walkah

New Year, New Blog

2012-01-08T00:00:00-05:00

Almost 9 years ago, following the launch of my first major Drupal project, I converted this site to run the software that has shaped my career (and my life) for past decade. However, much like my career, this site was ready for a change.

Everything old is new again

This site is now powered by (or generated by) Jekyll - not entirely unlike the homegrown set of scripts that generated this site before it moved to Drupal. Jekyll has become hugely popular over the past few years in large part due to Github pages.

I knew I wanted out of the maintenance overhead of having a dynamic site (security upgrades, monitoring comments, etc) and spent a lot of time looking around at the various alternatives. I nearly ended up using Hyde because I'm generally more comfortable in Python than Ruby, but the Jekyll momentum means that there are plenty of resources around for doing things.

My biggest goal was to get back to writing instead of applying updates (and thinking of more efficient ways to apply updates). I have never enjoyed writing in a browser window. In fact, the handful of blog posts I wrote last year were all written/edited in Markdown in Emacs and copied to my site after. The move to Jekyll is to bring me closer to that writing workflow.

While I've never been much of a "blogger" per se, it's clear from looking through my archives that I used to write in this space far more frequently than I do now.

No comments?

You may notice (particularly if you're reading this on my site and not in a feed reader) that I don't have any comments enabled. This is deliberate - a statement if you will. I don't think we (the internet) have figured out how to do "social" - by which I mean conversations - in a good, decentralized, federated way yet. I have a lot of thoughts on this whole topic that I hope to share in a separate post.

The setup

On to the geeky goods! I've spent a little time here and there over the past week figuring out how I wanted things to work and the best way to make it happen. My full site is available on Github, but I thought I'd highlight some important pieces:

First up, was pulling all of my old content out of Drupal. Because walkah.net was running Drupal 7 - the included migrator (which is based on Drupal 6) didn't work. My modified version is in _import. It's specific to my setup, but should be a good starting point for anyone attempting a similar move.

Next, a lot of my site's traffic is generated from per-tag feeds offered by Drupal's taxonomy system. This isn't something that jekyll provides out of the box, so I created a simple plugin to generate tag listing pages and associated feeds.

When you run a Drupal site through as many major versions as I did, things change. As such, I ended up with a bunch of duplicate path aliases. Jekyll, by default, ignores all "dot files" (file with '.' at the start of their name), so I used this hint to include an htaccess file where I keep any redirects/aliases/etc.

Of course, since I wanted to be able to write my posts in Emacs with markdown-mode, I am making use of jekyll.el from Jack Moffit. Creating a new blog post is now M-x jekyll-draft-post!

Finally, I'm using a very simple Rakefile to deploy new blog posts via rsync.

Now I can blog from the place where I do most of my writing (emacs), publishing is a single shell command, and there is 0 maintenance required for my personal blog. Progress!

Now running Drupal 6 and Views 2

2008-08-11T00:00:00-04:00

I finally "re-launched" my blog last night, after tinkering for a few months. I'm now running (at the time of writing) Drupal 6.3. More interesting, however, is that my site is almost entirely powered now by Views 2.

The biggest visible change is the home page. Inspired in part by Dave Shea's lovely blog, I wanted to make my front page shorter. So now, I'm displaying the latest full post, with 9 previous titles only. This is all done with views (using the awesome new "attachment" display type).

The other interesting bit is that I'm using the latest version of twitter module so that the "twitter" block on the right is actually views2 powered as well (and gets cached).

I'm sure I'll keep tweaking, but I dig it. How about you?

Oh noes! walkah got pwned!

2007-05-07T00:00:00-04:00

So, faithful readers, as you may have noticed if you tried to visit this site - I got "hacked". All of the sites hosted here had their index.php files replaced with a defacement message reminding us, amongst other things, that "Hack is not a crime". Since lots of folks have asked - specifically if it was drupal related - and since the information might be generally useful for the internets, I've decided to post a brief recap here.

