Wednesday, July 18, 2007

Howto: Install and configure LDAP Server (slapd) with TLS in Gentoo

1.1. Install openldap on gentoo

# emerge openldap pam_ldap nss_ldap
# chown ldap:ldap /var/lib/openldap-ldbm /var/lib/openldap-data /var/lib/openldap-slurp

1.2. /etc/openldap/slapd.conf

include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema

### "#echo rootpw `slappasswd -h {SSHA}` >> /etc/openldap/slapd.conf" to generate a password with SSHA crypt

password-hash {SSHA}

# Define SSL and TLS properties
TLSCertificateFile /etc/ssl/ldap.pem
TLSCertificateKeyFile /etc/openldap/ssl/ldap-key.pem
TLSCACertificateFile /etc/ssl/ldap.pem

database bdb # use bdb as backend database
suffix "dc=example, dc=com"
directory /var/lib/openldap-data
rootdn "cn=Manager, dc=example, dc=com"
rootpw {SSHA}ksjdlfjsdlfjslfkjsdlfjl
checkpoint 1024 5

# index
index cn,sn,uid pres,eq,approx,sub
index objectClass eq

# then setup access rules...:
access to attrs=userPassword
by self write
by anonymous auth
by dn.base="cn=Manager,dc=example, dc=com" write
by * none
access to *
by self write
by dn.base="cn=Manager,dc=example,dc=com" write
by * read

1.3. /etc/openldap/ldap.conf

BASE         dc=example, dc=com
URI ldaps://server_host[change it to server]:636/

1.4. Genertate SSL certificate

# cd /etc/ssl
# openssl req -config /etc/ssl/openssl.cnf -new -x509 -nodes -out ldap.pem -keyout /etc/openldap/ssl/ldap-key.pem -days 999999
# chown ldap:ldap /etc/openldap/ssl/ldap.pem

1.5. Modify /etc/conf.d/slapd

OPTS="-h 'ldaps:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'"

1.6. Start slapd

/etc/init.d/slapd start

If success, with this command to test connection, "-d 5" is for debug:

ldapsearch -D "cn=Manager,dc=example,dc=com" -W -d 5

1.7. Autostart slapd service at Systemstart

rc-update slapd default add

1.8. Some issues

  • command "slaptest" for verify slapd.conf
  • if id3entry.bdb not found, try "slapadd"
  • recover DB: db4.3_recover -h .
  • useful log: /var/log/messages

Monday, July 16, 2007


The wmctrl program is a UNIX/Linux command line tool to interact with an EWMH/NetWM compatible X Window Manager.

zenity - display GTK+ dialogs

zenity is a program that will display GTK+ dialogs, and return (either in the return code, or on standard output) the users input. This allows you to present information, and ask for information from the user, from all manner of shell scripts.

For example, zenity --question will return either 0 or 1, depending on whether the user pressed OK or Cancel. zenity --entry will output on standard output what the user typed into the text entry field.

Comprehensive documentation is available in the GNOME Help Browser, under GNOME/Utilities.


Display a file selector with the title Select a file to remove. The file selected is returned on standard output.

zenity --title="Select a file to remove" --file-selection

Display a text entry dialog with the title Select Host and the text Select the host you would like to flood-ping. The entered text is returned on standard output.

zenity --title "Select Host" --entry --text "Select the host you would like to flood-ping"

Display a dialog, asking Microsoft Windows has been found! Would you like to remove it?. The return code will be 0 (true in shell) if OK is selected, and 1 (false) if Cancel is selected.

zenity --question --title "Alert" --text "Microsoft Windows has been found! Would you like to remove it?"

Show the search results in a list dialog with the title Search Results and the text Finding all header files....

find . -name '*.h' | zenity --title "Search Results" --text "Finding all header files.." --column "Files"

Display a weekly shopping list in a check list dialog with Apples and Oranges pre selected

zenity --list --checklist --column "Buy" --column "Item" TRUE Apples TRUE Oranges FALSE Pears FALSE Toothpaste

Display a progress dialog while searching for all the postscript files in your home directory find `echo $HOME` '*.ps' | zenity --progress --pulsate


Devil’s Pie can be configured to detect windows as they are created, and match the window to a set of rules. If the window matches the rules, it can perform a series of actions on that window.

configuration files are in .devilspie folder, like firefox.ds. Code example:
(is (application_name) "Firefox")
(set_workspace 2)
Detail description and syntax here:

