Blogs

Norwegian BankID (used by most banks in Norway) uses a java applet for login.

The current combination of java, mac osx 10.8.x, applets and BankID is a mess.

Things to note:

• Java 1.6 from Apple removed support for web applets - so you'll need Oracle java 7
• Java 7 from Oracle will work - but - not in Chrome (Chrome doesn't support 64 bit java - Oracle don't provide 32 bit)
• Most BankID pages test to see if java is enabled - and after installing java - it still gives the java not installed or enabled error. The issue seems to be that you have to activate the plugin by loading an applet that doesn't test for support - for example the one on http://www.java.com/en/download/testjava.jsp prior to trying to log in to the bank
• BankID state that there is an issue in Firefox where the OK button does not get enabled - you can get around this by holding the CMD key in for a few seconds until it enables. This is claimed to be due to a bug between Firefox and java. Note that in my testing this is exactly the same issue in Safari and the same workaround works.

So - install Oracle java, go visit a test page - log in with a workaround to get OK buttons to enable and you might just be allowed to login to your bank.

The BankID applet needs to die.

Sources:

• http://support.apple.com/kb/DL1572?viewlocale=en_US
• https://www.bankid.no/Presse-og-nyheter/Nyhetsarkiv/2012/Mac-og-Java/
• https://www.bankid.no/Presse-og-nyheter/Nyhetsarkiv/2013/Apples-Safari-h...
• https://www.bankid.no/Presse-og-nyheter/Nyhetsarkiv/2013/Mac-brukere-kan...

I use twitter for various system stuff - and needed a way to get auth tokens for users for twitter oauth based apps.

Twitter provides PIN based authentication for this - you generate a URL based on the consumer token/secret - visit that - log in - get a PIN and use the PIN to generate the auth token/secret.

Attached is a simple ruby script to do just that.

It takes consumer_token and consumer_secret as command line params (in that order), generates the authorize URL and prints it - then waits for the PIN. Displays consumer and auth token info at the end.

This turned up as an issue when developing webapps.

If you set a fixed hostname (local.foo.bar for example) via an /etc/hosts alias to 127.0.0.1 (perhaps you need to have access to .foo.bar cookies or similar) then you can browse localhost via the local.foo.bar name.

However - when starting tomcat under java this gave an error on hostname/url. I've had the issue running tomcat 6 under java 7 - have had reports of tomcat 7 under java 6 also being an issue.

It turns out that Mac OSX takes the hostname given by DHCP - and this can change often.

Hmm - found today that my pulse elite headset wouldn't connect to the PS3. I don't use it often - so no idea when it last worked.

Reset method is a pin in the dongle for one sec then hold the vss/mode/mic mute buttons in while you turn on the headset - but it didn't help.

The really odd thing was that the headset stayed in connecting mode (2 rapid blue blinks every couple of secs even when you turn it off)

I've found exactly one post on the 'net that describes it:

http://community.us.playstation.com/t5/PlayStation-3/Pulse-wireless-head...

So - let's see if draining the battery helps.

In response to google turning off EAS support for free google apps accounts - the way to synchronize contacts/calendars has changed. You'll need a CalDAV and CardDAV config.

CalDAV: http://support.google.com/calendar/bin/answer.py?hl=no&answer=151674
CardDav: http://support.google.com/mail/bin/answer.py?hl=en&answer=2753077

iMessage has a setting whereby you can tell it to fall back to SMS if it isn't able to reach a data network or if the recipient isn't available via a data network.

For some reason - my iPhone5 wasn't doing this.

A list of things I need to remember when updating to Mountain Lion.

Struggling again to get a decent amount of entropy on a headless squeeze server.

My ReadyNAS (pro 6) had suddenly been set to 1992.

It seems that the NTP servers (FrontView > System > Clock) that I had time-a.netgear.com and time-c.netgear.com were way off base.

I set them to the debian NTP servers that I use (0.debian.pool.ntp.org and 1.debian.pool.ntp.org) and it fixed the datetime back again.

Not sure how to contact them - have sent an e-mail - we'll hope that it reaches the right people.

Was getting the error script 'nexus' missing LSB tags and overrides - found that someone had already done the work :)

http://mrexception.blogspot.com/2011/12/make-nexus-startup-script-lsb-co...

Have been seeing segmentation faults coming from "drush cron" runs recently.

Seems that the issue is related to a conflict between the curl and pgsql php components.

On debian - the php cli config loads the config files under /etc/php5/cli/conf.d

If it loads curl.so before it loads pgsql.so then when releasing a postgres connection it will segfault.

Workaround is simply to load pgsql first. Files in the conf.d directory are loaded alphabetically.

I always forget where this file is located - so just as a reminder ;)

To find the current JAVA_HOME for the current user (set by java preferences) run:

/usr/libexec/java_home

Details from http://developer.apple.com/library/mac/#qa/qa1170/_index.html

In munin 1.4 the number of plugins for postgres has increased. They are all based on the same perl module - Munin::Plugin::Pgsql

Many of them allow for suffixing the database name to the symlink in /etc/munin/plugins/ to run against a given db or to suffix ALL to run against all (this is standard munin behaviour - see the plugins that have a filename ending in _).

If you enable several databases on the same plugin - it does a lot of stuff to be specific but it wasn't changing the plugin title so all the graphs generated got the same title. Hard to know which db is which.

I found that if I insert this line

$pg->{title} = $pg->{title} . " " . $pg->wildcard_parameter();

just before the call to

$pg->Process();

then I get unique titles.

Not sure if this is handled in later versions (I am running this via the lenny-backports apt repo).

I had the need to split some mkv (matroska video) files on chapter marks.

