Author: Matt Fahrner

  • Disabling Firefox Resume From Crash

    Though to many it’s handy, personally I find Firefox‘s “Resume from Crash” function, well, annoying.  This function makes it so that if Firefox is killed prematurely that the next time you start it you get an (annoying) popup that asks you if you want to restore the previous state/page(s) that Firefox was viewing.

    I can understand the advantage, particularly if Firefox is crashing a lot, but for me it’s stable and 99% of the time when it’s been killed prematurely it’s because I wanted/expected it to. Even when it isn’t expected, 99% of those times I don’t really care that I lost what I was viewing. So, for 1/100th of a 1/100th of a chance of being useful, it isn’t worth it. Particularly since any time you reboot with Firefox up, it’s going to pop this up the next time you run it.

    Fortunately it’s easy to disable. Simply:

    • Bring up Firefox.
    • Enter “about:config” as a destination URL and go to it.
    • If it warns about the end of the world coming if you touch the configs, say “Ok” and move on.
    • Search for the key “browser.sessionstore.resume_from_crash“. By default this will be set to “true”.
    • Double click on this line. This should switch it from “true” to “false” and should also turn the line to bold.

    Done. You probably want to close the browser or browse to another URL to prevent accidentally messing with anymore items in “about:config”.

    More on “browser.sessionstore.resume_from_crash“, can be found here:

    http://kb.mozillazine.org/Browser.sessionstore.resume_from_crash

    mozillaZine probably being the definitive source of Mozilla project documentation.


  • ICANN to end (finally) domain tasting/kiting

    Domain “tasting” and “kiting“, which are where companies (often registrars) use a loophole in the domain purchase cancellation policy to hold domains without paying for them, are finally heading toward an end. Using “tasting” and “kiting” techniques a huge number of domains that otherwise would be available are held by corporations who essentially “squat” on the domains and collect click through advertising revenue.  The technique is ultimately highly profitable and easily pays for the the difficulties of managing huge swaths of essentially stolen domains.

    Unfortunately those huge swaths of stolen domains are subsiquently not available for general registration for legitimate users. Furthermore since these false registrants currently hold the domain, they can essentially offer them for ransom, even though they don’t actually own them.

    ICANN is now adding fees, though relatively low, that will make it cost prohibitive to kite the domains – no longer can the specious registrants get a full refund. The net effect should be to put an end to the tasting/kiting schemes.

    For those of us who need domains for legitimate uses, corporate or otherwise, this is great news.

    More can be found here.


  • My LinkedIn profile

    Of all the networking sites, LinkedIn appears to be about the most useful. Here’s the link to my personal profile:

    http://www.linkedin.com/in/mattfahrner

    Not that there is that much there to see about me.


  • Forget the stores…

    If you’re looking for a new laptop, clearly the place to go is the airport!

    Over 637,000 served!


  • Custom Google RedHat Kickstart List search engine

    Michael DeHaan at RedHat has created a custom Google “search engine” to search the RedHat Kickstart List archives (the RedHat mailing list “kickstart-list@redhat.com“). It looks pretty handy to not have to use other perhaps more painful tools (or get too much noise):

    http://www.google.com/coop/cse?cx=016811804524159694721%3A1h7btspnxtu

    This whole idea of custom Google Search Engines (which appears to be in “beta” right now) is pretty cool. More on that can be found here:

    http://www.google.com/coop/cse

    Definitely will have to try to create a few of my own…


  • Handy “Mozilla” backup page

    If you want to back up your Mozilla settings, whether it be Firefox or Thunderbird, this is a very hand page:

    http://kb.mozillazine.org/Migrating_settings_to_a_new_profile

    I had actually figured out most of these, but it help me catch a few I might have otherwise missed.


  • CrossLoop – secure remote access

    A friend of mine showed me what looks like a nice (free) secure remote access solution for visually managing a remote PC:

    http://www.crossloop.com

    It’s based on TightVNC and therefor has the advantage of using encryption on the control session, helping reduce the risk of prying eyes. It also has a pretty cool way of letting the user choose to delegate or not delegate control by reading you a generated key. In particular it looks pretty handy to maybe manage those pesky (note, I’m smiling when I say that) friends and family when they get into trouble.

