David Latham

The Oracle Virtual Machine (OVM) manager exposes a SOAP (wsdl) web-service. At the time of writing this can be found here: (for version 3.2.x) https://<hostname>:7002/ovm/core/wsapi/soap?wsdl You can access this url in your web browser and will be prompted to accept the self signed cert etc.  (There is a way to add a real certificate but that's not what this article is about.) In order to consume this webservice in python, I thought to try out the (now quite old) "suds" library.  Opensuse still ship this library and you can install it with: zypper in python-suds EDIT: I have added the forked library to github here: https://github.com/linuxplayground/suds-sslv3-fork The problem I found was that when trying to connect to the service, I was receiving an exception error around SSL. Here is how it looked... The example code: #!/usr/bin/python from suds.client import Client client = Client(url='https://ovm:7002/ovm/core/wsapi/soap?wsdl') print cli...

I was looking for a way to explain cryptography to my 8 year old son this evening and we devised a simple share key encryption / decryption method.  The key is symmetrical because both sides have the same key  and the same key is used for both encrypting and decrypting. We took a simple ceasar cipher and extended it slightly by creating a stronger key.  Something like this: Plain Text = HELLO WORLD Key = [2, -5, 3, 7] to encrypt we take the positional value for each letter and apply the replacement for the next key bit in turn.  For example: Start at keybit = 1 [2] H = 8, H + 2 = 10, 10 = J keybit = 2 [-5] E = 5, E - 5 = 0 (26), 26 = Z keybit = 3 [3] L = 12, 12 + 3 = 15, 15 = O keybit = 4 [7] L = 12, 12 + 7 = 19, 19 = S Now start at key bit =1  O = 15, 15 + 2 = 17, 17 = Q and so on. So long as the same key is used for decryption the thing works a treat. So I explained that simple key can be made an...

There are a few different options when it comes to managing server-side scripting on a web site. Usually folks use php or perl and even python in many occasions. This blog post is about using python to execute code locally on the server in response to http GET requests. So far you are thinking so what? You are already crafting your comment and it is saying something like, "Google mod_python" or "Google mod_perl". You are right, the best way to do CGI is via mod_perl, mod_php or mod_perl. The problem is user access and chroot. Apache will execute server side scripts as the user / group defined in the main httpd.conf. In my case: apache / apache. Apache will also assume a document root of /var/www/ for scripts (on a Centos 5.5 box) even if the userdir module is in use. My problem was: How to get apache to execute scripts as dave:dave on doc root = /home/dave/. It was critical to get this working because the scripts in question interact with the .gnupg/pubkeyring...

I have an application that I use to monitor data produced by a webservice. This webservice produces a new image ( a .png graph to be precise ) every 15 seconds. Basically I have four cron jobs that execute every minute. Three of these are configured to sleep for 15s, 30s and 45s respectivley. So that's one way to make cron do stuff more often than once a minute. Anyway, I have been using a web browser and some fancy ajax type functions to continuously display this graph and some other JSON data from the webserver every 15 seconds forever. We have a group of people who have the job of watching my graphs and data among a whole bunch of other stuff in case they might provide some alert to a problem. Anyway, I have been wondering, of late, about the reliablility of using a web browser for monitoring. The web browser is not refreshing itself and so I am a little worried that it just kind of get's stuck at times. I think it looses the AJAXIAN plot so to speak. This is why I s...

Following on from my previous post that shows how to verify cd or dvd integrity, I have this following update: The volumeid.sh script now reads the whole isoinfo -d -i from the dvd and pipes it through to md5sum to generate a "signature" that identifies the disk. The thinking here is that it would be near impossible to have have two disk headers that match completely. Even those that share volume ids... For example openSUSE 11.0 i386 and openSUSE 11.0 x86_64 The Verify class now includes checking for more than one row in the database that has the same volume label. ( md5sum result from volumeid.sh ) This is to catch anything that matches for some strange reason. The updated code for all the files is included below. volumeid.sh #!/bin/sh # # small utility to find the md5sum of the isoinfo header information # isoinfo -d -i /dev/cdrom | md5sum | cut -d " " -f 1 verify.sh #!/bin/sh # # Start with verifying CDs # device="/dev/cdrom" checksumtype=$1 #Find de...

I have a requirement to verify by md5sum or sha1sum, CDs or DVDs that I burn - so I wrote a bunch of scripts. I am not saying that this is the best way to skin this particular cat, but it is working. First of all a bit of background info. This stuff only works on Linux because the commands make use of Linux tools such as isoinfo and dd. I am sure Windows command line equivalents exist... I have a mysql database with one table in it that has the following fields: distro_label --- Volume ID of CD or DVD distro_name ---- Name of the CD or DVD hash_type ------ 1 = md5sum, 2 = sha1sum hash_detail ---- Known good md5sum or sha1sum of the particular CD or DVD Here is an example record: distro_label --- Slack11d1 distro_name ---- Slackware 11 Disk 1 hash_type ------ 1 hash_detail ---- a7cfcb4be158beca63af21b3b4dbc69c In case you are wondering how I know the volume id - try this while you have a CD or DVD in your cd / dvd drive: [~]$ isoinfo -d -i /dev/cdrom Requirements T...

Background I have spent most of last night and this afternoon working out how to implement a website for my local LAN that would enable use of my DVD writer from a remote host over a web interface. I need to provide a small web application that can be used to burn ISO images onto CDs or DVDs. The application should also verify the CD or DVD once it has been burnt. Security To start with I needed to find out how to control the CD or DVD burner from the website. There is the small problem of security here. I could not simply add the Apache user access to /dev/sr0 ( the cd device ) because then it is conceivable that anyone or any rouge application might be able to use the Apache service to monkey with my device. I had to provide some kind of abstraction which could authenticate / authorise the request prior to performing it. Python Python is fast becoming my favourite scripting language for working in Linux. It has some very nice libraries that makes things like network programming...