First off: in a move I'd never seen before, the guys removed *all* log files from the system which makes figuring out exactly what happened pretty darned tricky. In fact, they had removed anything with 'log' in the name - things like logwatch and logrotate binaries were also removed. So, what I say here is largely speculation based on the few remaining traces I found left behind. As such, here is my theory (perhaps the cracking team will be nice enough to post comments with clarifications ;):

The only real clue how they got in was the following in /tmp: drwxr-xr-x 3 www-data www-data 4.0K Apr 28 16:24 .sc/ That might not mean a whole lot - except that the datestamp is right and the directory is owned by www-data : the uid of my apache process. This strongly suggests a web-based exploit. Since pretty much all that runs on my server is Drupal it looks like we've got a problem...

I had an old Drupal 4.4 site still running on this server (sudden-thoughts.com - down until further notice). Drupal 4.4 is susceptible to the (fairly) infamous XML-RPC hole. I had manually removed xmlrpc.php from this site, however, it was back - it looks like in a brain cramp moment by yours truly I had cvs up'ed the directory which brought the file back (as part of my routine drupal site maintenance on my server).

Now, that part is speculation, but a likely guess. Without my apache logs I can't even accurately guess which site was targetted... but 'statistics' module is enabled on most sites and showed nothing suspicious in accesslog or watchdog... thus suggesting xmlrpc as a likely candidate. All other sites run Drupal 4.7 or 5 - with all security updates applied. So, if it wasn't that site, then there is a new remote-execution vulnerability in drupal that we've not yet heard about on the Drupal security team. Possible, but unlikely given that the other glaring hole was available.

Remote code execution is a serious problem, but usually containable from a web application if you run apache as a non-privileged user (as i do). So, how then were they able to overwrite all the index.php files?

My server runs Debian Etch (the latest release) with all security updates applied. So, again, unless they were using 2 un-resolved exploits - it leaves one likely option : the kernel. I was running an old, custom compiled 2.4 kernel - I mean *really* old, from 2003. Said kernel is vulnerable to things like a ptrace exploit for privilege escalation. My theory is that something like this was used to gain root access. From there, they were able to overwrite all index.php files. They also installed the "shv5" rootkit - which modifies a bunch of system binaries (ls, ifconfig, nestat, etc) - detected by both rkhunter and chkrootkit. More information on that available via google.

So, that's my theory and I'm sticking to it. So, is Drupal insecure? No. Not if you're good about running recent, maintained versions and keeping an eye on security announcements. The problem here was more accurately due to lackadaisical administration on my part - both with the drupal version and the stale kernel. I know better ... chalk it up as a "shoemaker's son" scenario.

Thanks to Steven who was the first to notify me (via SMS) that something was up. Of course, other speculations are welcome in the comments :)

Bring on Drupal 5.0!

2006-11-01T00:00:00-05:00

Happy Halloween everyone : Drupal 5 beta1 has been released!

Amongst the several changes in Drupal 5, there is officially a new default core theme. After years and years of looking at bluemarine day after day, my eyes have been granted quite a treat. What's better: the new theme, "garland" comes with "color" module which allows you to easily customize the color scheme used.

To celebrate, I've switched this site to use garland - with the old walkah.net color scheme. Like it?

partitioning

2006-10-16T00:00:00-04:00

i have been considering starting a more personal blog for quite sometime. this blog has become much more tech-centric - to the point where i feel reluctant to post lots of personal stories (stuff about the kids, etc) here. however, i've felt lately like i could use an outlet for the goings on in my personal life.

so, i present to you: james.walkah.net. it won't be for everyone, but if you're family, a friend, or just a fan - check it out. otherwise, stay tuned here for (hopefully more frequent) updates no the geek stuff.

