Apple’s OS X Leopard (10.5) had problems with accessing Samba shares. Most of them got fixed in late Leopard releases, 10.5.4/10.5.5. During the last Leopard releases the hope arose, that finally OS X will make it into office environments sharing Windows networks.

Then, Apple released Snow Leopard (10.6). Another step into the right direction by providing built-in support for Exchange Server and Google services. But what happened with SMB? The whole story started all over again. While Samba-shares worked pretty well on Leopard, in Snow Leopard all seemed to be messed up again.

Read the rest of this entry »

Last Tuesday I joined the Webtuesday Zurich meeting. David Zülke (project lead, Munich) gave a talk on Agavi Framework.

Agavi is a general purpose PHP application framework built around the Model-View-Controller architecture originally based on the Mojavi 3 Web application framework written by Sean Kerr. It provides a rich toolset that solves most of the routine problems in Web application development. (…)

There are some great ideas and programming techniques behind Agavi and a very bright engineering team. Congrats, David, that was a great presentation of a great project! Agavi is not yet well known in PHP community but you definitely should give it a try! There’s a well though-out architecture behind it.
There will be a webcast of David’s presentation available soon on Webtuesday Zurich.

Read the rest of this entry »

If you still got your Zend Framework project lying around with mixed charsets, it’s now time to clean this up! If you decide to switch to Unicode, change the character set everywhere throughout your project. There should no longer be any need of conversions as utf8_encode() or utf8_decode.
Here’s my quick step-by-step tutorial…

Read the rest of this entry »

EncFSVault provides a replacement for Apple’s FileVault. There are a lot of issues with FileVault. Personally I don’t like any proprietary software for security sensitive storage of my data. But the main reason I was not able to use FileVault was the fact that FileVault still doesn’t provide support for case sensitive HFS+ file systems as of OS X Leopard 10.5.6. That’s a shame!
My choice was EncFSVault. Good or bad choice?

Read the rest of this entry »

I collected some more Tips & Tricks to tweak OS X Leopard (also see my previous article). In my eyes, these modifications are all 100% necessary for a great daily Mac experience. I was a Windows guy and I’m running Debian/Ubuntu Linux for the last 7 years for server purposes. But now, for daily work I really start to get used to my MacBook Pro running OS X Leopard 10.5.6. I still hate Apple for lately focusing on its schicky-micky customers with all their shiny glossy expensive housewife gadgets. But I love OS X. It just needs some tiny little tweaks…

Read the rest of this entry »

In this tutorial I’d like to describe how to create an extensive sendmail wrapper for a web server to monitor all sent emails and throttle daily sent email volume by the senders original UID (user id). This is useful if you e.g. run PHP in CGI-mode with SuExec, that is: all customers run their scripts under their own UID. The wrapper described here is not just a PHP-only wrapper (as described in my Simple PHP mail wrapper tutorial) – it directly replaces /usr/sbin/sendmail so we are able track all sent email of the whole system.

Read the rest of this entry »

I have updated the process hiding kernel patch described in my previous post. The following patch was created for a vanilla kernel 2.6.27.10 from kernel.org. You should be able to patch also future kernel versions as it is a super simple single-line patch. Just modify one line in the proc_pid_instantiate method of fs/proc/base.c.

Read the rest of this entry »

If you run a webserver with several hundreds of virtual hosts running PHP, you definitely need to monitor or log the access to PHP’s mail() function. I describe in a short tutorial how to painlessly setup a simple sendmail wrapper to accomplish this.
This has been tested on a Debian Lenny 5.0 system running PHP 5.2.8 and Postfix.

Read the rest of this entry »

Currently all Linux kernel security patch projects seem to be sleeping. There is no useful kernel patch that provides us with a decent patch set allowing us to strengthen the Linux kernel. Some years ago I was using Grsecurity, a wonderful solution to enforce security on 2.4.x kernels at that time. The project seems to be pretty dead by now.

During the last months I was using RSBAC, a great set of security enhancements to the 2.6.x kernels. RSBAC seems to be a great project and I like the way they provide pre-patched vanilla kernels. But again, reaction time is way too slow. Root exploits for Linux kernels seem to appear all the time and force a server administrator to react fast. The lately published vmsplice root exploit made me give up on RSBAC as it’s just always a step behind. I decided to switch back to self compiled vanilla kernels from kernel.org.

Read the rest of this entry »

I strongly do NOT recommend to use Mac OS X Leopard in a productive environment!

The initial release 10.5 got launched on October 26, 2007. It contained a number of serious bugs which should have been addressed in the first upgrade. On November 15th Apple released the first major upgrade 10.5.1. Most people believe all serious bugs are squashed by now and start to use Leopard in productive environments. I would rather wait for 10.5.2 or even 10.5.3!

Here you’ll find an extensive article about the massive data loss bug in Leopard by Tom Karpik.
His tests are based on Leopard 10.5 and I didn’t find any information about this bug still persisting in 10.5.1. But I was pretty shocked about what happened to me last night…

Read the rest of this entry »

Warning: This article was written by a Windows/Linux User who just started to switch to OS X after a period of 10 macless years.

Two days ago I got my new Mac Mini and finally I’m serious about switching from Windows Vista to Mac OS X Leopard. It’s just too annoying to wait 4 years for a new Windows system which is worse than it’s predecessor and which might start to get useful as of SP1 which still is not out (my standby still does not work and I gave up on installing “SP1 beta pre-RC1″ – what the hell?!!). Vista is more like a blown-up XP that does everything worse than XP. I like its user interface but not if I need to sacrifice 50% of my CPU-power on a powerful IBM T60p.

My first impression of OS X Leopard: WOW!
My second impression: If you go with all the defaults, it works like a charm. If you want to get a bit further, OS X is no way easier to fine tune as a Windows OS but still much easier as tuning a Linux.
My conclusion: Cool, Leopard rocks! But hey, be realistic, each OS got his pros and cons.

Here are my Tips & Tricks of the last two days…
Read the rest of this entry »

I have upgraded Debian from Sarge to Etch on various systems and did not run into any problems. Well done, Debian guys!
The following tutorial is based on Tim Bormann’s tutorial. I give you a quick-and-dirty insight how I have done it.
Before you start, make sure you got plenty of time (an upgrade may take anything between 30 minutes and 3 hrs) and backup at least your system configuration:
Read the rest of this entry »