The Sysadmin's Daily Grind: Serendipity
Blog Me Up!
From time to time, sys admin Charly has to leave the beaten track and concern himself with topics outside of his core competency range. When this happens, it's good to have the right tools on hand.
Sometimes even Star Trek's Scotty  can't avoid tasks that are not his specialty, no matter how often he complains, "I'm a mechanic, not a doctor." The solutions he uses to rescue the Enterprise from what feels like hundreds of warp-drive meltdowns are correspondingly unorthodox.
When it comes to tools, Scotty has a clear opinion: "Always use the proper tool. If the proper tool isn't available, use a hammer."
When I'm asked to build websites, I can empathize with Scotty. I'm a sys admin, not a web designer!
The fact that I use vi to produce my HTML code gives the results an ascetic, reduced-to-the-max kind of feel. The code does the job, but the results look pretty bad. Scotty would love me for this.
Sometimes warp factor 1 just isn't enough. Recently, I needed a web page, similar to a blog, that gave users the option of commenting on part of the content. The Serendipity  blog engine is flexible enough to serve as a makeshift CMS, and it guarantees fast results.
S9y, as the Serendipity community likes to abbreviate its favorite product, needs fairly recent PHP packages and a database connection. After you finish unpacking the source files, copy them to a directory on your web server, change to the directory, and then enjoy the installation, which runs perfectly in a browser.
After you finish installing it, S9y looks just like you would expect a blog to look; however, the administrative interface provides a multitude of plugins just waiting for their marching orders (see Figure 1).
Using a couple of plugins, I can easily insert external HTML or PHP code into the page structure. I need this function quite often, for example, to integrate RRD graphs or Nagios results. I added some seasoning in the form of discussion forums, galleries, connectors for a huge number of instant messengers, and dozens of other nice things to have – all of them beamed directly from the plugin directory.
This doesn't mean that I neglected the security side, though. Developer Garvin Hicking's team loves clean code, so much so that they tag plugins with unequivocal warnings if the plugin seems best suited to shooting yourself in the foot.
Lawyer's Best Friend
The commentary system, which is important for my application, has had a double opt-in feature in its Subscribe function since Serendipity 1.4. Unfortunately, clever lawyers have been known to sue because, in their opinions, mails from a commentary thread you subscribe to are the legal equivalent of a newsletter, and you need a double opt-in for newsletters. Scotty would just say: "I'm a mechanic, not a lawyer."
Buy this article as PDF
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.