Technology Tales

Adventures & experiences in contemporary technology

Running cron jobs using the www-data system account

22nd December 2018

When you set up your own web server or use a private server (virtual or physical), you will find that web servers run using the www-data account. That means that website files need to be accessible to that system account if not owned by it. The latter is mandatory if you you want WordPress to be able to update itself with needing FTP details.

It also means that you probably need scheduled jobs to be executed using the privileges possess by the www-data account. For instance, I use WP-CLI to automate spam removal and updates to plugins, themes and WordPress itself. Spam removal can be done without the www-data account but the updates need file access and cannot be completed without this. Therefore, I got interested in setting up cron jobs to run under that account and the following command helps to address this:

sudo -u www-data crontab -e

For that to work, your own account needs to be listed in /etc/sudoers or be assigned to the sudo group in /etc/group. If it is either of those, then entering your own password will open the cron file for www-data and it can be edited as for any other account. Closing and saving the session will update cron with the new job details.

In fact, the same approach can be taken for a variety of commands where files only can be access using www-data. This includes copying, pasting and deleting files as well as executing WP-CLI commands. The latter issues a striking message if you run a command using the root account, a pervasive temptation given what it allows. Any alternative to the latter has to be better from a security standpoint.

Free Software Foundation Approved Distros

2nd November 2023

Not all software in Linux distributions necessarily is free or libre software. After all, most of us want to play MP3 files and I am as guilty of this as many. Then, some proprietary drivers are included with some of them baked into Linux kernels as well. All of this may make Linux easier to use but it will not please some. Hence, the Free Software Foundation (FSF) has a list of distros satisfying their guidelines and some of these are below.

Dragora

Simplicity is the apparent hallmark here.

Dyne:bolic

This is a free-software-compliant multimedia distro that proves that such things can be done without the use of proprietary codecs.

Guix System

It now appears that the GNU project now has its very own Linux distro built around the Guix (pronounced “geeks”) package manager and using the Guile programming language. The website and the screenshots look swish so it might be worth trying this out for real, and there may be a version using the Hurd kernel yet, though Linux-libre is the only option for now.

Hyperbola

This project is working with two bases: Linux-libre and BSD. The first is a derivative or Arch Linux that roots out so many non-free packages that you wonder if they might go too far. It also takes the long-term support approach so they do not have to adjust things every time something changes in Arch.

libreCMC

This results from the combination of two distinct projects that shared one common characteristic: use in embedded devices like routers, not for installing on PC’s. That may seem like a minority interest to me but we all have different needs.

Parabola

Here, Arch also is the basis with freedom as the byword. While the basis is a rolling distro, this is a long-term support offering.

ProteanOS

What we have here is another Linux distro that can be embedded on different devices and is kept lightweight to ensure universality.

PureOS

The social purpose hardware company Purism is involved in this effort, hence the naming. The distro itself is based on Debian and appears to be intended for a range of hardware, from phones to tablets to PC’s. Naturally, ISO installation images can be downloaded as well.

Trisquel

Think of this as Ubuntu with only Free Software included and you have the point of this distro. Given that Richard Stallman of the FSF has been known to like it, meeting that goal seems to be assured now.

Ututo

This was the first distro that the FSF rated for software freedom and hails from Argentina. Unfortunately, there appears to have been a lull in activity since 2107, so it is difficult to know if this remains viable.

Uses for symbolic links

24th April 2007

UNIX (and Linux) does a wonderful trick with its file and folder shortcuts; it effectively treats them as file and folder transporters that transfer associate a file or folder that exists in one folder hierarchy with another and it is treated as if it exists in that hierarchy too. For example, the images folder under /www/htdocs/blog can have a link under /www/htdocs/ that makes it appear that its contents exist in both places without any file duplication. For instance, the pwd command cannot tell a folder from a folder shortcut. To achieve this, I use what are called symbolic links and the following command achieves the outcome in the example:

ln -s /www/htdocs/blog/images /www/htdocs/images

The first file path is the destination for the link while the second one is that for the link itself. I had a problem with Google Reader not showing up images in its feed displays so symbolic links rode to the rescue as they did for resolve a similar conundrum that I was encountering when editing posts in my hillwalking blog.