I'd normally use handbrake for this - split and encode. But I didn't really want to reencode each time.

Downloaded mkvtoolsnix (machomebrew: brew install mkvtoolsnix).

Most tutorials concentrate on mkvmerge gui which I didn't have - just the command line

So - an example:

Just been looking at the usage of the iPhone/iPad app for this year's JavaZone for the actual conference days.

• Yesterday (day 1) we had 820 users
• Today (day 2) we had 716
• Over the two days - the app was started 25631 times
• Unhandled errors causing a full application crash (unable to write to database, some other unexpected state etc) - 6 times.

Sessions divided by model:

Finally got around to upgrading my OpenDS 2.2.0 to OpenDJ 2.4.3.

Clean upgrade - just followed the OpenDJ wiki.

Only change I had to make was from

./bin/rebuild-index -i dn2id -b "dc=example,dc=com"

to

./bin/rebuild-index --rebuildAll -b "dc=example,dc=com"

Rebuilding the dn2id index only left the sync-conflict index for my root backend in degraded mode.

Finally got around to upgrading my OpenDS 2.2.0 to OpenDJ 2.4.3.

Clean upgrade - just followed https://wikis.forgerock.org/confluence/display/OPENDJ/OpenDJ+Installatio...

Only change I had to make was from

./bin/rebuild-index -i dn2id -b "dc=example,dc=com"

to

./bin/rebuild-index --rebuildAll -b "dc=example,dc=com"

Getting rvm rubies to compile with the rvm packages isn't turning out that easy.

First off - you need to get XCode for Lion installed from the App Store (even if you upgraded from Snow Leopard - Lion needs a newer version). In addition - the App Store downloads an XCode installer - you also have to run it to get it installed ;)

So I grabbed the latest rvm:

bash < <(curl -s https://rvm.beginrescueend.com/install/rvm)

This puts up the following message:

Came across this on Pro Git 7.2 Customizing Git Git Attributes

You can use git attributes to allow for customized diff of binary files.

My current additions to my global git config are

git config --global diff.strings.textconv strings
git config --global diff.exif.textconv exiftool

Then in projects (either .gitattributes or .git/info/attributes depending on whether you want it checked in or not):

*. diff = 

For example

Since installing Lion and running two machines in parallel - Lion and Snow Leopard I was getting errors connecting to gmail/google apps IMAP - it kept throwing an incorrect password error.

Finally found this FAQ:

https://mail.google.com/support/bin/static.py?page=known_issues.cs&ki_to...

If you're having this issue - might be worth hitting the FAQ while logged in and hitting the Report button.

I've been annoyed about this for a long time. Forms that simply reject e-mail addresses with a + in them (perfectly valid according to the standards/RFC's - see http://www.faqs.org/rfcs/rfc2822.html 3.2.4 Atom - definition of atext).

Well - we need to add systems that allow you to set a valid e-mail with a + in but then fail.

I finally managed to register my systems profile using Blizzard's battle.net SystemCheck.

I've been trying to do this for a few years - without success - even with help from Blizzard support.

I'd found a lot of info on the net about using symlinks to allow iMovie to see network disks, but this always seemed like too much of an effort.

So this blog post was a real nice find.

Short form - you just need to set a default:

defaults write -app iMovie allowNV -bool true

Setting up calendars to sync from google apps to iOS turned out to be harder than I expected.

I had already set up a gmail iOS mail/cal/contacts account on the iPhone. But that only gets the primary calendar.

Read on to find out how I finally got my secondary calendars onto my iPhone.

By convention I use an rvm gemset per project - named after the directory that the project lives in.

For example src/rails/foo would have gemset foo

Since I switch a lot between machines - I always end up having to go check if the gemset exists and create it if not.

A small bash function (dump it in .bash_profile) and then when in the projects home dir you can just run rvmgo (or if you want a different ruby then e.g. rvmgo 1.8.7) and it will switch to the correct version/gemset creating the gemset if needed.

Note - it will not install a missing ruby.

Updating mac homebrew from 0.7.1 to 0.8 removed the rsync formula that I use to update mac rsync from the supplied 2.x version to 3.x.

This is due to the fact that homebrew doesn't want duplicates of existing software.

However - these are still available from the homebrew-dupes repository.

This is something that has long irritated. Websites that use form validation or similar that rejects e-mail with a + sign in the left part.

Background

Why would you want to? Well - quite a lot of e-mail servers (including gmail - which we'll use for examples here) take:

After update from virtualbox 3.x to 4.x the scroll wheel of my mouse stopped working - just behaved as a three button mouse.

Newer versions of debian no longer have an xorg.conf file - since it's not normally needed.

After some searching I found that it has a config loading directory /usr/share/X11/xorg.conf.d/ and virtualbox had added a 50-vboxmouse.conf there.

I changed this file from

Section "InputClass"
        Identifier      "vboxmouse"
        MatchDevicePath "/dev/vboxguest"
        Driver          "vboxmouse"
EndSection

to

iPhoto '11 from iLife '11 has a new set of e-mail templates for sending photos directly from the application.

However - each time it prompts for your e-mail password and doesn't seem to have a "remember" option.

To fix - open Keychain Access (/Applications/Utilities).

Select login (your login keychain) from the top left Keychains list and Passwords from the lower left (Category) list.

Note to self - when munin shows no services for a node yet all testing (telnet to 4949 from the munin server to the node) etc show OK - check you've spelt the nodename correctly and use the host_name value in the node's munin-node.conf if you need to override it on the node.

Adding hosts to /etc/hosts on Leopard/Snow Leopard is a little simpler than earlier versions (see /etc/hosts on Mac OS X)

• Edit /private/etc/hosts¹
• Run dscacheutil -flushcache