler' not found in /path/to/phpMyAdmin/libraries/common.inc.php on line 58
PHP Fatal error:  Call to undefined function PMA_getenv() in /path/to/phpMyAdmin/libraries/common.inc.php on line 143

If this is the case, you need to make some little changes to disable apc in your phpmyadmin virtual host:

Alias /phpmyadmin "/usr/share/webapps/phpMyAdmin"
<Directory "/usr/share/webapps/phpMyAdmin">
      AllowOverride All
      Options FollowSymlinks
      Order allow,deny
      Allow from all
      php_admin_value open_basedir "/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:/usr/share/pear/"
      php_admin_value apc.enabled 0
</Directory>

And also modify your apc filter in php.ini under the APC section:

[APC]
apc.filter="-/usr/share/webapps/phpMyAdmin/.*"

Now restart Apache and you phpMyAdmin should work regularly.


Extract u-boot multi-file image in Python

This simple piece of code shows how to extract/decompress a u-boot multi-file image created with mkimage using Python. The image format is very simple:

64 bytes of image header.
4 bytes for the size of first image.
4 bytes for the size of second image.
...
4 bytes of zeros for termination.
image1.
image2.
...

You need to remember also that each image is padded to 4 bytes.


PySide Signals and Slots with QThread example

In these days I started studying PySide. After some days spent in reading lot of stuff, I thought that a real example could be useful for who intends to start learning PySide as well. In this example I can show you how you can implement a custom signal (MySignal) together with the usage of threads with QThread.

The following code creates a window with two buttons: the first starts and stop a thread (MyThread) that runs a batch that prints a point in the stdout every seconds continuously. The second button lets you only start another thread (MyLongThread) that prints an asterisk in the stdout every second for 10 seconds.

This example uses the api version 2 (introduced with PyQt 4.5) to connect signals to slots.

For more information you can look at:


Export MySQL table in CSV format using PHP

The following PHP code is intended to be used to export a MySQL table in CSV format in order to be used with MS Excel.