Refurbished Computers

12th July 2014

Refurbished Computers

While I never have been a home user of refurbished or second hand kit, there are those who do and there do appear to be some bargains to be had. For some reason, I get the sense that computing and photographic hardware seems to heading more upmarket as time goes on so it may be that this becomes the only way of getting cheaper computers unless you stick with Chromebooks and their like. Interestingly, the now defunct Micro Mart magazine did a feature on the subject and even Apple has legitimised the idea with its presence.

Manufacturers

Apple

With the premium reputation that Apple has, the chance of bagging any sort of a bargain from them is too good to overlook and they have had a refurbished goods store for longer than many. There are no iPhones here but Macs, iPads and iPods are made available in this way so it is worth a look. The chance of a cheaper Mac of some sort is a tempting idea.

Dell

A colleague of mine at work swears by this so much that it is where he looked when buying a laptop for his father. There are home and business sections too so even servers are available along with laptop and desktop PC’s as well as tablets.

Resellers

eBuyer

This is a computer kit reseller who I have never used so far but there have been qualms expressed about their customer service. Like many, they too have a clearance section so it may be worth a look if fancy taking a little risk.

Morgan

The mainstay of this lot are pre-used computers and they have been around a while too, even if they disappeared from the web for a while at one stage. They also had a shop near Manchester’s Piccadilly train station though I am left wondering if any of the apparent bargains tempted anyone.

Specialists

Giga Refurb
MicroDream
Pure IT Refurbished
Tier1online.com
Itzoo

These have the quality of their work approved by Microsoft themselves so there should be some confidence here. With Microsoft having put Windows XP out to grass, Windows 7 is being promoted on machines with at least Intel Core 2 Duo CPU’s and prices can be very reasonable too.

Work locally, update remotely

4th December 2008

Here’s a trick that might have its uses: using a local WordPress instance to update your online blog (yes, there are plenty of applications that promise to edit your online blog but these need file permissions to the likes of xmlrpc.php to be opened up). Along with the right database access credentials and the ability to log in remotely, adding the following two lines to wp-config.php does the trick:

define('WP_SITEURL', 'http://localhost/blog');

define('WP_HOME', 'http://localhost/blog');

These two constants override what is in the database and allow to update the online database from your own PC using WordPress running on a local web server (Apache or otherwise). One thing to remember here is that both online and offline directory structures are similar. For example, if your online WordPress files are in blog in the root of the online web server file system (typically htdocs for Linux), then they need to be contained in the same directory in the root of the offline server too. Otherwise, things could get confusing and perhaps messy. Another thing to consider is that you are modifying your online blog so the usual rules about care and attention apply, particularly with respect to using the same version of WordPress both locally and remotely. This is especially a concern if you, like me, run development versions of WordPress to see if there are any upheavals ahead of us like the overhaul that is coming in with WordPress 2.7.

An alternative use of this same trick is to keep a local copy of your online database in case of any problems while using a local WordPress instance to work with it. I used to have to edit the database backup directly (on my main Ubuntu system), first with GEdit but then using a sed command like the following:

sed -e s/www\.onlinewebsite\.com/localhost/g backup.sql > backup_l.sql

The -e switch uses regular expression substitution that follows it to edit the input with the output being directed to a new file. It’s slicker than the interactive GEdit route but has been made redundant by defining constants for a local WordPress installation as described above.

Cheaper retail Vista?