sellout

2004-06-16T00:00:00-04:00

so, i've totally sold out. you probably didn't notice but there are now google ads.. yes ADS! ... in the right column of this fine site. why? well... 'cause i wanted to see what google adsense was like. call it research. call me a sellout. do whatcha like. just click on the links, please ;)

feeling tweaky

2004-04-16T00:00:00-04:00

so, as part of my little posting flurry, i spent some time actually looking at my site. frankly, i don't totally dig it. so, i've been playing around here and there trying to make it look cooler. how am i doing? :)

i did add some funky little status indicators for my IM accounts (over there --->). they actually work too. when they're grey i'm offline, otherwise i'm online. feel free to say 'hi'. the aim status trick i picked up from deanspace. the jabber status is edgar the status bot.

back to fluid

2004-01-29T00:00:00-05:00

so, after briefly flirting with a fixed width design, i've got back a "fluid" layout for this site. thanks mainly to peter at openflows for some good articles on the merits of liquid layouts. i've personally come to the conclusion that both approaches have their own merits, and as usual it's a matter of fitting the design to the application. that said, this blog (imo) looks better liquid - too damned much white space otherwise. besides, not enough people read it to really make a difference ;) as an interesting aside... i also dug up this article discussing "elastic" design (a sort of compromise). looks like an interesting 3rd party.

fixed width design

2004-01-26T00:00:00-05:00

so after reading some fairly convincing articles on fixed width design. i've decided to change this site to use a fixed width. it's supposed to improve readability. survey says?

i hate IE. i hate it a lot.

2003-12-11T00:00:00-05:00

... on all platforms, all versions. over the past 24 hours, i have wasted waaaay too much time trying to fix and/or work around stupid stupid things that internet explorer does. first off, there is the often-discussed, frequently-worked-around lack of support for transparent PNG images in IE on windows. silly me, in playing designer on sudden thoughts, i made some transparent pngs. they, of course, looked like crap in IE and have since been converted to .gifs :( then, there is the idiotic CSS wonkiness that was breaking the otherwise elegant dropdown menus at sudden thoughts. (yes those menus are straight ul's - inspired by this article) finally, adrian pointed out that my own site was broken in IE... since i'm not sure when. anyway, i redid the css to use all absolute positioning and IE seems to be happy for the moment. god i wish everyone would just use real browsers.

back to drupal

2003-11-14T00:00:00-05:00

so, i've gone back to drupal for hosting my site. i'll probably keep it like this for a long time. it's too much work to convert back and forth :P i've also been doing some drupal hacking lately, but more on that later...

trying out gnome-blog

2003-09-12T00:00:00-04:00

so, in an effort to increase my blogging production, i thought i'd try using a blogging utility. thinking at first that i'd probably write one myself (as a chance to play with pygtk), i thought i'd google for an existing one just in case. well, of course, one already exists. so this is my first post with gnome-blog.

seems nice so far anyway...

some site fiddling

2003-07-06T00:00:00-04:00

so, i've been playing around with the site a little bit... playing some more with drupal, and re-arranging some other stuff. most notably, i've seperated my "files" and "gallery" stuff. they're available via links in the right-hand column... but also you can go directly to: http://cvs.walkah.net/ or http://gallery.walkah.net/.

(p.s. i also uploaded 2 - that's right 2! - new pictures from canada day)

(p.p.s. there's a list of my geek toys here)

what? huh? new site?

2003-03-29T00:00:00-05:00

ok... i've been really quiet again. but now i'm back and things have changed. i've redone my site as a drupal site. This means, amongst other things, that i have a decent way to maintain the site above and beyond my normal method. *hopefully* this will result in more frequent posts. but, more importantly, it means that i can take advantage of neat features that other people have written without re-writing them myself. as cool as it is to do that... i've got other things to do.

2 things that I haven't yet incorporated into drupal are:

my pictures... drupal has an "image" module... but converting things is more of a hassle that i'm into right now... but all the pictures are still available in the same old place (linked above)
my file downloads... since most of these are just symlinks to my actual config files, that's much easier for me to maintain outside of drupal.

Long story short... come on in... heck sign up for an account... make comments... get involved. yay.