Matteo Mattei

Hello, my name is Matteo Mattei and this is my personal website. I am computer engineer with a long experience in Linux system administration and web software development.

© 2006-2022 Matteo Mattei - all rights reserved.
VAT number: 06751410488. My blog code

linkedin rss twitter google+ github facebook

Subversion, webdav, LDAP and folder restrictions

calendar17 May 2012 authorMatteo Mattei tags svn ldap server ubuntu comments

If you need to configure a svn server on Linux with LDAP authentication, webdav and insert specific directory restrictions you can follow these instructions.

  1. You need to install subversion and apache in your Linux server (I will omit this part).

  2. You need to configure webdav to access svn over http and configure LDAP access.

    Make sure to have the following apache modules installed and configured:

    LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule dav_module modules/mod_dav.so
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
LoadModule authn_alias_module modules/mod_authn_alias.so

    Assumptions:

    • I am usual to configure subversion in /srv/svn folder.
    • The users allowed to access the SVN have to belong to the LDAP group CN=SVN-AUTHORIZATION,OU=Groups GSO,DC=test,DC=example,DC=com

    Edit /etc/apache2/mods-enabled/dav_svn.conf (this is valid for Ubuntu. Maybe in other distributions this file is placed somewhere else) and make sure to have the following lines:

    <Location /svn/>
  # Enable svn over webdav
  DAV svn
  # Set parent path for multiple repositories
  SVNParentPath /srv/svn/
  # Set authentication type
  AuthType Basic
  # Set authentication name
  AuthName "FLR Subversion Repository"
  # Set authorization (permissions) file
  AuthzSVNAccessFile /etc/apache2/dav_svn.authz
  # Allow to list the parent path
  SVNListParentPath On
  # Use LDAP for authentication
  AuthBasicProvider ldap
  # LDAP server is authoritative (so is the final step for autentication)
  AuthzLDAPAuthoritative On
  # LDAP bind user
  AuthLDAPBindDN "CN=svnbind,OU=Users OS,DC=test,DC=example,DC=com"
  # LDAP bind password
  AuthLDAPBindPassword mypassword
  # LDAP URL
  AuthLDAPUrl "ldap://ldap_ip_address:389/DC=test,DC=example,DC=com?sAMAccountName?sub?(&(&(objectClass=user)(objectCategory=person))(memberof=CN=SVN-AUTHORIZATION,OU=Groups GSO,DC=test,DC=example,DC=com))"

  # A valid user is required
  Require valid-user
</Location>

  3. Create the permission file /etc/apache2/dav_svn.authz It will have the following content based on your needing:

    [groups]
admin = matteo
group1 = user1, user2, user3
group2 = user2
group3 = user4

###################################
[/]
* = r
@admin = rw
###################################
[repository1:/]
* = rw
###################################
[repository2:/]
* =
@admin = rw
@group1 = rw
###################################
[repository3:/]
* =
@admin = rw
@group2 = rw
@group1 = r
###################################
[repository4:/]
* = r
@admin = rw
[repository4:/trunk/sources]
* = r
@admin = rw
@group3 = rw
###################################</pre>

    Now restart apache with

    /etc/init.d/apache2 restart

  4. Create repositories. As root issue the following commands:

    cd /srv/svn
svnadmin create repository1
chown www-data.www-data -R repository1
svnadmin create repository2
chown www-data.www-data -R repository2
svnadmin create repository3
chown www-data.www-data -R repository3
svnadmin create repository4
chown www-data.www-data -R repository4

You are now ready to use your new subversion repository with LDAP account, webdav access and custom user/group directory restrictions.

Speed-up your virtual machine created with VMware Player

calendar20 Mar 2012 authorMatteo Mattei tags virtualization tricks vmware comments

vmware logo

If your virtual machine created with VMware Player becomes very slow and takes a long time to complete some operations it’s time to improve its performance! Close your VM, and open the *.vmx file with a text editor. Then add at the end of the file the following lines:

mainMem.useNamedFile = "FALSE"
sched.mem.pshare.enable = "FALSE"
MemTrimRate = 0
MemAllowAutoScaleDown = "FALSE"
prefvmx.useRecommendedLockedMemSize = "TRUE"
prefvmx.minVmMemPct = "100"

Make sure to not duplicate the keywords (in case you already have some lines set) otherwise the VM will not start. The above lines totally reserve the memory requested by the VM to the guest system and avoid to continuously ask to the host (and so to the swap file) for new memory chunks.

Try yourself and give me a feedback!

PHP Fatal error with PhpMyAdmin and APC

calendar26 Nov 2011 authorMatteo Mattei tags linux mysql php apc tricks comments

If you are running PhpMyAdmin and APC, it can happens that you get some errors like these:

PHP Fatal error:  Call to undefined function PMA_log_user() in /usr/share/webapps/phpMyAdmin/libraries/common.inc.php on line 914
PHP Fatal error:  Call to undefined function PMA_select_language() in /usr/share/webapps/phpMyAdmin/libraries/auth/cookie.auth.lib.php on line 220
PHP Fatal error:  Call to undefined function pma_generate_common_url() in /usr/share/webapps/phpMyAdmin/libraries/header_meta_style.inc.php on line 48
PHP Fatal error:  Call to undefined function PMA_DBI_connect() in /srv/http/librolandia.it/test/phpmyadmin/libraries/common.inc.php on line 916
PHP Fatal error:  Class 'PMA_Error_Handler' not found in /path/to/phpMyAdmin/libraries/common.inc.php on line 58
PHP Fatal error:  Call to undefined function PMA_getenv() in /path/to/phpMyAdmin/libraries/common.inc.php on line 143

If this is the case, you need to make some little changes to disable apc in your phpmyadmin virtual host:

Alias /phpmyadmin "/usr/share/webapps/phpMyAdmin"
<Directory "/usr/share/webapps/phpMyAdmin">
      AllowOverride All
      Options FollowSymlinks
      Order allow,deny
      Allow from all
      php_admin_value open_basedir "/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:/usr/share/pear/"
      php_admin_value apc.enabled 0
</Directory>

And also modify your apc filter in php.ini under the APC section:

[APC]
apc.filter="-/usr/share/webapps/phpMyAdmin/.*"

Now restart Apache and you phpMyAdmin should work regularly.

Extract u-boot multi-file image in Python

calendar25 Oct 2011 authorMatteo Mattei tags embedded linux python comments

This simple piece of code shows how to extract/decompress a u-boot multi-file image created with mkimage using Python. The image format is very simple:

64 bytes of image header.
4 bytes for the size of first image.
4 bytes for the size of second image.
...
4 bytes of zeros for termination.
image1.
image2.
...

You need to remember also that each image is padded to 4 bytes.

PySide Signals and Slots with QThread example

calendar28 Aug 2011 authorMatteo Mattei tags python pyside qt thread comments

In these days I started studying PySide. After some days spent in reading lot of stuff, I thought that a real example could be useful for who intends to start learning PySide as well. In this example I can show you how you can implement a custom signal (MySignal) together with the usage of threads with QThread.

The following code creates a window with two buttons: the first starts and stop a thread (MyThread) that runs a batch that prints a point in the stdout every seconds continuously. The second button lets you only start another thread (MyLongThread) that prints an asterisk in the stdout every second for 10 seconds.

This example uses the api version 2 (introduced with PyQt 4.5) to connect signals to slots.

For more information you can look at:

Export MySQL table in CSV format using PHP

calendar30 Jul 2011 authorMatteo Mattei tags linux mysql php backup dump comments

The following PHP code is intended to be used to export a MySQL table in CSV format in order to be used with MS Excel.