    Definitely worth looking into. From what I undestand it works on both Unix and Windows.


  • SUSE Linux Enterprise in the Americas Blog

    Here’s a potentially interesting Novell SUSE blog where you might expect a little more “off the cuff” information from the SUSE development teams:

    http://opsamericas.com

    There seem to be some interesting articles about a range of things including licensing, desktop lockdown, how to add/update drives to AutoYast etc…


  • Fedora 8, NIS (or LDAP), and “gdmgreeter”

    One major issue with Fedora 8 in shops that use a network user repository like NIS or LDAP is “gdmgreeter” breaks (note “gdmgreeter” is the Fedora replacement for XDM). The symptom is X11will fail repeatedly and not come up. In that case you will also see errors like this in “/var/log/messages”:

    What is going on here is that by default on Fedora 8, “gdmgreeter” wants to iterate all the possible users on the system to offer them up on the “greeter” window. Unfortunately it seems to have a bug and when you’re using something like NIS or LDAP as your authentication store, it blows up. My guess is that it has a finite array for storing the user list and doesn’t do bounds checking.

    Regardless it doesn’t really matter why. The solution is you have to go into the “gdmgreeter” configs and disable this new functionality. However, that isn’t very simple because to do so you need to get the “gdmgreeter” control panel up, and to do that you need X11 up and of course you can’t get X11 up with this broken.

    The answer is to temporarily disable NIS/LDAP support in the “/etc/nsswitch.conf” by changing the “passwd” entry to just read “files”, eg:

    Then restart the computer (or “telenit 3” followed by “telenit 5” to switch out and back into graphical mode). This will at least let you log in under X11 (though you’ll probably have to do it as “root” since you’ve removed the network authentication option from “nsswitch.conf”).

    Once logged in, assuming you are using Gnome not KDE, start the menu item:

    System / Administration / Login Window

    Select the “Users” tab and deselect the checkbox for:

    the select “Close”. After that is done you can re-add back the NIS/LDAP “nsswitch.conf” entry, eg:

    Note that I have no idea why having an option labeled “Include all users from /etc/passwd (not for NIS)” checked would in fact turn on the NIS when it seems to clearly imply that that’s exactly what it does not do by the text, but in opposite world apparently it does.

    Oh well, we all make mistakes. Hope that helps.


  • Fedora Core 6-isms

    While in the organizations I have sway over we are working to rid ourselves of older out of maintenance OSes, I do occasionally run into some Fedora Core 6. When I do there are a couple of minor hacks you regularly have to do to make things work (note these are after applying the latest “yum” updates).

    First of all, if using LDAPS with the “uri” specification in the “/etc/ldap.conf”, even though you’ve specified “LDAPS” it’s too dumb to use the correct port. Thus, a line like this:

    uri ldaps://myldapserver.mydomain.com

    has to become:

    uri ldaps://myldapserver.mydomain.com:636

    Why the redundant “:636” is needed I don’t know. It also seems to affect a few later versions of Fedora as well. It does not seem to effect SLES 10.

    Another Fedora Core 6-ism, is if you’re using automount. In that case you need to add:

    OPTIONS=”-Onosharecache”

    to the “/etc/sysconfig/autofs” settings. Without it automount breaks for no apparent reason (well it is actually apparent, it was a “nfs-util” bug). Later versions of Fedora do not suffer from this issue.


  • Good RPM documention

    Good documentation for maintaining/creating Linux RPMs is difficult to find. This Wraptastic site seems to have so good stuff:

    http://wraptastic.org

    It appears official, but it’s hard to say since the site seems to lack an “about” to key off of.

    In a related line, these two RedHat sites seem to have copies of the “Maximum RPM” book in electronic format:

    I have an older printed version and it goes a long way, but not quite enough, to figure out how RPMs work.


  • How to “fix” a Mozilla plugin for a new Firefox

    Ok, lets you’re using a great Firefox plugin, like say “QuickProxy” and you go to upgrade Firefox and it doesn’t work because it says the plugin doesn’t support this version of the Firefox.

