Custom SELinux Port Access

Leave a reply

Apple Web Objects

Tonight I was working on a server that’s going to be running an application that uses the Web Objects framework.

For this to work, Apache’s mod_webobjects adapter needs to be able to make a connection to localhost:1085. But since SELinux is dutifully protecting the system by disallowing Apache from opening TCP connections of its own we need to make an adjustment.

The low-hanging fruit would have been to toggle httpd_can_network_connect to ‘on’ but that would have allowed Apache to connect to any TCP port, not just the one we want. There are more specific SELinux booleans for MySQL and SMTP but we needed something custom that allowed Apache to connect to port 1085 only.

Step 1: Create a New Policy Module

Step 2: Compile Your Module

Run make in the directory where you created your apache_proxy_port_t.te file. You’ll need to have installed the selinux-policy package beforehand though it should be installed by default.

Step 3: Set SELinux to Enforcing (Optional)

If your system can remain safe without SELinux enabled for a moment it makes sense to set it to enforcing temporarily while you load and test your new module. You could get locked out of your system if something went awry.

Step 4: Install Your Module & Activate It

One of the files created in step 2 is the apache_proxy_port_t.pp file. Load it up using semodule. Both semodule and semanage come from the policycoreutils package.

You’ll also want to create another mapping for each of your application instances. Run the same command above with the port number changed (i.e., port 2001).

Step 5: Re-Enable Enforcing

If you’re not seeing any violations and things are running as expected, turn enforcement back on.

TL;DR: If you want to allow your freshly-hijacked Apache server to open TCP connections to any port it likes, toggle the SELinux boolen. If not, use the instructions above.

** Thanks to Mr SELinux himself, Dan Walsh, for his 2007 post on policy customization.

Hydration is Key

Leave a reply

I know that I feel bad if I don’t drink enough water and I also know that I feel pretty good when I do. The problem is drinking enough water consistently throughout the day instead of this guzzling that happens when I’m not busy and this drought that happens when I am.

So, some calculations. This app (yeah, there’s an app for that) says that at my weight I need 187 oz per day. Incidentally, that drops to 121 oz at my goal weight, so I won’t be urinal-bound forever.

That means, if I’m awake from 4 AM until 9 PM, I have 17 waking hours. I usually start the day with a 20 oz of ice water so that’s my start time. If I stick to even hours: 4, 6, 8, 10, 12, 2, 4, 6, 8 that gives me 9 opportunities to kill that 20 oz tumbler with 7 oz left over. At the gym I’m going to go through at least 2, maybe 3 of those, but I’m fairly certain that 187 number needs to be adjusted with activity. So we’ll just leave that 4-6 AM span at a single 20 oz tumbler.

Easy, right? During the even-numbered hours I need to get at least one 20 oz tumbler down. On the odd-numbered hours I can either be too busy to drink anything or slide a little caffeine in there. Good plan, yes? Alright. Go team go.

New Routines

1 Reply

This morning I rolled out of bed, reluctantly, at 4:30 AM. 4:25 AM actually since my phone does this “smart alarm” thing and makes soft tinkling sounds (which I ought to update) with a steadily increasing volume to roust me out of a deep sleep.

I seriously considered going back to sleep but my sleep-addled mind couldn’t come up with any compelling argument. Yesterday morning the thought that sent me back between the sheets was that my clothes had not been previously arranged and it would be too difficult to find all the requisite items in the dark. Unfortunately I had remedied that last night.

Teeth brushed, face washed, glasses on, clothes acquired from my office chair and donned, and out the front door I went with a water bottle, Zumba towel, Kindle Fire, Beats headphones, and car keys.

In the parking lot I checked in on Facebook. I plan to do that everything morning with a steadily increasing ‘Day X. [insert some thoughtful comment here]‘ message. This morning’s was “It doesn’t get any harder than this, right?” My UK pal, Jack chimed in with some encouraging a few minutes later, which I didn’t see until I got home, but really appreciated.

The kid at the front desk was affable and appeared to have his nose in a book. Good for him. The 24 Hour Fitness by our house isn’t as large as the one we normally go to so it has a more personal feel to it. I hope there aren’t that many morning people. I like it when we eventually learn one another’s names.

I ran into a woman who works at the gas station by our house. We had a quick chat before my head went into headphones and I blocked out the world for the next 30 minutes. I had seen Kate Smurthwaite on a youtube clip the other day and decided to grab the entire episode of a BBC show called The Big Questions. This episode was titled: “Is there evidence for God?” It had just started heating up when I’d hit the end of my workout.

On to tomorrow!

