As an active user of cacert.org certificates I found that it can be quite cumbersome to have to repeat the adding of these certificates to the list of default trusted certificates in Java. Especially since this procedure has to be repeated every java update. To easy this burden I wrote a small script which I want to share with everyone. The script assumes that java is installed (somewhere) in the /usr directory and that the keytool command is in the active path....

It can happen that a postgres backup using pg_dump (or pg_dumpall) fails with a message like: pg_dump: schema with OID 849375 does not exist This can once in a while when data is not flushed properly between the transaction logs and the filesystem. The only way to solve them (after making a file level backup, for the just in case situations) is to search and delete the offending OID from the database....

Recently I changed a Samba installation from using the ‘classic’ file based backend to a newer ldap based backend, in a production environment. Following one of the many guides in the internet helped a lot, for this task I used most information from: https://help.ubuntu.com/community/LDAPClientAuthentication & http://raerek.blogspot.hu/2012/05/samba-pdc-on-ubuntu-1204-using-ldap_28.html The biggest problem I faced was that one error showed up during domain login from a terminalserver which prevented roaming profiles to work. The error was:...

Assume that you have a svn repository with branches, tags and trunk and you only want to run your jenkins-ci runs on the trunk repository. In that case you want te be sure that commits to branches / tags do not trigger a testrun, so the commit hook needs to take care of that. Below is an (yet untested) version of an commit hook that should take care of that. It will only trigger jenkins in the case of commits to a trunk subdirectory of a svn repo....

On the internet it is easy to find several references on how to use Jenkins-ci in combination with python. But most of the blogs that you can find depend on an ‘older’ module called SetEnv. This module does not exists anymore. But the bright side of this all is, that there is a new module that can be used with the name ShiningPanda Plugin This plugin does allow you to make a virtualenv environment to install the dependent modules is e....

More then a year ago I wrote a small patch for pyOpenSSL. This patch makes it possible to compare the modulus of both the private key and a public key, in order to confirm a cryptographic match between them. As I have not (yet) made some unit tests, this code is not in them main release. But as the code is in use in my companies systems, this blog will make it a bit more findable, and maybe more people are interested in this interface addition....

In the previous post I wrote about an application capable of storing key-value pairs in an hierarchical way. As this application has an rest interface to request the elements I also wrote an puppet hiera backend. This backend does allow one to use the key-value pairs defined in the application to be used in puppet manifests. This plugin can be found on github https://github.com/woutervb/hiera-central_property. The installation is quite simple, using the following steps:...

For a project I needed to have a central server that could hold key-value pairs. These key-value pairs are meant to be defined once in a hierarchie and have to potential to be overruled higher up in the hierarchie. So if we take a simple tree, using reverse dns names we get something like this: 1. nl 2. vanbommelonline 3. hostname At each of these levels I want to be able to define a parameter, which can be overwritten when the tree becomes more host specific....

After a few days of hacking the source-code I am proud to provide you all with a shorewall6 module for webmin. This module (rev 1) is included in the main development stream of webmin. The current version (rev 2) has been submitted moments ago. The development takes place using webmin and can be found here https://github.com/woutervb/webmin. But obviously one can also wait for the next webmin release to appear or use the main development branch from webmin itself (https://github....

Updating a SSD firmware might seem like a big step on linux, as the biggest audience for the ssd manufacturers are windows users. This means that a lot of tooling and documentation is around on the internet explaining on how todo this on a windows based system. In the case of OCZ the tool used to update the firmware is linux based, or at least there is a linux based version available....