The Sysadmin's Daily Grind: Serendipity
Blog Me Up!
From time to time, sys admin Charly has to leave the beaten track and concern himself with topics outside of his core competency range. When this happens, it's good to have the right tools on hand.
Sometimes even Star Trek's Scotty  can't avoid tasks that are not his specialty, no matter how often he complains, "I'm a mechanic, not a doctor." The solutions he uses to rescue the Enterprise from what feels like hundreds of warp-drive meltdowns are correspondingly unorthodox.
When it comes to tools, Scotty has a clear opinion: "Always use the proper tool. If the proper tool isn't available, use a hammer."
When I'm asked to build websites, I can empathize with Scotty. I'm a sys admin, not a web designer!
The fact that I use vi to produce my HTML code gives the results an ascetic, reduced-to-the-max kind of feel. The code does the job, but the results look pretty bad. Scotty would love me for this.
Sometimes warp factor 1 just isn't enough. Recently, I needed a web page, similar to a blog, that gave users the option of commenting on part of the content. The Serendipity  blog engine is flexible enough to serve as a makeshift CMS, and it guarantees fast results.
S9y, as the Serendipity community likes to abbreviate its favorite product, needs fairly recent PHP packages and a database connection. After you finish unpacking the source files, copy them to a directory on your web server, change to the directory, and then enjoy the installation, which runs perfectly in a browser.
After you finish installing it, S9y looks just like you would expect a blog to look; however, the administrative interface provides a multitude of plugins just waiting for their marching orders (see Figure 1).
Using a couple of plugins, I can easily insert external HTML or PHP code into the page structure. I need this function quite often, for example, to integrate RRD graphs or Nagios results. I added some seasoning in the form of discussion forums, galleries, connectors for a huge number of instant messengers, and dozens of other nice things to have – all of them beamed directly from the plugin directory.
This doesn't mean that I neglected the security side, though. Developer Garvin Hicking's team loves clean code, so much so that they tag plugins with unequivocal warnings if the plugin seems best suited to shooting yourself in the foot.
Lawyer's Best Friend
The commentary system, which is important for my application, has had a double opt-in feature in its Subscribe function since Serendipity 1.4. Unfortunately, clever lawyers have been known to sue because, in their opinions, mails from a commentary thread you subscribe to are the legal equivalent of a newsletter, and you need a double opt-in for newsletters. Scotty would just say: "I'm a mechanic, not a lawyer."
Buy this article as PDF
HP's annual Cyber Risk report offers a bleak look at the state of IT.
But what do the big numbers really mean?
.NET Core execution engine is the basis for cross-platform .NET implementations.
The Xnote trojan hides itself on the target system and will launch a variety of attacks on command.
Spammers go low-volume, and 90% of IE browsers are unpatched.
Adobe scrambles to release patches for vulnerable Flash Player.
Four-inch-long computer on a stick lets you boot a full Linux system from any HDMI display device.
New statute would require companies to report break-ins to consumers.
Weird data transfer technique avoids all standard security measures.
FIDO alliance declares the beginning of the end for old-style login authentication.