Bookshelf Fodder

BooksI love to read but I’m not trying to keep every book I’ve read like they’re trophies. With very few exceptions I don’t go back and re-read old titles either. I have my kindle that I keep loaded with all my favorite subjects so there isn’t much call for the dead-tree versions unless I want to keep them around for reference. Anyone who’s tried to find information in a kindle title knows my pain.

So on to a selection of the books that have won a permanent home on my bookshelf:

On Food and Cooking: The Science and Lore of the Kitchen by Harold McGee
Trying to learn to cook without coming up to speed on the basics is like becoming a mechanic without knowing the difference between the screwdrivers with the tapered ends vs. the star-shaped ends. This book has it all.

The New Dictionary of Cultural Literacy: What Every American Needs to Know
It’s wild how much back story you have to have on American culture to understand English. Is it a good thing to have the wisdom of Solomon? From idioms to ideology, this is a fun read. I just pop it open to a random page and read a bit when I’m waiting for something else.

Perl Best Practices
As a rule I don’t keep technical books anymore. I used to collect O’Reilly’s zoo books but that was back when they were released infrequently for major technologies. Now there’s a new book for every technical niche out there. This is a title that is near and dear to my heart because Perl can be such a mess without some rules.

Guide to Getting It On! A Book About the Wonders of Sex
Okay, you can stop blushing now. When the base of Maslow’s hierarchy of needs includes sex you’d be remiss to not own this title. Warning: this is not a 150 page paperback. It’s thick enough to double as a home invasion deterrent.

Emotions Revealed: Recognizing Faces and Feelings to Improve Communication and Emotional Life
I was a fan of Paul Ekman’s work before he was a consultant on the set of Lie to Me. He pioneered the science of reading faces and designed the FACS (facial action coding system). Because the books he writes have a lot of “compare pictures A and B” you tend to flip back and forth. For this reason it’s dead-tree or go home. Maybe you could do it on a tablet.

How To Win Friends and Influence People
For the longest time this was not available in electronic version and so I kept a copy on my shelf. It looks like it’s had an update recently. I’ll have to check it out.

Photo by Annie Mole

Android Automation

Leave a reply

If you have an Android phone and you’re not using its automation features, you’re missing out on some geek candy. Recently I read up on two options: Tasker by Crafty Apps, Ltd and on{X} by Microsoft. Both apps have a steep learning curve if you’re new to event-driven programming (e.g., if I get a phone call during a busy time on my calendar and the person is in my contacts, send them an SMS message telling them I’ll get back to them ASAP).

First up is Tasker. Once it’s been installed and run the first time you’re given a graphical interface in “beginner” mode. The idea being that you won’t need to use some of the features initially so it doesn’t offer them (variables, projects, and exporting, mainly). Tasker uses two main concepts: profiles and tasks.

Profiles: What’s going to kick off your automation? Is it a phone call? Your phone being plugged into AC power? Firing up your Dropbox app? Is it between the hours of 6am and 2pm? Is it a combination of these things? That’s what you have to decide when you create your profile.

Tasks: What should your phone do when you have an “active” profile? Set your phone to silent mode? Send an SMS message to your girlfriend? Use text-to-speech to announce the current battery level? There are a lot of examples on the Tasker wiki but that’s only a starting point.

The things I’ve automated thus far:

  • Sending a text to Kayla when I turn on airplane mode before a flight (ditto when I land).
  • Turning off mobile data & wifi when I put my phone on a USB charger (no need for email notifications when I’m on my computer).
  • Toggle auto-rotation when launching gallery, dropbox, or web browser.
  • Turn off silent mode when Kayla calls.
  • Disable screen timeout while the navigation app is running.
  • Launch a menu offering to run Netflix/Spotify apps when I plug in headphones without a mic.
  • Set silent mode on during a work meeting or movie.
  • Set silent mode, check my alarm clock, fire up the White Noise app, and lock my display when plugging in AC power.
  • Setting and clearing a %SLEEPY variable during evening hours that the previous rule can check (don’t want those things happening when I plug into the AC in the car).

Next up is on{X}. Unlike Tasker, on{X} development is done on their website, http://www.onx.ms/, and includes a mandatory link to your Facebook account. Once you’ve installed the application and linked it to your account recipes you create are automatically pushed to your phone. Here’s where the learning curve gets extra steep.

All the recipes are written in JavaScript.

You remember writing code to change button images when you hovered over them? It’s just like that. Now instead for the onMouseOver event you’re writing code that triggers on smsReceived. That gives you a lot of flexibility (almost too much) but on{X} does bring a few things to the table that you won’t find in Tasker:

External Feeds: You want your horoscope? How about the current traffic conditions along a series of GPS coordinates? Today’s top news stories? The current weather for the morning? The on{X} team has made these available.

