Change all directories and subdirectories to a specific user and group
find . -type d -exec chown user:group {} +
Change all files in the current directory and all subdirectories to a specific user and group
find . -type f -exec chown user:group {} +
Setting the time zone
dpkg-reconfigure tzdata
Generate a 4096 byte SSH key
ssh-keygen -t rsa -b 4096 -f id_rsa_user -C user
When upgrading, you will first be given the option to customize your installation settings. If you go too fast, you’ll miss it. The customize settings is in small text at the bottom left. Choose that.
Next you will be presented with these screens. Make the choices shown below.
You don’t want Cortana.
Be sure to choose your default apps yourself.
After upgrading, download, install, and run ShutUp10 choosing the recommended settings:
Shutup10: Free antispy tool for Windows 10
Finally, to reclaim your start button you can get this utility. 30 day free trial. Its only $5:
Start10, the first Windows 10 Start menu alternative.
Overall I think Windows 10 is a decent operating system provided you set it up correctly and minimize Microsoft’s spying.
]]>Error: unable to open '{playerglobalHome}/11.1/playerglobal.swc
The fix for this error is to go into the Apache Flex SDK installation directory and do the following.
First you will need the playerglobal.swc file. Currently the only version supported by Apache is 11.1. Download it here: http://fpdownload.macromedia.com/get/flashplayer/updaters/11/playerglobal11_1.swc
Next you’ll want to put it in the location the Apache Flex SDK will be expecting it. On my system, I would do this:
mkdir -p /home/john/apache-flex-sdk-4.15.0-bin/frameworks/libs/player/11.1
With that command, the player/11.1 directories would be created. Now copy the file into the location. Note we are renaming the file in the process:
cp playerglobal11_1.swc /home/john/apache-flex-sdk-4.15.0-bin/frameworks/libs/player/11.1/playerglobal.swc
Now you want to copy the env-template.properties file to env.properties:
cp /home/john/apache-flex-sdk-4.15.0-bin/env-template.properties /home/john/apache-flex-sdk-4.15.0-bin/env.properties
Finally, edit the env.properties file and find the env.PLAYERGLOBAL_HOME setting. Change it to the path that contains the :
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
|
You’re done. To test this you can compile the sample program below.
Use the following command to compile:
mxmlc -compiler.optimize -compiler.as3 FlashVersion.mxml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
|
su - postgres
Assuming you have a database named “mydb”, lets set up a small script in the postgres account. On Ubuntu & Linux Mint the account is in /var/lib/postgresql, and on Red Hat & CentOS you’ll find it in /var/lib/pgsql. For now, lets assume Ubuntu. Here is the script:
1 2 3 4 5 6 7 8 9 10 11 |
|
Make sure you give your script execute permissions:
chmod 755 db_backup.sh
You also want to create the backups directory where your sql dump will be archived:
mkdir backups
Next you’ll need to set up our postgres credentials in a .pgpass file:
1
|
|
You will need to set the parmissions for .pgpass to 600.
chmod 600 .pgpass
Also, since cron will run as root, you’ll need to copy the .pgpass file over to root’s home directory:
sudo cp .pgpass ~root
Finally, you’ll want to run “crontab -e” as root to schedule when your new backup script will run. This entry will have the system run the script at 00:00:00 every day:
@daily /var/lib/postgresql/db_backup.sh
openssl req -x509 -newkey rsa:2048 -keyout server.key -out server.crt -days XXX
Next set up a keystore, just leave out the CA root file:
openssl pkcs12 -export -in server.crt -inkey server.key -out my_cert.p12 -name tomcat
Next edit Tomcat’s server.xml:
1 2 3 4 5 |
|
Finally, edit Tomcat’s web.xml, at the bottom add a security restraint to force all connections to use HTTP/s:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
|
1 2 |
|
If you choose a JKS keystore, then the easiest thing to do is to create your own key using the keytool. So, to create a JKS keystore from scratch, issue these two commands:
keytool -genkey -keyalg RSA -alias tomcat -keystore my_keystore
This will create the “my_keystore” container, and store within it a self generated key with the alias “tomcat” and you will be good to go after you edit server.xml and web.xml (see below).
FYI if you ever need to delete the certificate, you can do it with this command:
keytool -delete -alias tomcat -keystore my_keystore
Now, lets say you don’t want to use the keytool generated certificate, but you would rather use one from a certificate authority such as CAcert. After deleting the keytool generated certificate, you will want to import your key that we created from cacert.org:
keytool -import -v -trustcacerts -alias cacert -file server.crt -keystore my_keystore
When it comes time to update the cacert certificate, delete first delete the old one from the keystore:
keytool -delete -alias cacert -keystore my_keystore
…and then import the new one as before, Finally, to list the keys in the keystore, issue the following command:
keytool -list -keystore my_keystore
THERE IS JUST ONE PROBLEM. The keytool utility has no facility for simply importing a key! Amazing.