    Well, there’s an easy “hack” (kludge, whatever) around it:

    • Download the “.XPI” plugin file, rename it to a “.ZIP” extension.
    • Unzip it to a temp directory.
    • Edit the “install.rdf” file.
    • Search for the “install.rdf” file for the “MaxVersion” XML attribute and change the version to a version greater than or equal to the version of Firefox you’re running.
    • Save the “install.rdf”.
    • Zip all the files in the “.XPI” back together again including the “install.rdf” you just edited (will be a “.ZIP” file of course).
    • Rename the “.ZIP” file back to a “.XPI” file.
    • Open the Firefox and go to “Tools / Add-ons” and just “drag and drop” your new “.XPI” file on the window (note at least in Firefox 3 you can just drop it anywhere in the view pane even without going to “Tools / Add-ons”).

    That’s it. Note it may or may not work as there could really be an incompatibility. My guess is usually there isn’t (neither QuickProxy nor Exif Viewer had an issue when I fudged them).

    Note this was taken from Mr. Sandman’s review of QuickProxy here:

    https://addons.mozilla.org/en-US/firefox/reviews/display/1557

    and I assume it will probably work with all other Firefox plugins.


  • And this is why security REALLY matters…

    Imagine if you went to file your income tax return, only to find out that someone had already filed it and gotten your refund:

    http://csoonline.com/article/381513/UnitedHealthcare_Data_Breach_Leads_To_ID_Theft

    That is exactly what happened to 155 graduate and medical students of UC Irvine who were victims of identity after UnitedHealthcare’s (the provider of their medical insurance) records were breached.

    Too many IT professional don’t see security in real terms. This is a great example of a very real effect. I can tell you, I would be pissed (er, technical term there)!


  • How to create a mini-boot CD for SLES 10 SP1

    If you have an older system that doesn’t have an internal DVD but you do have an external USB DVD, here’s how to build a CD to boot from. This will probably work with any version of SLES 10:

    1. Boot Linux and mount the SLES 10 DVD.

    This will leave a “/tmp/mini-boot.iso” that you can burn to a CD using your favorite CD burning software (eg: “k3b -cdimage /tmp/mini-boot.iso”, Nero, or Roxio).

    Note that it will initially say it cannot find the media, but when you say “try again”, it will find the DVD.


  • Bill Gates retires?

    A “kind of” funny video about Bill Gates “retirement”:

    http://www.youtube.com/watch?v=Xr5w3X4R8b4

    It’s perhaps a little too self aware and woody but still worth watching.

    Of course if you’re a bit of an Open Source person like myself, you might also enjoy this:

    http://strom.wordpress.com/2008/05/31/giving-thanks-to-bill-gates

    It has a little “bite” shall we say though.


  • Pretty cool Google tool…

    I’m not sure how useful this would actually be in practice, but this “Goosh” or “Google Shell” is a pretty neat trick:

    http://goosh.org

    which is an unofficial command line tool to access Google.

    For those of us Unix types, it’s fun to see it presented this way, though as noted I’m not sure how useful it really is…


  • IT Acronym Hell

    Whenever I enter IT acronym hell (SOA, ITIL, IPAM, ETL, etc, etc…) I always think of this quote:

    “Excuse me, sir. Seeing as how the VP is such a VIP, shouldn’t we keep the PC on the QT? ‘Cause if it leaks to the VC he could end up MIA, and then we’d all be put on KP.”

    – Robin Williams playing Adrian Cronauer, Good Morning Vietnam


  • BIND DNS “replacement” released

    NLnet Labs, Verisign, Nominet, and Kerei have announced the release of a new DNS server to potentially replace ISC’s BIND:

    http://www.unbound.net/

    Built from the ground up, it’s supposed to be faster and more secure, in part supporting DNSSEC out of the box.

    Of course as with all new software, it remains to be seen if some major flaws/holes are found in it. This is where older software typically has an advantage, despite any claims otherwise, since “trial by fire” is usually where the major issues are found. At the organizations where I hold sway, we will probably delay any possible implementation, letting others work through the issues first.


  • Email obfuscation in HTML

    One of the problems with posting your email is that there are programs that troll the web for email addresses for SPAM uses.

    This site:

    E-mail Obfuscator

    does a quick conversion of your email address into HTML that most of these programs can’t or won’t read, hopefully allowing you to post your email and avoid getting targeted for SPAM. The code even posts successfully into WordPress.

    Unfortunately the spammers will probably just get smarter, but it’s worth a try…