Mode of Transport: “Mode of Transport monitor. Encapsulates the detection of mode of transport. Currently MOT supports these states: ‘atrest’, ‘walking’, ‘driving’, and ‘running’.” (from the on{X} documentation).

Regions: Using Tasker, you can be really specific about how to identify a particular location (cell tower, Net, GPS – or a combination). on{X} uses your most recently MOT (above) to decide what method makes the most sense. Very slick.

All that being said, on{X} still uses JavaScript which means you’re doing complicated datetime parsing if you need to do anything X times from Y hour to Z hour. Tasker makes this effortless. After writing several recipes on each I’m using Tasker for almost everything now. I may dip back into on{X} at some point but it’ll probably only be to dabble.

Girlfriend Not Found

3 Replies

On July 10th, 2012 I proposed to my girlfriend of one year and she said “Are you serious… ?” Once I assured her I was serious she finally did say yes. ;)

I’m not going to tell you how it was done. What fun would that be? Then we wouldn’t have a super-cute story to tell you when we’re having dinner at your house. What I will tell you is that she has already made me incredibly happy and I’m beyond thrilled that she’s agreed to marry me.

Kayla makes me want to be a better person.

I am a better person.

Public Declaration

9 Replies

I’ve had the most success in my life when I’ve chosen my goals, declared them publicly, and then did something (also public) periodically to keep me honest. And so I bring to you, the top ten reasons I am getting fit:

  1. I’m tired of seeing 300+ on the scale.
  2. I want all this hard work in the gym to show.
  3. I never again want to put on a shirt from the closet only to take it right back off again.
  4. Two words: airplane seating.
  5. I know the longer I carry this weight while working out the more damage I’m doing to my back & knees.
  6. I’d love to wear a suit without feeling like I want to die.
  7. I want to be here to support Kayla Marie & spend time with her.
  8. I want to be able to shop anywhere.
  9. I want to be able to meet someone without feeling the need to tell them how much weight I’ve already lost.
  10. I want to be able to play with my kids someday.

Kayla and I weighed in and took measurements. We’ve written down our 10 reasons and we’re going to carry them with us (paper & digital) so we can re-read them whenever we’re having a craving for all that delicious stuff that we’ve turned into habits as of late. If you’re curious about those, I have another list.

  1. YoCream yogurt – this stuff is beyond addicting and you can LAYER it.
  2. Del Taco – we have a standing order and it’s oh-so-delicious; I think their hot sauce is laced with cocaine.
  3. Pizza – the only food for which I have zero portion control.
  4. Muchas Gracias – the Oregon burrito is made of unicorn tears. True story.
  5. Taco Bell – they have five ingredients and yet they keep pulling us in; it defies explanation.

And so we set out to conquer the cravings, to destroy the detritus, and to other bits of alliteration that escape me right now. Take no prisoners!

Bully

Leave a reply

Kayla and I had a chance to catch the documentary Bully while we were in Denver this week. I’ll be honest, it was hard to watch. Thankfully we had the theater to ourselves because as parents and faculty did their impressions of an ostrich I could be heard in the back muttering “are you @#$%ing kidding me… ?”

My name is Steve and I was a victim of bullying. Oddly enough nothing really happened while I was at school that I can remember. There were a couple of incidents during a gym class and in the locker room but it didn’t take long for me to figure out that if I showed up in the locker room before everyone else or after everyone had left I could head those off. It was mostly before and after school. Unfortunately, that was enough.

Here was the situation. There was a bus stop where we lined up our bags and then hung out in small groups. When the bus pulled up we would run back to our spots, put on our backpacks, and then file onto the bus. It’s like riding on Southwest – no assigned seats, but if you get on last you get to stare into the faces of strangers and hope one of them won’t sigh in disgust when you ask if you can sit next to them.

So, easy fix, right? Get there early. Put your bag in the front of the line. Get on first and then you can be as magnanimous as you want about letting folks sit with you. If it were only that easy. Getting there early meant you had to stand there and pray that the groups of kids didn’t turn their attention to you. They always did.

Okay, plan B. Get there, hide out where you can see the bus approaching but the bullies can’t see you, and then run to the line when it pulls up. This works well because you get to avoid the beating you would have caught had you been there early and the bus driver might (and I stress might) intervene if he/she sees something go down. Oh wait, now you’re left walking down the aisle where you get a mixture of “sorry, this seat’s taken” and “if you sit here I’ll [insert threat of bodily harm here].”

I think I went back and forth between the two options depending whether I was up for harassment or alienation that morning.

Coming home was a whole different challenge. The queuing was less complicated – I think they put us on the buses based on our class or something. Once on the bus though, it was all about staring out the window and hoping no one tried to mess with you. That never worked.