So now what do you do? Well, the easiest solution is to just use a PCKS12 keystore, but you’ll have to tell Tomcat its PCKS12 as Tomcat defaults to JKS. So here is the command:
openssl pkcs12 -export -in server.crt -inkey server.key -out my_cert.p12 -name tomcat -CAfile cacert/root.crt -caname root -chain
1 2 3 4 |
|
In server.xml find the section with the comment “Define a SSL HTTP/1.1 Connector on port 8443” and define the following (around line 90):
1 2 3 4 5 |
|
Next if you want to enable UTF-8 responses, make sure the URIEncoding is properly set (around line 75):
1 2 3 4 |
|
Next, to force re-direction of all HTTP traffic to HTTP/S, you will need to add a security-restraint element at the bottom of the web.xml file. This will be just below the welcome-file-list element and right above the web-app element. The very bottom of your web.xml file should look like this:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
|
First you’ll need a certificate signing request (CSR). To get that you’ll first need a key.
1 2 |
|
During creation of the CSR you will be asked a few questions. You can ignore “Organizational Unit Name”. One you definitely cannot ignore is Common Name. That is your domain, so when asked for common name enter your domain (eg: mydomain.com). You will be asked for “A Challenge Password”. Leave this one blank unless you will be there to type in the password when your web server starts up. In most cases, you won’t be so leave it blank.
Now go to your certificate authority such as CACerts.org. When you generate a new certificate, it will ask you for the CSR. Just cut & paste it into the text area when asked. With that you will be given a new certificate. Place your new certificate and key into the appropriate web server directory. Be sure to give the key 600 permissions, and the key’s group and owner should be the same as the web server. The certificate should have 644 permissions.
]]>1 2 3 4 |
|
You can freely download Windows 10 here:
If you wish to upgrade using a USB or DVD drive:
There are privacy concerns about Windows 10:
Free antispy tools for Windows 10:
This is a list of Microsoft update KB numbers to uninstall based on the articles listed above:
OS Versions | KB Number | Description | To Uninstall | |
---|---|---|---|---|
7 | 2670838 | unknown purpose – can break AERO functionality | wusa /uninstall /kb:2670838 | |
7 | 2977759 | System scanner | wusa /uninstall /kb:2977759 | |
7 | 3035583 | Get Windows 10 nagware program GWX | wusa /uninstall /kb:3035583 | |
7 | 3083710 | Update client, unknown purpose | wusa /uninstall /kb:3083710 | |
8 | 2976978 | unknown purpose | wusa /uninstall /kb:2976978 | |
7, 8.1 | 2505438 | unknown purpose | wusa /uninstall /kb:2505438 | |
7, 8.1 | 2952664 | Microsoft snooping patch – triggers telemetry runs | wusa /uninstall /kb:2952664 | |
7, 8.1 | 3021917 | unknown purpose | wusa /uninstall /kb:3021917 | |
7, 8.1 | 3022345 | Diagnostics and Telemetry tracking service | wusa /uninstall /kb:3022345 | |
7, 8.1 | 3035583 | unknown purpose | wusa /uninstall /kb:3035583 | |
7, 8.1 | 3068708 | Diagnostics and Telemetry tracking service | wusa /uninstall /kb:3068708 | |
7, 8.1 | 3075249 | Diagnostics and Telemetry tracking service | wusa /uninstall /kb:3075249 | |
7, 8.1 | 3080149 | Diagnostics and Telemetry tracking service | wusa /uninstall /kb:3080149 | |
8.1 | 2976978 | System scanner | wusa /uninstall /kb:2976978 | |
8.1 | 3083711 | Update client, unknown purpose | wusa /uninstall /kb:3083711 |
Here are a few of links about Bail-Ins.
So who holds the derivatives now?
What are the troubled banks?
The Texas ratio gives you an idea of the health of a financial institution.
]]>I like what Milton Friedman had to say about government regulation: “If you put the federal government in charge of the Sahara Desert, in 5 years there’d be a shortage of sand.”
]]>I am an eMusic subscriber, but I also run Linux Mint 17.1 as my primary desktop operating system. You may be surprised to learn that eMusic actually does have a Linux version of their download manager available, but they have made it darn near impossible to find it and have no instructions how to use it. If you’re looking for this information, then here it is:
First you’ll need the eMusic download manager. You only need one of these:
Open the file with something like Archive Manager. This will extract the emusic-dlm executable. There is no installer or package. Simply extract it and put it into a folder of your choosing. Mine is in $HOME/emusic
Next, you’ll need to download and set a cookie so your browser will know how to interact with emx files. The emx file is what you’ll download when you download a track or an entire album.
Visit http://www.emusic.com/dlm/install/ to set the cookie
Next, buy a track or album. When the “Your Music Is Now Downloading” screen appears, the browser will prompt a download for “0.emx”. When you open it, the OS should prompt you to choose an application to handle it… choose the emusic-dlm executable you extracted earlier. It should start downloading immediately.
Alternate instructions in case you didn’t find the preceding paragraph useful: After downloading the emx file with your browser, right click on it and choose “Open With…” and then choose “Open with another application”. A new window will pop up. At the bottom you’ll see “use a custom command”. Choose that then click the “Browse”. Find the emusic-dlm app and choose that. Your music should begin downloading right away.
]]>I found this video on YouTube. It is a good reference on how identify these clients and how to (and when not to) deal with them. I am of the opinion that in most cases you’re better off without them.
]]>