Archives: April 2014

Linux: display images type and size in command line

Front-end developers probably often need to verify the properties of some images like their type or their dimensions. To avoid firing Gimp or similar software just for a quick look, GNU/Linux distributions1 offer as usual handy tools like identify, coming from the ImageMagick suite.

$ identify /home/didier/images/myimage.jpg
/home/didier/images/myimage.jpg JPEG 502x482 502x482+0+0 8-bit sRGB 31.7KB 0.000u 0:00.000

You can of course use glob patterns to display several images at once:

$ identify /home/didier/images/gnulinuxrocks*
/home/didier/images/gnulinuxrocks.png PNG 54x84 54x84+0+0 8-bit sRGB 190c 1.6KB 0.000u 0:00.000
/home/didier/images/gnulinuxrocks-even-more.png[1] PNG 42x84 42x84+0+0 8-bit sRGB 187c 1.5KB 0.000u 0:00.000
/home/didier/images/gnulinuxrocks-arch-logo.jpg[2] JPEG 396x140 396x140+0+0 8-bit sRGB 7.14KB 0.000u 0:00.000

Don't forget to check the manual for many more options.

$ man identify

1 I know, ImageMagick is available on other operating systems but I prefer trolling... though installing it on a GNU/Linux distribution with a package manager is way simpler and safer!

Apache: enable HTTPS

To enable HTTP Secure (HTTPS) on Apache, we first enable the modules called mod_ssl and mod_socache_shmcb in the main Apache configuration file, located at /etc/httpd/conf/httpd.conf:

LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so

We include SSL own configuration file:

# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf

In this file, we also set a document root (or keep the default path depending on where we put our web application) and a server name. We use the default 443 port.

DocumentRoot "/srv/http/secure_application"
ServerName localhost:443

We can also edit the path to our certificate files but I kept mines at the default location:

SSLCertificateFile "/etc/httpd/conf/server.crt"
[...]
SSLCertificateKeyFile "/etc/httpd/conf/server.key"

Finally we need to get or generate our certificate. I have created a self-signed one for my development environment but it is not recommended on live servers. As written above, I kept the default path so in this example we are going to create our certificate in that folder. We start by generating our key:

$ cd /etc/httpd/conf/
$ sudo openssl genrsa -out server.key 4096
Generating RSA private key, 4096 bit long modulus [...]

This is our private key so we need to restrict permissions to make sure no one else can read it:

$ sudo chmod 600 server.key

Then we need to generate the Certificate Signing Requests (CSR). We are prompted for a few informations which can be left blank but the important one is Common Name, which must be the domain of our site like www.drkdidel.be or *.drkdidel.be. But for our development environment, we just write localhost.

$ sudo openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated into your certificate request.
[...]
Common Name (e.g. server FQDN or YOUR name) []:localhost

Finally we generate our certificate and restart Apache:

$ sudo openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
$ sudo systemctl restart httpd.service

Now we can browse to https://localhost/ and make the browser display a worrying alert:

Warning message displayed by Firefox

This is caused by our self-signed certificate which has no security value (if you see this on a live website, you should follow the advice of "Getting out of here!"). In Firefox, we can click on "I Understand the Risks" then on the "Add Exception..." button. This will display a pop-up window where we can tell Firefox to not bother us again when accessing our server. Check "Permanently store this exception" then click "Confirm Security Exception" which will close the pop-up and reload the page:

Pop-up window "Add Security Exception"

Upgrade Apache to 2.4 from 2.2 on Arch Linux, using PHP-FPM

Since the first article, more than six weeks ago, Apache has been updated to version 2.4.9 which allows for a simpler configuration with php-fpm, mod_proxy_fcgi and mod_proxy_handler.

The following setup does not use mod_php, which requires mod_mpm_prefork and ProxyPassMatch directives as shown in my first article.

First, install php-fpm and mod_proxy_handler (the latter comes from AUR).

# yaourt -S php-fpm mod_proxy_handler

Then update /etc/php/php-fpm.conf:

listen = 127.0.0.1:9000
;listen = /run/php-fpm/php-fpm.sock
[...]
listen.allowed_clients = 127.0.0.1

In the main Apache configuration file located at /etc/httpd/conf/httpd.conf, no more need to use mpm_prefork_module and ProxyPassMatch. Just append the following:

LoadModule proxy_handler_module modules/mod_proxy_handler.so
<filesmatch .php="">
    SetHandler "proxy:fcgi://127.0.0.1:9000/"
</filesmatch>

Verify that the following line is active (uncommented) as it should be by default:

LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so

Edit the dir_module directive:

<ifmodule dir_module="">
    DirectoryIndex index.php index.html
</ifmodule>

Remove or comment out the php module if you had it in your old config:

#LoadModule php5_module modules/libphp5.so
#Include conf/extra/php5_module.conf

Restart apache and php-fpm:

# systemctl restart httpd.service php-fpm.service

If it is your first installation of php-fpm and you use Apache often, you might want to start its daemon automatically:

# systemctl enable php-fpm.service

Source

Governments all over the world try to control and use Internet against their people as a tool of mass surveillance. Instead, it should be considered as our common good. Universal access should be the top priority and Net Neutrality protected at all cost. Here is the direct link to the petition.

MariaDB / MySQL: generate a row number

There is currently no built-in method to return row numbers. The solution is to use a variable which is incremented in each row, like this:

@currentRow := @currentRow + 1 AS rowNumber

We can use a JOIN statement to initialise the variable without SET:

JOIN (SELECT @currentRow := 0) row

Another notation, replacing JOIN with a comma:

, (SELECT @currentRow := 0) row

Here is an example of an entire query:

SELECT
    title,
    text,
    @currentRow := @currentRow + 1 AS rowNumber
FROM articles
JOIN (SELECT @currentRow := 0) row

Source