2nd February 2007

Brain Livingston has described an intriguing way to go using the retail Upgrade editions of Vista to do a fresh installation without having either windows 2000 or XP installed in the latest edition (free – there is a paid version but I veer away from information overload) of the Windows Secrets email newsletter: install it twice! After the first time around, it cannot be activated because there is no previous version of Windows installed but it is possible to do a Vista to Vista "upgrade", the second installation, and that can be activated. It is strange behaviour but I suppose that it placates those who think that the full retail packages are far too expensive. They even think that in the U.S.; but "rip off" Britain is getting a lot worse deal because we are not seeing the benefits of the low dollar at all. If right was right, we should be getting Vista at half of the price that we are paying for it. It’s enough to drive you to going the OEM option or not upgrading at all, especially since XP is going to be supported until 2011 (I have seen 2014 mentioned in some places). Livingston is going to cover the whole OEM discussion in the next edition of Windows Secrets and I for one will be very interested to see what he has to say.

Relocating the Apache web server document root directory in Fedora 12

9th April 2010

So as not to deface anything that is available online on the web, I have a tendency to set up an offline Apache server on a home PC to do any tinkering away from the eyes of the unsuspecting public. Though Ubuntu is my mainstay for home computing, I do have a PC with Fedora installed and I have been trying to get an Apache instance starting automatically on there without success for a few months. While I can start it by running the following command as root, I’d rather not have more manual steps than is necessary.

httpd -k start

The command used by the system when it starts is different and, even when manually run as root, it failed with messages saying that it couldn’t find the directory while the web server files are stored. Here it is:

service httpd start

The default document root location on any Linux distribution that I have seen is /var/www and all is very well with this but it isn’t a safe place to leave things if ever a re-installation is needed. Having needed to wipe /var after having it on a separate disk or partition for the sake of one installation, it doesn’t look so persistent to me. In contrast, you can safeguard /home by having it on another disk or in a dedicated partition and it can be retained even when you change the distro that you’re using. Thus, I have got into the habit of having the root of the web server document root folder in my home area and that is where I have been seeing the problem.

Because of the access message, I tried using chmod and chgrp but to no avail. The remedy has to do with reassigning the security contexts used by SELinux. In Fedora, Apache will not work with the context user_home_t that is usually associated with home directories but needs httpd_sys_content_t instead. To find out what contexts are associated with particular folders, issue the following command:

ls -Z

The final solution was to create a user account whose home directory hosts the root of the web server file system, called www in my case. Then, I executed the following command as root to get things going:

chcon -R -h -t httpd_sys_content_t /home/www

It seems that even the root of the home directory has to have an appropriate security context (/home has home_root_t so that might do the needful too). Without that, nothing will work even if all is well at the next level down. The switches for chcon command translate as follows:

-R : recursive; applies changes to all files and folders within a directory.

-h : changes apply only to symbolic links and not to where they refer in the file system.

-t : alters context type.

It took a while for all of this stuff about SELinux security contexts to percolate through to the point where I was able to solve the problem. A spot of further inspiration was needed too and even guided my search for the information that I needed. It’s well worth trying Linux Home Networking if you need more information. There are references to an earlier release of Fedora but the content still applies to later versions of Fedora right up to the current release if my experience is typical.

Online learning

18th April 2021

Recently, I shared my thoughts on learning new computing languages by oneself using books, online research and personal practice. As successful as that can be, there remains a place for getting some actual instruction as well. Maybe that is why so many turn to YouTube, where there is a multitude of video channels offering such possibilities without cost. What I have also discovered is that this is complemented by a host of other providers whose services attract a fee, and there will be a few of those mentioned later in this post. Paying for online courses does mean that you can get the benefit of curation and an added assurance of quality in what appears to be a growing market.

The variation in quality can dog the YouTube approach, and it also can be tricky to find something good, even if the platform does suggest new videos based on what you have been watching. Much of what is found there does take the form of webinars from the likes of the Why R? Foundation, Posit or the NHSR Community. These can be useful, and there are shorter videos from such providers as the Association of Computing Machinery or SAS Users. These do help more if you already have some knowledge about the topic area being discussed, so they may not make the best starting points for someone who is starting from scratch.