Tabbed rxvt

URxvt.perl-ext-common: default,tabbed 12 0
URxvt.tabbed.tabbar-fg: 4

Saturday, July 14, 2007

Bash tricks

bash vi keybind:
set -o vi in .bashrc

chinese locale but english console:
in /etc/environment

custom bash prompt with color:

export TERM=xterm-color

PS1='${debian_chroot:+($debian_chroot)}\[\033[0;35m\]\d - \u@\h:\w\[\033[0;33m\] :: '

in .bashrc

Wednesday, July 11, 2007

Wednesday, July 4, 2007

Determining Current Function Name

# use sys._getframe() -- it returns a frame object, whose attribute
# f_code is a code object, whose attribute co_name is the name:
import sys
this_function_name = sys._getframe().f_code.co_name

# the frame and code objects also offer other useful information:
this_line_number = sys._getframe().f_lineno
this_filename = sys._getframe().f_code.co_filename

# also, by calling sys._getframe(1), you can get this information
# for the *caller* of the current function. So you can package
# this functionality up into your own handy functions:
def whoami():
import sys
return sys._getframe(1).f_code.co_name

me = whoami()

# this uses argument 1, because the call to whoami is now frame 0.
# and similarly:
def callersname():
import sys
return sys._getframe(2).f_code.co_name

him = callersname()

Tuesday, July 3, 2007

RequestContext in Template

def some_view(request):
# ...
return render_to_response('my_template.html',

Here’s what each of the default processors does:


If TEMPLATE_CONTEXT_PROCESSORS contains this processor, every RequestContext will contain these three variables:

  • user — An auth.User instance representing the currently logged-in user (or an AnonymousUser instance, if the client isn’t logged in). See the user authentication docs.

  • messages — A list of messages (as strings) for the currently logged-in user. Behind the scenes, this calls request.user.get_and_delete_messages() for every request. That method collects the user’s messages and deletes them from the database.

    Note that messages are set with user.message_set.create. See the message docs for more.

  • perms — An instance of django.core.context_processors.PermWrapper, representing the permissions that the currently logged-in user has. See the permissions docs.


If TEMPLATE_CONTEXT_PROCESSORS contains this processor, every RequestContext will contain these two variables — but only if your DEBUG setting is set to True and the request’s IP address (request.META['REMOTE_ADDR']) is in the INTERNAL_IPS setting:

  • debugTrue. You can use this in templates to test whether you’re in DEBUG mode.
  • sql_queries — A list of {'sql': ..., 'time': ...} dictionaries, representing every SQL query that has happened so far during the request and how long it took. The list is in order by query.


If TEMPLATE_CONTEXT_PROCESSORS contains this processor, every RequestContext will contain these two variables:

See the internationalization docs for more.

If TEMPLATE_CONTEXT_PROCESSORS contains this processor, every RequestContext will contain a variable MEDIA_URL, providing the value of the MEDIA_URL setting.


If TEMPLATE_CONTEXT_PROCESSORS contains this processor, every RequestContext will contain a variable request, which is the current HttpRequest object. Note that this processor is not enabled by default; you’ll have to activate it.

Writing your own context processors

A context processor has a very simple interface: It’s just a Python function that takes one argument, an HttpRequest object, and returns a dictionary that gets added to the template context. Each context processor must return a dictionary.

Custom context processors can live anywhere in your code base. All Django cares about is that your custom context processors are pointed-to by your TEMPLATE_CONTEXT_PROCESSORS setting.

Mixin 和 Plugin

mixin 是统称,我又区分为Mixin和Plugin两种。

Mixin 是增加新东西或与原有的东西合并。比如向一个类增加属性或方法。
Plugin 相当于一个回调函数的扩展,它的调用入口一定是存在于某个方法中。举例来说:

class A(Mixin):
__mixinname__ = 'a'

def __init__(self):
self.callplugin('plugin1', args1, args2)
obj = self.execplugin('plugin2', args1, args2, args3)

上面的代码是一个slot class的例子,其中self.callplugin()和self.execplugin()是对于两种不同的Plugin的调用点。


class A:
def __init__(self):


def __init__(self):



def myplugin1(a, b):
print a, b
Mixin.setPlugin('a', 'plugin1', myyplugin1)


在执行callplugin和execplugin时不需要传入slot class
的__mixinname__,因为自已知道在调用Plugin时使用哪个slot class的Plugins。

Sunday, July 1, 2007

How to download a whole website?

wget -r http://address