There was one instance I remember vividly. Did you ever see Child’s Play? I saw it years later but at the time I had no idea what this kid was going on about. He slipped into the seat next to me and said, “we’re going to be friends to the end! hidey ho! ha ha ha!” He said it over and over again in this creepy high-pitched voice while really pushing me into the wall of the bus. I remember pinching or punching, or something. It was just annoying enough that I was pretty sure it was going to continue once we got off the bus. It did, but that’s where it gets fuzzy.

Dealing with bullies sucked. It needs to stop. I’m reading up on the current projects and am figuring out how I can get involved.

You ready for the hind-sight 20/20 moment? Here it comes. I had two brothers 11 months younger than me. There were three of us. I don’t know of any bully who would have wanted to tangle with the three of us at the same time. For the life of me I can’t remember where they were and why we weren’t together. Ah well, we’ll leave that to the therapist I’ll have one day.

If you haven’t seen the flick, check it out. Take your kids to see it. If you have multiple kids make sure they’re watching out for one another. If one kid is getting bullied and their siblings aren’t doing anything to help them they need to be grounded for eternity. Okay, maybe not eternity, but you get the idea.

Image by: Terry Freedman

Mirror Mirror

5 Replies

Controlling impulses (or even delaying them) can be downright exhausting. If you’re already tired, upset, depressed, or otherwise nonplussed with your current situation it can be even harder. People talk to me all the time about how determined I must have been to lose weight. How dedicated. How inspirational. I’m just not feeling it, folks.

There is some serious ebb and flow to my weight loss efforts. I’ll go from tracking everything and eating evenly balanced meals to a full-blown destructive “oh, M&Ms would go well with this Monster energy drink—wait, peanut M&Ms, yes, more fiber is good…”

As I write this I’m coming off of the latter, big time. I got up this morning and weighed in up 6 lbs from a week ago. Before you start tapping out that comment about how it’s physically impossible to put on that much weight in a week, yes, I know. It’s more than likely the aftermath of overeating and under-hydrating. A couple days of eating normally and drinking water like a fish should put me back in the realm of you-screwed-up-but-not-terribly.

Still, why does it keep happening and why to such an extreme? I bought Hostess Cupcakes at the store last night. Who does that? And my reply to Kayla’s patented Have You Lost Your Mind, Klassen™ look was “what? dessert…”

A friend of mine, @billmdee, asked me what got me off the gaming and into fitness. Well what do 455 lb gaming addicts have in droves? Low self-esteem. Sure, I might have been the best tank (gaming parlance for the leader of the group) on my particular shard of my particular game of choice, but that was easy to do sitting a pair of sweats and an over-sized T-shirt. And it fed that slice on Maslow’s hierarchy of needs—self-esteem, confidence, achievement (can you say quests?), and respect.

Why would I trade that for sweat, pain, embarrassment, and muscle soreness in a Zumba® class and a weight room?

The answers I give for “why Zumba?” and “why do you lift weights?” are valid, sure. They’re even seductive. But people like me with a serious self-esteem void to backfill don’t do things for the valid reasons. We do them to make the pain stop.

So why Zumba? Well it’s a fun workout that incorporates high intensity interval training (HIIT) which keeps the calorie burn high throughout the class. I burn anywhere between 700 and 1000 calories per hour. More when I’m teaching. The truth? Because men don’t typically take Zumba classes it makes me feel unique. I get a lot of attention. That, and the people in the classes look like the ones that wouldn’t give me the time of day when I was growing up and somehow it makes me feel like I’m not the loser I felt like I was then. For a while anyway.

And why lift weights? Lifting weights can be fun after a while, but more importantly it raises your lean mass which raises your basal metabolic rate (BMR) so you’re burning more calories doing all the other activity you do (even sleeping). I want to lose weight and having more muscle helps me do that. The truth? I hate what I see in the mirror. When I lift weights those muscles are sore for a couple of days and if I cycle through them I’m always sore somewhere so I can feel like I’m strong (at least underneath the fat). When I don’t lift weights and can’t feel the muscle soreness I feel especially fat.

I wish I could have offered some epiphany about getting fit. Some pithy quotable quote or other tidbit that you could apply to your own situations and produce the same results I’ve had. I can’t. Losing weight is incredibly hard. It’s like spinning plates on poles. Stop overeating. Move more. There’s no easy way to do it and that’s why these companies who claim to have that magic bullet weight loss solution are going to continue to rake in the profits. We want an easy solution. If it weren’t for vanity I don’t know how many folks would even bother. Is that the reason so many of us don’t eat right and work hard in the gym? I thought lack of vanity was a good thing. I’m sure I read that somewhere.