Of course, working your way through a good book will help, and it is something that I have been known to do, but supplementing this with one or more video courses really adds to the experience and I have done a few of these on LinkedIn. That part of the professional platform came from the acquisition of Lynda.com and the topic areas range from soft skills like time management through to computing skills courses with R, SAS and Python seeing coverage among the data science portfolio. Even O’Reilly has ventured into the area in an expansion from the book publishing activities for which so many of us know the organisation.

The available online instructor community does not stop at the above since there are others like Degreed, Baeldung, Udacity, Programiz, Udemy, Business Science and Datanovia. Some of these tend towards online education provision that feels more like an online university course and those are numerous as well as you will find through Data Science Central or KDNuggets. Both of these earn income from advertising to pay for featured blog posts and newsletters, while the former also organises regular webinars and was my first port of call when I became curious about the world of data science during the autumn of 2017.

My point of approach into the world of online training has been as a freelance information professional needing to keep up to date with a rapidly changing field. The mix of content that is both free of charge and that which attracts a fee is one that can work. Both kinds do complement each other while possessing their unique advantages and disadvantages. The need to continually expand skills and knowledge never goes away, so it is well worth spending some time working what you are after, since you need to be sure that any training always adds to your own knowledge and skill level.

Why are there no savings on buying software using electronic distribution, Adobe?

15th March 2007

If you ever potter over to Adobe’s online software store, a curious anomaly awaits you: electronic download editions of their software are never cheaper than the equivalent boxed versions. In fact, there are cases where the electronic version costs more than the boxed one. One would have thought that ditching the box, the disc(s) and whatever accompanies them would save Adobe money and they would pass this onto you but it does not seem to make its way into the pricing for some reason. Another thing is that selling direct should allow Adobe to undercut retailers and make more money from their software but it is the likes of Amazon that have the better prices. Whatever way you look at it, you have to admit that this pricing model doesn’t make a lot of sense.

Tidying dynamic URL’s

15th June 2007

A few years back, I came across a very nice article discussing how you would make a dynamic URL more palatable to a search engine and I made good use of its content for my online photo gallery. The premise was that URL’s that look like that below are no help to search engines indexing a website. Though this is received wisdom in some quarters, it doesn’t seem to have done much to stall the rise of WordPress as a blogging platform.

http://www.mywebsite.com/serversidescript.php?id=394

That said, WordPress does offer a friendlier URL display option too and you can see this in use on this blog; they look a little like the example URL that you see below, and the approach is equally valid for both Perl and PHP. I have been using the same approach for the Perl scripts powering my online phone gallery and now want to apply the same thinking to a gallery written in PHP:

http://www.mywebsite.com/serversidescript.pl/id/394

The way that both expressions work is that a web server will chop pieces from a URL until it reaches a physical file. For a query URL, the extra information after the question mark is retained in its QUERY_STRING variable while extraneous directory path information is passed in the variable PATH_INFO. For both Perl and PHP, these are extracted from the entries in an array; for Perl, this array is called is $ENV and $_SERVER is the PHP equivalent. Thus, $ENV{QUERY_STRING} and $_SERVER{‘QUERY_STRING’} traps what comes after the “?” while $ENV{PATH_INFO} and $_SERVER{‘PATH_INFO’} picks up the extra information following the file name (the “/id/394/” in the example). From there on, the usual rules apply regarding cleaning of any input but changing from one to another should be too arduous.

« Older Entries «

  • All the views that you find expressed on here in postings and articles are mine alone and not those of any organisation with which I have any association, through work or otherwise. As regards editorial policy, whatever appears here is entirely of my own choice and not that of any other person or organisation.

  • Please note that everything you find here is copyrighted material. The content may be available to read without charge and without advertising but it is not to be reproduced without attribution. As it happens, a number of the images are sourced from stock libraries like iStockPhoto so they certainly are not for abstraction.

  • With regards to any comments left on the site, I expect them to be civil in tone of voice and reserve the right to reject any that are either inappropriate or irrelevant. Comment review is subject to automated processing as well as manual inspection but whatever is said is the sole responsibility of the individual contributor.

Copyright © 2007-2024, TechnologyTales.com